Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot access avg update website and microsoft.com

Started by Ricky_Ticky , Aug 02 2009 02:50 PM

  • Please log in to reply

#1
Ricky_Ticky
Posted 02 August 2009 - 02:50 PM

Ricky_Ticky

    New Member

  • Member
  • Pip
  • 1 posts
i have run combo fix and hijack this and these are the result. i would appreciate your help in fixing my problem so that i can update avg and access other websites.

hijack this results

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:16, on 01/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Ricardo.R-7B69C1274A774\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ricardo.R-7B69C1274A774\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ricardo.R-7B69C1274A774\My Documents\Downloads\HiJackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ricardo.R-7B69C1274A774\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 5154 bytes

ComboFix results

"Ricardo" - 2009-08-01 14:19:15 Service Pack 2 [SAFE MODE]
ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Ricardo.R-7B69C1274A774\My Documents\Downloads\ComboFix\"


((((((((((((((((((((((((((((((( Files Created from 2009-07-01 to 2009-08-01 ))))))))))))))))))))))))))))))))))


2009-08-01 14:15 <DIR> d-------- C:\!KillBox
2009-08-01 12:20 100,000 --a------ C:\WINDOWS\system32\msjava.dll
2009-08-01 12:04 946,448 --a------ C:\WINDOWS\system\SHDOCVW.DLL
2009-08-01 11:29 100,000 --a------ C:\WINDOWS\system\msjava.dll
2009-08-01 11:18 <DIR> d-------- C:\Program Files\RegistryFix7
2009-08-01 10:45 24,443,872 --a------ C:\Documents and Settings\RICARD~1.R-7\dotnetfx.exe
2009-08-01 10:45 24,443,872 --a------ C:\DOCUME~1\RICARD~1.R-7\dotnetfx.exe
2009-08-01 00:23 0 --a------ C:\WINDOWS\ativpsrm.bin
2009-07-31 22:34 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2009-07-31 22:34 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2009-07-31 22:34 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2009-07-31 22:34 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2009-07-31 22:34 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2009-07-31 22:34 15,360 --a------ C:\WINDOWS\system32\drivers\MPE.sys
2009-07-31 22:34 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2009-07-31 22:34 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2009-07-31 22:33 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2009-07-31 22:33 363,520 --a------ C:\WINDOWS\system32\PsisDecd.dll
2009-07-31 22:33 170,496 --a------ C:\WINDOWS\system32\drivers\atinavt2.sys
2009-07-31 22:33 11,776 --a------ C:\WINDOWS\system32\drivers\BdaSup.sys
2009-07-31 22:31 <DIR> d-------- C:\ATI
2009-07-31 21:30 887,724 --a------ C:\WINDOWS\system32\ativva6x.dat
2009-07-31 21:30 49,664 --a------ C:\WINDOWS\system32\amdpcom32.dll
2009-07-31 21:30 3,107,788 --a------ C:\WINDOWS\system32\ativva5x.dat
2009-07-31 21:30 290,816 --a------ C:\WINDOWS\system32\atiok3x2.dll
2009-07-31 21:30 159,744 --a------ C:\WINDOWS\system32\atibrtmon.exe
2009-07-31 21:30 122,880 --a------ C:\WINDOWS\system32\atiadlxx.dll
2009-07-31 11:43 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2009-07-31 11:39 <DIR> d-------- C:\WINDOWS\San Andreas Mod Installer
2009-07-31 06:39 <DIR> d-------- C:\Program Files\Rockstar Games
2009-07-31 00:41 <DIR> d-------- C:\Program Files\Uniblue
2009-07-31 00:41 <DIR> d-------- C:\DOCUME~1\RICARD~1.R-7\APPLIC~1\Uniblue
2009-07-31 00:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\DriverScanner
2009-07-31 00:39 <DIR> d--h-c--- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-07-31 00:03 <DIR> d-------- C:\Program Files\VirtualDJ
2009-07-29 21:18 110,592 --a------ C:\WINDOWS\unvise32.exe
2009-07-29 21:13 <DIR> d-------- C:\Program Files\The Logo Creator v5
2009-07-29 11:56 429,568 --a------ C:\WINDOWS\system32\CF101.exe
2009-07-29 07:21 <DIR> d-------- C:\Program Files\CCleaner
2009-07-28 02:53 <DIR> d-------- C:\DOCUME~1\Jordan\APPLIC~1\Winamp
2009-07-27 16:45 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2009-07-27 16:45 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2009-07-27 16:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2009-07-27 07:56 50,968 --a------ C:\WINDOWS\system32\avgfwdx.dll
2009-07-27 07:56 29,208 --a------ C:\WINDOWS\system32\drivers\avgfwdx.sys
2009-07-27 07:56 <DIR> d-------- C:\Program Files\AVG
2009-07-27 07:56 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\avg8
2009-07-27 07:44 38,912 --a------ C:\WINDOWS\system32\byXOgEXR.dll
2009-07-27 07:29 <DIR> d-------- C:\DOCUME~1\RICARD~1.R-7\APPLIC~1\Thinstall
2009-07-27 05:01 <DIR> d-------- C:\Program Files\Winamp Toolbar
2009-07-27 05:01 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Winamp Toolbar
2009-07-27 04:55 9,200 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2009-07-27 04:55 9,072 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2009-07-27 04:55 44,944 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2009-07-27 04:55 129,520 --------- C:\WINDOWS\system32\pxafs.dll
2009-07-27 04:55 <DIR> d-------- C:\DOCUME~1\Randi\APPLIC~1\Winamp
2009-07-27 04:49 1,048,576 --ah----- C:\DOCUME~1\Randi\NTUSER.DAT
2009-07-27 04:48 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2009-07-27 04:48 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2009-07-27 04:48 <DIR> d-------- C:\Program Files\Electronic Arts
