Ok so i used hijack this and got rid of printer.exe but i still have no access to control panel and other applications!! could someone have a look at the combofix log and give me some advice?? this is wrecking my head!!
ComboFix 07-11-08.1 - Georgina Ennis 2007-11-11 18:48:09.1 - NTFSx86
Running from: C:\Documents and Settings\Georgina Ennis\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Georgina Ennis\Application Data\install_en[1].exe
C:\Documents and Settings\Georgina Ennis\ResErrors.log
.
((((((((((((((((((((((((( Files Created from 2007-10-11 to 2007-11-11 )))))))))))))))))))))))))))))))
.
2007-11-11 18:47 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-11 13:08 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-11 11:25 <DIR> d-------- C:\Program Files\Spyware Doctor
2007-11-11 11:25 <DIR> d-------- C:\Documents and Settings\Georgina Ennis\Application Data\PC Tools
2007-11-11 11:25 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-11-11 11:25 82,248 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-11-11 11:25 57,672 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-11-11 11:25 38,728 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-11-11 11:25 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-11-11 11:13 <DIR> d-------- C:\Documents and Settings\Georgina Ennis\Application Data\BitTorrent
2007-11-11 11:12 <DIR> d-------- C:\Program Files\BitTorrent_DNA
2007-11-11 11:12 <DIR> d-------- C:\Documents and Settings\Georgina Ennis\Application Data\BitTorrent DNA
2007-11-11 11:11 <DIR> d-------- C:\Program Files\BitTorrent
2007-11-10 22:08 <DIR> d-------- C:\Documents and Settings\Iano\Application Data\HP
2007-11-10 22:06 <DIR> d-------- C:\Documents and Settings\Iano\Application Data\AVG7
2007-11-10 22:05 <DIR> d-------- C:\Documents and Settings\Iano\Application Data\Symantec
2007-11-10 22:05 <DIR> d-------- C:\Documents and Settings\Iano\Application Data\Intel
2007-11-10 22:05 <DIR> d--h----- C:\Documents and Settings\Iano\Application Data\Gtek
2007-11-10 22:05 <DIR> d-------- C:\Documents and Settings\Iano\Application Data\Corel
2007-11-10 22:05 <DIR> d-------- C:\Documents and Settings\Iano\Application Data\ATI
2007-11-10 21:57 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-11-10 21:57 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Intel
2007-11-10 21:57 <DIR> d--h----- C:\Documents and Settings\Administrator\Application Data\Gtek
2007-11-10 21:57 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Corel
2007-11-10 21:57 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\ATI
2007-11-10 21:24 <DIR> d-------- C:\WINDOWS\pss
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-11 18:29 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-11 10:31 --------- d-----w C:\Documents and Settings\Georgina Ennis\Application Data\AVG7
2007-11-10 13:16 --------- d-----w C:\Program Files\Dell Network Assistant
2007-10-15 10:33 --------- d-----w C:\Documents and Settings\Georgina Ennis\Application Data\U3
2007-10-08 23:30 6,892 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-10-02 16:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\SingleClick Systems
2007-10-02 15:13 --------- d-----w C:\Program Files\Lavasoft
2007-10-02 15:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-10-02 15:11 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-09-24 17:34 --------- d-----w C:\Documents and Settings\Georgina Ennis\Application Data\DivX
2007-09-23 14:34 --------- d-----w C:\Program Files\DivX
2007-09-22 22:45 --------- d-----w C:\Documents and Settings\Georgina Ennis\Application Data\Apple Computer
2007-09-22 11:47 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-09-20 10:33 --------- d-----w C:\Program Files\iTunes
2007-09-20 10:33 --------- d-----w C:\Program Files\iPod
2007-09-20 10:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-09-20 10:32 --------- d-----w C:\Program Files\QuickTime
2007-09-20 10:30 --------- d-----w C:\Program Files\Apple Software Update
2007-09-20 10:29 --------- d-----w C:\Program Files\Common Files\Apple
2007-09-20 10:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-09-20 10:12 --------- d-----w C:\Program Files\Real
2007-09-20 10:12 --------- d-----w C:\Program Files\Common Files\xing shared
2007-09-20 10:12 --------- d-----w C:\Program Files\Common Files\Real
2007-09-20 10:10 --------- d-----w C:\Program Files\Google
2007-09-17 18:23 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-09-17 18:23 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-09-17 18:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-09-17 18:22 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-09-17 07:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2007-09-16 14:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-09-16 14:34 --------- d-----w C:\Program Files\Bonjour
2007-09-16 14:33 --------- d-----w C:\Program Files\Common Files\Adobe
2007-09-16 14:19 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2007-09-16 13:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee.com
2007-09-16 13:48 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2007-09-16 13:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-09-11 23:14 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-08-29 21:47 54,600 ----a-w C:\npbittorrent.dll
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:15 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-21 00:26 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-08-21 00:26 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-08-20 10:04 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-20 10:04 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-20 10:04 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 10:04 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 10:04 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 10:04 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-20 10:04 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 10:04 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-08-20 10:04 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-08-20 10:04 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 10:04 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-20 10:04 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-20 10:04 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-20 10:04 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-08-20 10:04 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-08-20 10:04 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-20 10:04 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-20 10:04 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-08-20 10:04 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-20 10:04 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
2007-08-20 10:04 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
2007-08-20 10:04 102,400 ------w C:\WINDOWS\system32\dllcache\occache.dll
2007-08-20 10:04 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-17 10:21 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-08-17 10:20 63,488 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-08-17 10:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-08-17 07:34 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-08-15 22:33 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-08-15 22:33 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-08-15 22:33 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-08-15 22:33 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-08-15 22:33 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-08-15 22:33 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-08-15 22:33 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-08-15 22:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-08-15 22:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-08-15 22:31 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-08-15 22:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-08-15 22:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-08-15 22:30 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2006-12-11 23:14 70,600 ----a-w C:\Documents and Settings\Georgina Ennis\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 12:03]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 22:30 C:\WINDOWS\stsystra.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 17:48]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 16:41]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 08:28]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 08:28]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 19:29]
"CTSVolFE.exe"="C:\Program Files\Creative\Mixer\CTSVolFE.exe" [2005-02-23 14:57]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 00:02]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-12-06 00:05]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 09:44]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 09:44]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-25 17:30]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 14:49]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 21:22]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-20 10:12]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 09:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [2003-09-10 01:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-09-05 05:18]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-01 23:14]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]
"BitTorrent DNA"="C:\Program Files\BitTorrent_DNA\dna.exe" [2007-11-11 11:12]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe [2004-02-25 01:35:00]
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2005-09-20 09:28:16]
Dell Network Assistant.lnk - C:\WINDOWS\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe [2006-10-05 21:40:49]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-10-05 21:27:47]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
R0 d346bus;d346bus;C:\WINDOWS\system32\DRIVERS\d346bus.sys
R0 d346prt;d346prt;C:\WINDOWS\system32\Drivers\d346prt.sys
S3 BTNetFilter;Bluetooth Network Filter;\??\C:\WINDOWS\system32\drivers\BTNetFilter.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a8a1798-c6b9-11db-8e40-0015c513d1ef}]
\Shell\AutoRun\command - G:\LaunchU3.exe
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2007-10-10 15:02:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-11-11 18:52:23
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-11 18:53:15
.
--- E O F ---