Qoobox
 
  Tweaks.com
 Home    Members    Calendar    Who's On    
Search
    Main Site
 


Home » Windows & System Security » Virus / Spyware Problems and Security... » Qoobox

14 posts, Page 1 of 2
12»»

QooboxExpand / Collapse
Rate Topic
Display Mode
Topic Options
Author
Message
Tremor
Posted 9/23/2006 3:43 PM


New Member

New MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew Member

Group: Forum Members
Last Login: 4/10/2008 6:37 PM
Posts: 92, Visits: 180
Hi, can anyone give me any info on Qoobox, please? I can't find much on the net about it.

Cheers

Post #208854
RichieUK
Posted 9/23/2006 4:06 PM


Senior Forum Moderator

Senior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 28,169, Visits: 54,734
Download Combofix: http://download.bleepingcomputer.com/sUBs/combofix.exe
and save it to your desktop.
1. Double click on combo.exe and follow the prompts.
2. When finished, it will produce a logfile located at C:\ComboFix.txt.
3. Post the contents of that log back here please.

__________________________________________________


ASAP & UNITE member since 2006





Firefox 3
Post #208856
Tremor
Posted 9/24/2006 7:09 AM


New Member

New MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew Member

Group: Forum Members
Last Login: 4/10/2008 6:37 PM
Posts: 92, Visits: 180
Stan - 06-09-24 13:01:13.48    Service Pack 2
ComboFix 06.09.21 - Running from: "C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Desktop"

(((((((((((((((((((((((((((((((   Files Created from 2006-08-23 to 2006-09-23  ))))))))))))))))))))))))))))))))))
 

2006-09-22 07:39 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2006-09-22 07:39 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2006-09-22 07:39 3,440 --a------ C:\WINDOWS\undo.reg
2006-09-22 07:39 3,440 --a------ C:\WINDOWS\undo.reg
2006-09-22 02:09 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2006-09-22 02:09 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2006-09-04 16:31 1,158,670 --a------ C:\sarsfx.exe
2006-09-04 16:31 1,158,670 --a------ C:\sarsfx.exe
2006-09-03 15:58 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-09-03 15:58 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-09-03 15:58 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-09-03 15:58 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-09-03 15:58 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-09-03 15:58 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-09-03 08:05 154 --a------ C:\fix.reg
2006-09-03 08:05 154 --a------ C:\fix.reg
2006-08-26 20:02 244,240 --a------ C:\WINDOWS\unicows.dll
2006-08-26 20:02 244,240 --a------ C:\WINDOWS\unicows.dll
2006-08-24 21:24 <DIR> d-------- C:\WINDOWS\McAfee.com
2006-08-24 21:24 <DIR> d-------- C:\WINDOWS\McAfee.com
2006-08-24 19:20 73,728 --a------ C:\WINDOWS\system32\pv.exe
2006-08-24 19:20 73,728 --a------ C:\WINDOWS\system32\pv.exe
2006-08-24 19:20 39,184 --a------ C:\WINDOWS\system32\Ntrights.exe
2006-08-24 19:20 39,184 --a------ C:\WINDOWS\system32\Ntrights.exe
2006-08-24 19:20 175,616 --a------ C:\WINDOWS\system32\strings.exe
2006-08-24 19:20 175,616 --a------ C:\WINDOWS\system32\strings.exe
2006-08-24 19:20 16,384 --------- C:\WINDOWS\system32\restart.exe
2006-08-24 19:20 16,384 --------- C:\WINDOWS\system32\restart.exe
2006-08-24 19:20 126,976 --a------ C:\WINDOWS\system32\zip.exe
2006-08-24 19:20 126,976 --a------ C:\WINDOWS\system32\zip.exe
2006-08-24 19:20 11,254 --a------ C:\WINDOWS\system32\locate.com
2006-08-24 19:20 11,254 --a------ C:\WINDOWS\system32\locate.com
 