2009-07-27 04:47 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2009-07-27 04:47 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2009-07-27 04:47 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2009-07-27 04:47 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2009-07-27 04:47 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2009-07-27 04:47 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2009-07-27 04:47 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2009-07-27 04:47 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2009-07-27 04:47 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2009-07-27 04:47 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2009-07-27 04:43 1,048,576 --ah----- C:\DOCUME~1\Jordan\NTUSER.DAT
2009-07-27 03:10 <DIR> d-------- C:\DOCUME~1\RICARD~1.R-7\APPLIC~1\Winamp
2009-07-27 02:18 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2009-07-27 02:17 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2009-07-27 02:10 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2009-07-27 01:59 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Downloaded Installations
2009-07-27 01:58 325,640 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2009-07-27 01:58 12,552 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys
2009-07-27 01:58 107,912 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2009-07-27 01:58 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2009-07-27 01:29 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2009-07-27 01:29 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2009-07-27 01:28 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2009-07-27 01:28 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2009-07-27 01:28 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2009-07-27 01:27 85,440 -r------- C:\WINDOWS\system32\ChCfg.exe
2009-07-27 01:27 135,168 -r------- C:\WINDOWS\system32\RtlCPAPI.dll
2009-07-27 01:23 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2009-07-27 01:20 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2009-07-27 01:18 487,424 -r------- C:\WINDOWS\RtlExUpd.dll
2009-07-27 01:08 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2009-07-27 00:33 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2009-07-27 00:14 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Microsoft Help
2009-07-26 23:58 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2009-07-26 23:56 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\WinZip
2009-07-26 23:49 <DIR> d-------- C:\DOCUME~1\RICARD~1.R-7\APPLIC~1\Yahoo!
2009-07-26 23:49 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo! Companion
2009-07-26 23:47 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Yahoo!
2009-07-26 23:41 561,152 --------- C:\WINDOWS\system32\ati2sgag.exe
2009-07-26 23:34 <DIR> d-------- C:\WINDOWS\Prefetch
2009-07-26 23:15 <DIR> d-------- C:\WINDOWS\system32\PLUGINS
2009-07-26 23:10 384,000 --a------ C:\WINDOWS\system32\mspaint.exe
2009-07-26 23:10 224,768 --a------ C:\WINDOWS\system32\accwiz.exe
2009-07-26 23:10 181,760 --a------ C:\WINDOWS\system32\sessmgr.exe
2009-07-26 23:10 143,872 --a------ C:\WINDOWS\system32\clipbrd.exe
2009-07-26 23:08 27,165 --a------ C:\WINDOWS\system32\drivers\fetnd5.sys
2009-07-26 23:06 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2009-07-26 23:06 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2009-07-26 21:44 249,856 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2009-07-26 21:14 <DIR> d--hs---- C:\WINDOWS\CSC
2009-07-26 21:01 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2009-07-26 21:01 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2009-07-26 21:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2009-07-26 21:00 44,672 --a------ C:\WINDOWS\system32\drivers\UAGP35.SYS
2009-07-26 20:57 98,304 --a------ C:\WINDOWS\system32\msir3jp.dll
2009-07-26 20:57 838,144 --a------ C:\WINDOWS\system32\chtbrkr.dll
2009-07-26 20:57 811,064 --a------ C:\WINDOWS\system32\imjp81k.dll
2009-07-26 20:57 76,288 --a------ C:\WINDOWS\system32\uniime.dll
2009-07-26 20:57 70,656 --a------ C:\WINDOWS\system32\korwbrkr.dll
2009-07-26 20:57 6,144 --a------ C:\WINDOWS\system32\ftlx041e.dll
2009-07-26 20:57 5,632 --a------ C:\WINDOWS\system32\kbdusa.dll
2009-07-26 20:57 185,344 --a------ C:\WINDOWS\system32\Thawbrkr.dll
2009-07-26 20:57 10,752 --a------ C:\WINDOWS\system32\c_iscii.dll
2009-07-26 20:57 1,677,824 --a------ C:\WINDOWS\system32\chsbrkr.dll
2009-07-26 20:56 6,656 --a------ C:\WINDOWS\system32\c_is2022.dll
2009-07-26 20:56 218,112 --a------ C:\WINDOWS\system32\c_g18030.dll
2009-07-26 20:56 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\Kaspersky Lab Setup Files
2009-07-26 20:55 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2009-07-26 20:55 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2009-07-26 20:55 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2009-07-26 20:55 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2009-07-26 20:55 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2009-07-26 20:55 <DIR> dr------- C:\DOCUME~1\ALLUSE~1.WIN\Documents
2009-07-26 20:47 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2009-07-26 20:16 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\TEMP
2009-07-26 20:15 2,359,296 --ah----- C:\Documents and Settings\RICARD~1.R-7\NTUSER.DAT
2009-07-26 20:15 2,359,296 --ah----- C:\DOCUME~1\RICARD~1.R-7\NTUSER.DAT
2009-07-26 20:14 262,144 --ah----- C:\DOCUME~1\LOCALS~1.NTA\NTUSER.DAT
2009-07-26 20:12 262,144 --ah----- C:\DOCUME~1\NETWOR~1.NTA\NTUSER.DAT
2009-07-26 20:09 249,856 ---h----- C:\DOCUME~1\DEFAUL~1.WIN\NTUSER.DAT
2009-07-26 20:08 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2009-07-26 20:07 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1.WIN\DRM
2009-07-26 20:06 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2009-07-26 20:06 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2009-07-26 20:06 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2009-07-26 20:06 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2009-07-26 20:06 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2009-07-26 20:06 430,592 --a------ C:\WINDOWS\system32\wuapi.dll
2009-07-26 20:06 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2009-07-26 20:06 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2009-07-26 20:06 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2009-07-26 20:06 36,864 --a------ C:\WINDOWS\system32\wups.dll
2009-07-26 20:06 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2009-07-26 20:06 206,848 --a------ C:\WINDOWS\system32\wuauclt1.exe
2009-07-26 20:06 183,296 --a------ C:\WINDOWS\system32\wuaueng1.dll
2009-07-26 20:06 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2009-07-26 20:06 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2009-07-26 20:06 120,320 --a------ C:\WINDOWS\system32\wuweb.dll
2009-07-26 20:06 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2009-07-26 20:06 112,640 --a------ C:\WINDOWS\system32\wucltui.dll
2009-07-26 20:06 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2009-07-26 20:06 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll
2009-07-26 20:05 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2009-07-26 20:05 81,920 --a------ C:\WINDOWS\system32\ils.dll
2009-07-26 20:05 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2009-07-26 20:05 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2009-07-26 20:05 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2009-07-26 20:05 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll
2009-07-26 20:05 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2009-07-26 20:05 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2009-07-26 20:05 63,488 --a------ C:\WINDOWS\system32\fltMc.exe
2009-07-26 20:05 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2009-07-26 20:05 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2009-07-26 20:05 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2009-07-26 20:05 32,256 --a------ C:\WINDOWS\system32\mstinit.exe
2009-07-26 20:05 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2009-07-26 20:05 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2009-07-26 20:05 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2009-07-26 20:05 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2009-07-26 20:05 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2009-07-26 20:05 22,748 --a------ C:\WINDOWS\system32\emptyregdb.dat
2009-07-26 20:05 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2009-07-26 20:05 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2009-07-26 20:05 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2009-07-26 20:05 124,800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2009-07-26 20:05 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2009-07-26 20:04 97,792 --a------ C:\WINDOWS\system32\sol.exe
2009-07-26 20:04 96,256 --a------ C:\WINDOWS\system32\freecell.exe
2009-07-26 20:04 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll
2009-07-26 20:04 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2009-07-26 20:04 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll
2009-07-26 20:04 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2009-07-26 20:04 85,504 --a------ C:\WINDOWS\system32\tscupgrd.exe
2009-07-26 20:04 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2009-07-26 20:04 82,432 --a------ C:\WINDOWS\system32\comrepl.dll
2009-07-26 20:04 74,752 --a------ C:\WINDOWS\system32\regini.exe
2009-07-26 20:04 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2009-07-26 20:04 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2009-07-26 20:04 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll
2009-07-26 20:04 62,976 --a------ C:\WINDOWS\system32\qwinsta.exe
2009-07-26 20:04 62,464 --a------ C:\WINDOWS\system32\colbact.dll
2009-07-26 20:04 61,952 --a------ C:\WINDOWS\system32\msg.exe
2009-07-26 20:04 61,440 --a------ C:\WINDOWS\system32\qprocess.exe
2009-07-26 20:04 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2009-07-26 20:04 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2009-07-26 20:04 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2009-07-26 20:04 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2009-07-26 20:04 579,584 --a------ C:\WINDOWS\system32\spider.exe
2009-07-26 20:04 57,856 --a------ C:\WINDOWS\system32\tsshutdn.exe
2009-07-26 20:04 57,856 --a------ C:\WINDOWS\system32\qappsrv.exe
2009-07-26 20:04 57,344 --a------ C:\WINDOWS\system32\tskill.exe
2009-07-26 20:04 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2009-07-26 20:04 56,320 --a------ C:\WINDOWS\system32\logoff.exe
2009-07-26 20:04 55,808 --a------ C:\WINDOWS\system32\tscon.exe
2009-07-26 20:04 55,808 --a------ C:\WINDOWS\system32\shadow.exe
2009-07-26 20:04 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2009-07-26 20:04 54,784 --a------ C:\WINDOWS\system32\rdsaddin.exe
2009-07-26 20:04 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2009-07-26 20:04 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll
2009-07-26 20:04 47,104 --a------ C:\WINDOWS\system32\msdtc.exe
2009-07-26 20:04 46,080 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2009-07-26 20:04 448,512 --a------ C:\WINDOWS\system32\mstsc.exe
2009-07-26 20:04 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2009-07-26 20:04 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2009-07-26 20:04 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2009-07-26 20:04 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2009-07-26 20:04 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2009-07-26 20:04 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2009-07-26 20:04 36,352 --a------ C:\WINDOWS\system32\rwinsta.exe