((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-09-24 13:02 -------- d-------- C:\Program Files\Prevx1
2006-09-24 12:06 -------- d-------- C:\Program Files\WorldCommunityGrid
2006-09-24 11:26 -------- d-------- C:\Program Files\Spyware Terminator
2006-09-24 00:05 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\uTorrent
2006-09-23 22:58 -------- d-------- C:\Program Files\Dan Elwell's Broadband Speed Test
2006-09-23 22:56 2144194 --a------ C:\Program Files\bbst30316.exe
2006-09-23 21:33 -------- d-------- C:\Program Files\HijackThis
2006-09-23 20:47 -------- d-------- C:\Program Files\Arovax AntiSpyware
2006-09-23 19:08 -------- d-------- C:\Program Files\uTorrent
2006-09-23 17:42 -------- d-------- C:\Program Files\IncrediMail
2006-09-23 13:03 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\Simply Super Software
2006-09-23 12:42 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\Warez
2006-09-22 18:13 2017032 --a------ C:\Program Files\spyware_remover.exe
2006-09-22 18:13 -------- d-------- C:\Program Files\Innovative Solutions
2006-09-22 18:09 3061888 --a------ C:\Program Files\aas_2.0_setup_65.exe
2006-09-22 05:29 507830 --a------ C:\Program Files\speedtest32.chm
2006-09-22 05:25 1044168 --a------ C:\Program Files\VBRun60sp5.exe
2006-09-22 05:23 936974 --a------ C:\Program Files\bbstocx.exe
2006-09-22 04:16 1630 --a------ C:\Program Files\aswB.log
2006-09-22 01:58 -------- d-------- C:\Program Files\Common Files\Wise Installation Wizard
2006-09-21 13:40 -------- d-------- C:\Program Files\Common Files
2006-09-21 02:00 -------- d-------- C:\Program Files\Windows Media Player
2006-09-21 01:52 -------- d-------- C:\Program Files\WMP 11
2006-09-20 16:36 76560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2006-09-19 23:23 -------- d-------- C:\Program Files\Yahoo!
2006-09-19 03:26 -------- d-------- C:\Program Files\SpywareBlaster
2006-09-19 02:09 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-09-18 18:57 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\Mozilla
2006-09-16 23:42 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\Adobe
2006-09-08 11:19 7552 --a------ C:\WINDOWS\system32\drivers\pxcom.sys
2006-09-08 11:19 266112 --a------ C:\WINDOWS\system32\drivers\pxfsf.sys
2006-09-08 11:19 18432 --a------ C:\WINDOWS\system32\drivers\pxtdi.sys
2006-09-08 11:19 11648 --a------ C:\WINDOWS\system32\drivers\pxscrmbl.sys
2006-09-08 11:19 100864 --a------ C:\WINDOWS\system32\drivers\PxEmu.sys
2006-09-06 11:12 -------- d-------- C:\Program Files\Lavasoft
2006-09-06 11:12 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\Lavasoft
2006-09-05 17:58 -------- d-------- C:\Program Files\Sunbelt Software
2006-09-05 16:21 -------- d-------- C:\Program Files\Hoster
2006-09-05 16:12 -------- d-------- C:\Program Files\CleanUp!
2006-09-05 15:25 -------- d-------- C:\Program Files\Regseeker
2006-09-05 15:24 234855 --a------ C:\Program Files\hoster.zip
2006-09-05 15:22 358545 --a------ C:\Program Files\RegSeeker.zip
2006-09-05 15:21 339099 --a------ C:\Program Files\CleanUp451.exe
2006-09-04 20:03 -------- d-------- C:\Program Files\Kaspersky Lab
2006-09-04 19:59 -------- d-------- C:\Program Files\ESET
2006-09-04 19:54 13900680 --a------ C:\Program Files\kav6.0.0.303en.exe
2006-09-04 12:10 -------- d-------- C:\Program Files\Common Files\Panda Software
2006-09-03 23:23 30117656 --a------ C:\Program Files\P07promo.exe
2006-09-03 22:20 -------- d-------- C:\Program Files\Registry Clean Expert
2006-09-03 22:05 -------- d-------- C:\Program Files\Internet Explorer
2006-09-03 16:56 -------- d---s---- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\Microsoft
2006-09-03 16:19 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-09-01 19:07 17 --a------ C:\Program Files\stng260.opt