2009-07-26 20:04 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2009-07-26 20:04 35,328 --a------ C:\WINDOWS\system32\tsdiscon.exe
2009-07-26 20:04 345,088 --a------ C:\WINDOWS\system32\hypertrm.dll
2009-07-26 20:04 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2009-07-26 20:04 29,696 --a------ C:\WINDOWS\system32\reset.exe
2009-07-26 20:04 26,112 --a------ C:\WINDOWS\system32\write.exe
2009-07-26 20:04 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2009-07-26 20:04 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2009-07-26 20:04 229,888 --a------ C:\WINDOWS\system32\catsrv.dll
2009-07-26 20:04 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2009-07-26 20:04 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2009-07-26 20:04 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2009-07-26 20:04 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2009-07-26 20:04 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2009-07-26 20:04 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2009-07-26 20:04 179,712 --a------ C:\WINDOWS\system32\sndvol32.exe
2009-07-26 20:04 172,544 --a------ C:\WINDOWS\system32\sndrec32.exe
2009-07-26 20:04 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2009-07-26 20:04 167,936 --a------ C:\WINDOWS\system32\mshearts.exe
2009-07-26 20:04 164,352 --a------ C:\WINDOWS\system32\mplay32.exe
2009-07-26 20:04 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2009-07-26 20:04 160,768 --a------ C:\WINDOWS\system32\winmine.exe
2009-07-26 20:04 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2009-07-26 20:04 155,648 --a------ C:\WINDOWS\system32\calc.exe
2009-07-26 20:04 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2009-07-26 20:04 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2009-07-26 20:04 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2009-07-26 20:04 139,400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2009-07-26 20:04 121,344 --a------ C:\WINDOWS\system32\charmap.exe
2009-07-26 20:04 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2009-07-26 20:04 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2009-07-26 20:04 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2009-07-26 20:04 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2009-07-26 20:04 108,032 --a------ C:\WINDOWS\system32\rdshost.exe
2009-07-26 20:04 103,424 --a------ C:\WINDOWS\system32\rdpclip.exe
2009-07-26 20:04 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll
2009-07-26 20:04 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2009-07-26 18:44 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab Setup Files
2009-07-26 09:03 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2009-07-26 03:16 <DIR> d-------- C:\Program Files\Project64 1.6
2009-07-26 00:23 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\12427504
2009-07-25 22:05 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2009-07-25 22:00 <DIR> d-------- C:\Program Files\Winamp
2009-07-25 10:18 <DIR> d-------- C:\WINDOWS\Logo Design Studio Trial
2009-07-25 10:18 <DIR> d-------- C:\Program Files\Summitsoft
2009-07-25 10:12 <DIR> d--hs---- C:\RECYCLER
2009-07-25 10:08 <DIR> d-------- C:\Program Files\AAALOGO2009
2009-07-25 07:30 <DIR> d-------- C:\Program Files\Microsoft Works
2009-07-25 07:29 <DIR> d-------- C:\Program Files\MSBuild
2009-07-25 07:08 <DIR> d--h----- C:\WINDOWS\ShellNew
2009-07-25 07:03 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
2009-07-25 07:01 <DIR> dr-h----- C:\MSOCache
2009-07-25 06:51 <DIR> d-------- C:\Program Files\PowerISO
2009-07-25 06:15 <DIR> d--h----- C:\$AVG8.VAULT$
2009-07-25 05:49 <DIR> d-------- C:\Program Files\PageFix 2.0
2009-07-25 04:32 <DIR> d-------- C:\Program Files\Windows Live
2009-07-25 03:54 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
2009-07-25 03:49 <DIR> d-------- C:\Program Files\Yahoo!
2009-07-25 03:49 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
2009-07-25 03:36 <DIR> d-------- C:\WINDOWS\pss
2009-07-25 02:37 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
2009-07-25 02:35 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2009-07-25 02:33 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
2009-07-25 01:56 <DIR> d-------- C:\Program Files\Ares
2009-07-25 01:26 <DIR> d-------- C:\Documents and Settings\RICARD~1.R-7\NFS ProStreet
2009-07-25 01:26 <DIR> d-------- C:\DOCUME~1\RICARD~1.R-7\NFS ProStreet
2009-07-25 01:24 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2009-07-25 01:08 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
2009-07-25 01:03 <DIR> d-------- C:\Program Files\BitLord
2009-07-25 00:42 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\DriverScanner
2009-07-25 00:18 <DIR> d-------- C:\WINDOWS\system32\Lang
2009-07-24 12:03 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2009-07-24 12:01 <DIR> d-------- C:\WINDOWS\system32\RTCOM
2009-07-24 11:55 9,752,576 -r------- C:\WINDOWS\RTLCPL.exe
2009-07-24 11:55 405,504 -r------- C:\WINDOWS\RtlUpd.exe
2009-07-24 11:55 4,304,384 -r------- C:\WINDOWS\system32\drivers\RtkHDAud.Sys
2009-07-24 11:55 2,923,520 -r------- C:\WINDOWS\SkyTel.exe
2009-07-24 11:55 2,851,840 -r------- C:\WINDOWS\alcwzrd.exe
2009-07-24 11:55 2,200,576 -r------- C:\WINDOWS\MicCal.exe
2009-07-24 11:55 16,290,304 -ra------ C:\WINDOWS\RTHDCPL.exe
2009-07-24 11:55 126,976 -r------- C:\WINDOWS\SoundMan.exe
2009-07-24 11:55 110,592 -r------- C:\WINDOWS\Alcmtr.exe
2009-07-24 11:55 <DIR> d-------- C:\Program Files\Realtek
2009-07-24 11:45 <DIR> d-------- C:\WINDOWS\ehome
2009-07-24 11:13 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2009-07-24 11:13 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2009-07-24 11:11 <DIR> dr------- C:\Program Files
2009-07-24 11:11 <DIR> d--hs---- C:\WINDOWS\Installer
2009-07-24 11:11 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2009-07-24 11:11 <DIR> d-------- C:\Program Files\Common Files\ODBC
2009-07-24 11:10 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents
2009-07-24 11:09 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2009-07-24 11:09 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2009-07-24 11:09 <DIR> d-------- C:\Documents and Settings
2009-07-24 11:08 <DIR> d--hs---- C:\System Volume Information
2009-07-24 11:03 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2009-07-24 11:03 <DIR> dr--s---- C:\WINDOWS\Fonts
2009-07-24 11:03 <DIR> dr------- C:\WINDOWS\Web
2009-07-24 11:03 <DIR> d--h----- C:\WINDOWS\inf
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\WinSxS
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\twain_32
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\wins
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\wbem
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\usmt
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\spool
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\Setup
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\ras
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\oobe
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\npp
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\mui
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\IME
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\icsxml
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\ias
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\export
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\drivers
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\dhcp
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\config
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\3076
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\2052
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\1054
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\1042
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\1041
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\1037
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\1033
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\1031
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\1028
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32\1025
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system32
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\system
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\security
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\Resources
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\repair
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\Provisioning
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\PeerNet
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\pchealth
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\mui
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\msapps
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\msagent
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\Media
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\ime
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\Help
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\Driver Cache
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\Debug
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\Cursors
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\Connection Wizard
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\Config
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\AppPatch
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS\addins
2009-07-24 11:03 <DIR> d-------- C:\WINDOWS
2009-07-24 10:43 <DIR> d-------- C:\WINDOWS\setup.pss
2009-07-24 10:36 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2009-07-24 10:35 229,376 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2009-07-24 10:29 229,376 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2009-07-24 10:26 249,856 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2009-07-24 10:26 0 -rahs---- C:\MSDOS.SYS
2009-07-24 10:26 0 -rahs---- C:\IO.SYS
2009-07-24 10:26 0 --a------ C:\CONFIG.SYS
2009-07-24 10:26 0 --a------ C:\AUTOEXEC.BAT
2009-07-24 10:26 <DIR> d-------- C:\WINDOWS\system32\xircom
2009-07-24 10:26 <DIR> d-------- C:\Program Files\microsoft frontpage
2009-07-24 10:25 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2009-07-24 10:25 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2009-07-24 10:25 <DIR> d--h----- C:\Program Files\WindowsUpdate
2009-07-24 10:25 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2009-07-24 10:24 <DIR> d---s---- C:\WINDOWS\Tasks
2009-07-24 10:24 <DIR> d-------- C:\WINDOWS\system32\Macromed
2009-07-24 10:24 <DIR> d-------- C:\WINDOWS\system32\DirectX
2009-07-24 10:24 <DIR> d-------- C:\WINDOWS\srchasst
2009-07-24 10:24 <DIR> d-------- C:\Program Files\Movie Maker
2009-07-24 10:24 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2009-07-24 10:23 <DIR> d-------- C:\WINDOWS\system32\Restore
2009-07-24 10:23 <DIR> d-------- C:\WINDOWS\Registration
2009-07-24 10:22 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2009-07-24 10:22 <DIR> d-------- C:\WINDOWS\system32\Com
2009-07-24 10:22 <DIR> d-------- C:\Program Files\Windows NT
2009-07-24 10:22 <DIR> d-------- C:\Program Files\Online Services
2009-07-24 10:22 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2009-07-24 10:22 <DIR> d-------- C:\Program Files\Messenger