2006-09-01 04:53 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\Opera
2006-08-31 19:21 -------- d-------- C:\Program Files\Winamp
2006-08-31 19:09 6206440 --a------ C:\Program Files\winamp524_full_emusic-7plus.exe
2006-08-28 04:58 -------- d-------- C:\Program Files\QuickTime
2006-08-28 04:48 -------- d-------- C:\Program Files\QuickTime Alternative
2006-08-28 04:32 22083376 --a------ C:\Program Files\QuickTimeInstaller.exe
2006-08-27 23:21 -------- d-------- C:\Program Files\flvconvertor
2006-08-27 23:18 -------- d-------- C:\Program Files\FLVPlayer
2006-08-27 23:17 1181812 --a------ C:\Program Files\flvplayer_setup.exe
2006-08-27 14:12 -------- d-------- C:\Program Files\FastDefrag
2006-08-27 00:00 42496 --a------ C:\WINDOWS\system32\ftp.exe
2006-08-27 00:00 16896 --a------ C:\WINDOWS\system32\tftp.exe
2006-08-26 19:46 5706384 --a------ C:\Program Files\av71_en.exe
2006-08-24 22:33 186880 --a------ C:\Program Files\LSPFix.exe
2006-08-24 21:59 7799000 --a------ C:\Program Files\kerio.exe
2006-08-24 20:48 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\Prevx
2006-08-24 20:42 8281713 --a------ C:\Program Files\InstallPREVX102000060.exe
2006-08-24 19:48 403072 --a------ C:\Program Files\aswclnr.exe
2006-08-24 19:20 -------- d-------- C:\Program Files\l2mfix
2006-08-24 11:55 13568 --a------ C:\WINDOWS\system32\drivers\pxrd.sys
2006-08-24 09:24 2345072 --a------ C:\Program Files\SpywareTerminator.exe
2006-08-24 00:39 7448056 --a------ C:\Program Files\sdsetup.exe
2006-08-23 23:56 448487 --a------ C:\Program Files\l2mremover.zip
2006-08-23 23:51 13726 --a------ C:\Program Files\kill2me.zip
2006-08-23 21:50 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-08-23 21:47 -------- d-------- C:\Program Files\MSN Messenger
2006-08-23 20:10 2855080 --a------ C:\Program Files\aawsepersonal.exe
2006-08-23 18:09 10437506 --------- C:\Program Files\hss-6[1].5.23-win-compact.zip
2006-08-23 17:58 3484072 --------- C:\Program Files\Windows-KB890830-V1.19.exe
2006-08-22 02:47 0 --a------ C:\CONFIG.SYS
2006-08-22 02:47 0 --a------ C:\AUTOEXEC.BAT
2006-08-21 22:12 -------- d-------- C:\Program Files\ewido anti-malware
2006-08-21 17:37 10807594 --a------ C:\Program Filesentenst.exe
2006-08-21 17:12 -------- d-------- C:\Program Files\CDBurnerXP Pro 3
2006-08-21 17:00 -------- d-------- C:\Program Files\Windows NT
2006-08-21 13:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-21 10:14 128896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-20 20:36 1468464 --------- C:\Program Files\ccsetup132.exe
2006-08-20 18:52 40274 --a------ C:\Program Files\roxizap.exe
2006-08-19 19:36 514915 --a------ C:\Program Files\aspi_471a2.zip
2006-08-17 20:49 -------- d-------- C:\Program Files\Raxco
2006-08-17 20:49 -------- d-------- C:\Program Files\Common Files\Raxco
2006-08-17 20:48 6527448 --a------ C:\Program Files\pd70ds.exe
2006-08-16 17:13 -------- d-------- C:\Program Files\WinTaskPro
2006-08-14 00:31 -------- d-------- C:\Program Files\WinRAR
2006-08-12 20:36 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\MetaCafe
2006-08-12 19:29 -------- d-------- C:\Program Files\brrce423
2006-08-12 18:16 -------- d-------- C:\Program Files\Abexo
2006-08-12 18:15 -------- d-------- C:\Program Files\Abexo1
2006-08-08 20:11 -------- d-------- C:\Program Files\LiveUpdate
2006-08-07 10:14 1658532 --a------ C:\Program Files\flvconvert.zip
2006-08-07 03:03 -------- d-------- C:\Program Files\Zspoof
2006-08-07 02:50 162781 --a------ C:\Program Files\zspoof.zip
2006-08-07 02:45 173688 --a------ C:\Program Files\tscc.exe
2006-08-06 14:27 -------- d-------- C:\Program Files\DivX
2006-08-06 14:25 15149416 --a------ C:\Program Files\DivXInstaller.exe
2006-08-05 10:01 25992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe
2006-08-05 09:59 -------- d-------- C:\Program Files\PageDefrag
2006-08-05 09:57 47363 --a------ C:\Program Files\PageDefrag.zip
2006-08-04 16:37 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2006-08-04 16:37 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2006-08-03 07:28 -------- d-------- C:\Program Files\HDD Health
2006-08-02 16:16 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\Registry Booster
2006-08-01 15:15 -------- d-------- C:\Program Files\Metacafe
2006-08-01 02:44 651896 --a------ C:\Program Files\Metacafe4Windows.exe
2006-07-30 06:40 -------- d-------- C:\Program Files\Outpdate
2006-07-30 06:10 -------- d-------- C:\Program Files\Ad-Aware SE Professional (the real edition)
2006-07-30 04:52 12574 --a------ C:\Program Files\IncrediMail_XE_build_884-888-894-908-912_Fixed.zip
2006-07-30 04:46 1167 --a------ C:\Program Files\IncrediMail_XE_Premium_build_3501687.zip
2006-07-30 02:12 4998012 --a------ C:\Program Files\cureit.exe
2006-07-30 01:38 -------- d-------- C:\Program Files\DVT
2006-07-29 23:03 -------- d-------- C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\DeepBurner
2006-07-29 22:55 2863832 --a------ C:\Program Files\DeepBurner1.exe
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-07-29 02:24 -------- d-------- C:\Program Files\BeamFile
2006-07-28 19:22 1064736 --a------ C:\Program Files\VB6.0-KB290887-X86.exe
2006-07-28 18:53 -------- d-------- C:\Program Files\Online Services
2006-07-27 14:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-27 03:05 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2006-07-26 18:42 -------- d-------- C:\Program Files\Common Files\GTK
2006-07-22 15:29 2387351 --a------ C:\Program Files\rmconverter.exe
2006-07-21 09:24 72704 --a------ C:\WINDOWS\system32\hlink.dll
2006-07-18 14:04 153198 --a------ C:\Program Files\MSWINERR.ZIP
2006-07-18 01:10 560892 --a------ C:\Program Files\SHREDDER.ZIP
2006-07-18 01:07 342 --a------ C:\Program Files\File_Shredder_2000_v4.1.zip
2006-07-18 01:00 30785 --a------ C:\Program Files\File_Shredder_2000_v3.0_by_Eminence.zip
2006-07-17 23:54 611932 --a------ C:\Program Files\uTorrent-1.6-install.exe
2006-07-10 15:43 5503 --a------ C:\Program Files\spysweeperCrack.zip
2006-07-10 03:23 61146 --a------ C:\Program Files\DefragNT190.zip
2006-07-08 20:20 45568 --a------ C:\Program Files\ATF-Cleaner.exe
2006-07-08 19:14 189920 --a------ C:\Program Files\msicuu2.exe
2006-07-08 01:50 811520 --a------ C:\Program Files\xcleaner_free.exe
2006-07-04 10:40 11169936 --a------ C:\Program Files\setupeng.exe
2006-07-04 10:15 2810032 --a------ C:\Program Files\Shockwave_Installer_Slim.exe
2006-07-03 22:40 778240 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-07-03 22:40 778240 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-07-03 22:40 761856 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-07-03 22:40 620180 --a------ C:\WINDOWS\system32\DivX.dll
2006-07-02 09:56 52461 --------- C:\Program Files\delcwssk.zip
2006-07-02 01:44 670696 --------- C:\Program Files\StarterSetup.zip
2006-07-01 01:34 154114 --------- C:\Program Files\alcanshorty_en.exe
2006-06-30 18:18 350891 --------- C:\Program Files\l2mfix.exe
2006-06-30 14:37 7246750 --------- C:\Program Files\ewido-signatures-full-current.exe
2006-06-30 14:31 8405024 --------- C:\Program Files\ewido-setup_4.0.0.172a.exe
2006-06-27 12:47 21064 --a------ C:\Documents and Settings\Stan.STAN-TWFGFBNJQK\Application Data\GDIPFONTCACHEV1.DAT
2006-06-26 18:37 148480 --a------ C:\WINDOWS\system32\dnsapi(2).dll
2006-06-23 03:51 73728 --------- C:\Program Files\killbox.exe
2006-06-23 03:44 2566736 --------- C:\Program Files\spywareblastersetup351.exe
2006-06-23 03:06 39424 --------- C:\Program Files\zipinst.exe
2006-06-09 15:51 14012 --------- C:\Program Files\IEFix.zip
2006-06-01 22:13 1676849 --------- C:\Program Files\BeamFile.exe
 

((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))
 
*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegClean Expert Scheduler"="\"C:\\Program Files\\Registry Clean Expert\\RCHelper.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"
"SpywareTerminator"="\"C:\\Program Files\\Spyware Terminator\\SpywareTerminatorShield.exe\""
"PrevxOne"="\"C:\\Program Files\\Prevx1\\PXConsole.exe\""
"kav"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runot active]
"\"c:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"="\"c:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"NoDispAppearancePage"=dword:00000000
"NoColorChoice"=dword:00000000
"NoSizeChoice"=dword:00000000
"NoDispBackgroundPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoVisualStyleChoice"=dword:00000000
"NoDispSettingsPage"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\Shell]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000
"NoViewOnDrive"=dword:00000000
"NoLogoff"=dword:00000000
"NoWindowsUpdate"=dword:00000000
"StartMenuLogOff"=dword:00000000
"ForceClassicControlPanel"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoChangeKeyboardNavigationIndicators"=dword:00000000
"NoSharedDocuments"=dword:00000001
"NoSMConfigurePrograms"=dword:00000001
"NoRecentDocsMenu"=dword:00000001
"LinkResolveIgnoreLinkInfo"=dword:00000000
"NoActiveDesktop"=dword:00000000
"NoSaveSettings"=dword:00000000
"ClassicShell"=dword:00000000
"NoThemesTab"=dword:00000000
"ForceActiveDesktopOn"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"NoInternetOpenWith"=dword:00000001
"DisableCAD"=dword:00000001
"DisableTaskMgr"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoRemoteRecursiveEvents"=dword:00000001
"ClassicShell"=dword:00000000
"LinkResolveIgnoreLinkInfo"=dword:00000000
"NoResolveSearch"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000000
"NoActiveDesktopChanges"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
"{10BC8BC0-0480-2057-1028-04110503002c}"="\"c:\\Program Files\\Spybot - Search & Destroy\\Update.exe\" mc-110-12-0000169"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
"{10BC8BC0-0480-2057-1028-04110503002c}"="\"c:\\Program Files\\Spybot - Search & Destroy\\Update.exe\" mc-110-12-0000169"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Microsoft Office.lnk]
"location"="Common Startup"
"command"="C:\\PROGRA~1\\MICROS~2\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Tiscali NetPhone]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Tiscali NetPhone"
"hkey"="HKCU"
"command"="C:\\Program Files\\Tiscali\\NetPhone\\Tiscali NetPhone.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\services]
"WZCSVC"=dword:00000003
"WmiApSrv"=dword:00000003
"Wmi"=dword:00000003
"VSS"=dword:00000003
"RDSessMgr"=dword:00000003
"RasAuto"=dword:00000003
"PolicyAgent"=dword:00000002
"NtLmSsp"=dword:00000003
"Netlogon"=dword:00000003
"MSIServer"=dword:00000003
"mnmsrvc"=dword:00000003
"ImapiService"=dword:00000003
"HTTPFilter"=dword:00000003
"HidServ"=dword:00000002
"FastUserSwitchingCompatibility"=dword:00000003
"CryptSvc"=dword:00000003
"AppMgmt"=dword:00000003


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ  msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

 
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job
 
Completion time: 24/09/2006 13:07:16.84
ComboFix.txt

Post #208894
RichieUK
Posted 9/24/2006 9:31 AM


Senior Forum Moderator

Senior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 28,169, Visits: 54,734
There's no signs of anything at all malicious there that i can see.

__________________________________________________


ASAP & UNITE member since 2006





Firefox 3
Post #208903
Tremor
Posted 9/24/2006 5:31 PM


New Member

New MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew Member

Group: Forum Members
Last Login: 4/10/2008 6:37 PM
Posts: 92, Visits: 180
Thanks Richie. There is a Qoobox folder that appears every now and then but I just delete it. What is Qoobox anyway?
Post #208926
RichieUK
Posted 9/24/2006 6:39 PM


Senior Forum Moderator

Senior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 28,169, Visits: 54,734
Qoobox is a folder created by Combofix to quarantine any infected files.

__________________________________________________


ASAP & UNITE member since 2006





Firefox 3
Post #208932