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2009-08-01 05:24:30 359,040 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
2009-07-27 04:35:25 182,912 ----a-w C:\WINDOWS\system32\drivers\ndis.sys


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{02478D38-C3F9-4efb-9B51-7695ECA05670}=C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2009-03-13 17:18]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}=C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 06:07]
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}=C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 15:34]
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}=C:\Program Files\AVG\AVG8\avgssie.dll [2009-07-27 01:57]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 18:48]
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}=C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2009-03-13 17:18]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" []
"Alcmtr"="ALCMTR.EXE" []
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2009-07-26 19:57]
"AVGIDS"="C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" [2009-02-26 12:46]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Documents and Settings\Ricardo.R-7B69C1274A774\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-07-26 23:42]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL" [2006-10-26 18:48]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ComPlusSetup]
C:\WINDOWS\system32\catsrvut.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reader_s]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
SkyTel.EXE

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\Install.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d42edc8a-7c6e-11de-b663-00138ff16323}]
AutoRun\command- F:\USERINIT.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2699dcf-7a9e-11de-b651-00138ff16323}]
AutoRun\command- H:\SPOOLSV.EXE


Contents of the 'Scheduled Tasks' folder
2009-08-01 10:47:01 C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-1770027372-839522115-1004Core.job
2009-08-01 18:47:04 C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-484763869-1770027372-839522115-1004UA.job

********************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-01 14:22:34
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


********************************************************************

Completion time: 2009-08-01 14:24:05

--- E O F ---
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP