Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't access in microsoft and any antivirus site


  • Please log in to reply

#1
shizzle08

shizzle08

    New Member

  • Member
  • Pip
  • 1 posts
i can't access any anti virus and microsoft website or even update my anti virus help here is the report of combo fix in case you need it

ComboFix 09-08-30.01 - Delacruz 08/31/2009 3:50.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1585 [GMT 8:00]
Running from: d:\torrentz\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090830-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_WINDOWS_HOSTS_CONTROLLER


((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-30 )))))))))))))))))))))))))))))))
.

2009-08-30 19:19 . 2009-08-30 19:19 -------- d-----w- c:\windows\ERUNT
2009-08-30 19:16 . 2009-08-30 19:27 -------- d-----w- C:\SDFix
2009-08-27 06:38 . 2009-08-30 19:03 -------- d-----w- C:\Downloads
2009-08-26 19:49 . 2009-08-26 19:49 -------- d-----w- c:\documents and settings\Delacruz\Local Settings\Application Data\Temp
2009-08-16 18:11 . 2009-08-16 18:34 -------- d-----w- C:\New Folder
2009-08-16 18:06 . 2009-08-16 18:06 -------- d-----w- c:\documents and settings\All Users\Application Data\VideoMach
2009-08-15 05:51 . 2009-08-21 16:44 -------- d-----w- c:\documents and settings\Delacruz\Application Data\dvdcss
2009-08-13 17:11 . 2009-02-09 00:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-08-13 17:11 . 2009-02-09 00:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-08-13 17:11 . 2009-02-09 00:37 659968 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-08-13 17:11 . 2009-02-09 00:37 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-08-13 17:11 . 2009-02-09 00:37 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-08-13 17:11 . 2009-02-09 00:32 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-08-13 17:11 . 2009-08-13 17:11 -------- d-----w- c:\program files\Common Files\Nokia
2009-08-13 17:10 . 2009-08-13 17:08 24501456 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\NokiaSoftwareUpdaterSetup_1.7.3EN.exe
2009-08-13 17:10 . 2009-08-13 17:10 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\msxml6Exec.exe
2009-08-13 17:10 . 2009-08-13 17:10 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe
2009-08-13 17:10 . 2009-08-13 17:10 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\vcredistExec.exe
2009-08-09 18:38 . 2009-08-09 18:38 -------- d-----w- c:\documents and settings\Delacruz\Local Settings\Application Data\Help
2009-08-05 09:26 . 2009-08-05 09:26 -------- d-----w- c:\documents and settings\Delacruz\Application Data\DivX
2009-08-04 15:26 . 2009-08-04 15:26 -------- d-----w- C:\windowscopy
2009-08-04 13:03 . 2009-08-11 17:18 4096 ----a-w- c:\windows\system32\detoured.dll
2009-08-04 12:40 . 2001-08-17 14:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-08-04 12:40 . 2001-08-17 14:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-08-04 12:40 . 2001-08-17 14:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-08-04 12:40 . 2001-08-17 14:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-08-04 12:40 . 2001-08-17 06:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-08-04 12:40 . 2001-08-17 06:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-08-04 12:38 . 2009-08-04 12:38 -------- d--h--w- c:\windows\PIF
2009-08-04 12:35 . 2009-08-17 11:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-04 07:49 . 2009-08-04 07:49 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-08-04 07:36 . 2009-08-04 07:38 -------- d-----w- c:\documents and settings\Delacruz\Local Settings\Application Data\Google
2009-08-04 07:36 . 2009-08-04 07:38 -------- d-----w- c:\program files\Google
2009-08-04 07:36 . 2009-08-04 07:37 -------- d-----w- c:\program files\Common Files\DivX Shared

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-30 19:44 . 2009-07-16 02:00 -------- d-----w- c:\documents and settings\Delacruz\Application Data\uTorrent
2009-08-30 19:17 . 2009-07-16 02:40 1137456 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-08-30 08:42 . 2009-07-16 02:39 -------- d-----w- c:\documents and settings\Delacruz\Application Data\TypingMaster7
2009-08-30 04:04 . 2009-07-25 05:17 -------- d-----w- c:\documents and settings\Delacruz\Application Data\vlc
2009-08-22 09:17 . 2009-07-23 03:46 -------- d-----w- c:\documents and settings\Delacruz\Application Data\LimeWire
2009-08-13 17:11 . 2009-07-22 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-08-13 17:11 . 2009-07-22 19:22 -------- d-----w- c:\program files\Nokia
2009-08-08 07:03 . 2009-07-17 08:07 -------- d-----w- c:\documents and settings\Delacruz\Application Data\Camfrog
2009-08-05 14:36 . 2009-07-16 03:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-07-28 05:14 . 2009-07-16 01:01 42168 ----a-w- c:\documents and settings\Delacruz\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-28 04:45 . 2009-07-28 04:45 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-07-28 04:44 . 2009-07-28 04:44 -------- d-----w- c:\program files\Microsoft.NET
2009-07-27 12:42 . 2009-07-27 12:39 63478 ----a-w- c:\windows\War3Unin.dat
2009-07-27 12:42 . 2009-07-27 12:39 2829 ----a-w- c:\windows\War3Unin.pif
2009-07-27 12:42 . 2009-07-27 12:39 139264 ----a-w- c:\windows\War3Unin.exe
2009-07-26 10:12 . 2009-07-26 10:12 -------- d-----w- c:\program files\123 AVI to GIF Converter
2009-07-25 18:16 . 2009-07-25 18:16 274737 ----a-w- c:\windows\Fast Video to GIF SWF Converter Uninstaller.exe
2009-07-25 05:17 . 2009-07-25 05:17 -------- d-----w- c:\program files\VideoLAN
2009-07-25 04:57 . 2009-07-25 04:57 -------- d-----w- c:\documents and settings\Delacruz\Application Data\FastStone
2009-07-25 04:39 . 2009-07-25 04:39 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-07-24 19:19 . 2009-07-24 19:19 -------- d-----w- c:\program files\Vimicro Corporation
2009-07-24 19:19 . 2009-07-16 01:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-24 06:51 . 2009-07-24 06:51 4096 ----a-w- c:\windows\system32\02.tmp
2009-07-24 06:50 . 2009-07-24 06:50 4096 ----a-w- c:\windows\system32\01.tmp
2009-07-23 17:51 . 2009-07-23 03:45 -------- d-----w- c:\program files\Java
2009-07-23 17:50 . 2009-07-23 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-07-23 17:50 . 2009-07-23 17:50 152576 ----a-w- c:\documents and settings\Delacruz\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-07-23 03:45 . 2009-07-23 03:45 152576 ----a-w- c:\documents and settings\Delacruz\Application Data\Sun\Java\jre1.6.0_11\lzma.dll
2009-07-23 01:21 . 2009-07-23 01:19 -------- d-----w- c:\documents and settings\Delacruz\Application Data\Dev-Cpp
2009-07-22 19:35 . 2009-07-22 19:35 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-07-22 19:35 . 2009-07-22 19:35 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-07-22 19:31 . 2009-07-22 19:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2009-07-22 19:22 . 2009-07-22 19:22 -------- d-----w- c:\program files\MSXML 6.0
2009-07-21 16:37 . 2009-07-21 02:45 -------- d-----w- c:\program files\Gravity
2009-07-20 01:09 . 2009-07-20 01:09 -------- d-----w- c:\program files\AhnLab
2009-07-18 07:09 . 2009-07-16 00:49 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-18 02:49 . 2009-07-16 03:53 -------- d-----w- c:\documents and settings\Delacruz\Application Data\Apple Computer
2009-07-18 00:29 . 2009-07-18 00:29 -------- d-----w- c:\documents and settings\Delacruz\Application Data\2K Sports
2009-07-17 04:12 . 2009-07-16 02:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-07-16 03:53 . 2009-07-16 03:53 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-16 03:53 . 2009-07-16 03:53 -------- d-----w- c:\program files\iPod
2009-07-16 03:53 . 2009-07-16 03:52 -------- d-----w- c:\program files\Common Files\Apple
2009-07-16 03:53 . 2009-07-16 03:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-16 03:53 . 2009-07-16 03:53 -------- d-----w- c:\program files\Bonjour
2009-07-16 03:53 . 2009-07-16 03:52 -------- d-----w- c:\program files\QuickTime
2009-07-16 03:52 . 2009-07-16 03:52 -------- d-----w- c:\program files\Apple Software Update
2009-07-16 03:38 . 2009-07-16 03:38 -------- d--h--r- c:\documents and settings\Delacruz\Application Data\SecuROM
2009-07-16 03:16 . 2009-07-16 03:16 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-07-16 03:14 . 2009-07-16 03:14 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-07-16 03:05 . 2009-07-16 02:45 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-16 03:03 . 2009-07-16 03:03 -------- d-----w- c:\program files\Adobe Media Player
2009-07-16 02:59 . 2009-07-16 02:59 -------- d-----w- c:\program files\Yahoo!
2009-07-16 02:57 . 2009-07-16 02:57 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-07-16 02:51 . 2009-07-16 02:51 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-07-16 02:40 . 2009-07-16 02:40 -------- d-----w- c:\program files\MSBuild
2009-07-16 02:36 . 2009-07-16 02:36 -------- d-----w- c:\program files\Reference Assemblies
2009-07-16 02:32 . 2009-07-16 02:31 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-07-16 02:31 . 2009-07-16 02:31 -------- d-----w- c:\documents and settings\Delacruz\Application Data\DAEMON Tools Pro
2009-07-16 02:27 . 2009-07-16 02:27 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-16 02:01 . 2009-07-16 02:01 -------- d-----w- c:\program files\AskBarDis
2009-07-16 01:45 . 2009-07-16 01:00 -------- d-----w- c:\program files\Realtek
2009-07-16 01:45 . 2009-07-16 01:45 319488 ----a-w- c:\windows\HideWin.exe
2009-07-16 01:38 . 2009-07-16 01:38 -------- d-----w- c:\documents and settings\Delacruz\Application Data\ATI
2009-07-16 01:38 . 2009-07-16 01:38 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-07-16 01:38 . 2009-07-16 01:38 -------- d-----w- c:\documents and settings\Delacruz\Application Data\Grasssoft
2009-07-16 01:36 . 2009-07-16 01:36 -------- d-----w- c:\program files\Intel
2009-07-16 01:35 . 2009-07-16 01:36 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-07-16 01:32 . 2009-07-16 01:21 -------- d-----w- c:\program files\ATI Technologies
2009-07-16 01:30 . 2009-07-16 01:30 -------- d-----w- c:\program files\GrassSoft
2009-07-16 01:29 . 2009-07-16 01:29 0 ----a-w- c:\windows\ativpsrm.bin
2009-07-16 01:23 . 2009-07-16 01:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Grasssoft
2009-07-16 01:22 . 2009-07-16 01:21 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-16 01:18 . 2009-07-16 01:18 0 ----a-w- c:\windows\nsreg.dat
2009-07-16 01:00 . 2009-07-16 01:00 -------- d-----w- c:\documents and settings\Delacruz\Application Data\InstallShield
2009-07-16 00:50 . 2009-07-16 00:50 -------- d-----w- c:\program files\microsoft frontpage
2009-07-16 00:47 . 2009-07-16 00:47 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-05 05:57 . 2009-06-05 05:57 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-05 03:42 . 2009-07-16 03:52 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-05 03:42 . 2009-07-16 03:52 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2004-08-03 22:56 . 2004-08-03 22:56 166896 --sha-r- c:\windows\system32\ddqkj.dll
.

------- Sigcheck -------

[7] 2004-08-03 21:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\system32\dllcache\tcpip.sys
[-] 2004-08-03 21:14 359040 6A603809F598332DBEDD535BDBCE313E c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 19:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"="d:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-07-16 306088]
"Camfrog"="d:\program files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" [2009-06-16 41800]
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2009-07-16 288048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Flashget"="d:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Delacruz^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\Delacruz\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"d:\\Program Files\\FlashGet\\flashget.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5506:TCP"= 5506:TCP:egswz

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7/16/2009 10:11 AM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/16/2009 10:11 AM 20560]
R2 Macro Expert;Macro Expert;c:\program files\GrassSoft\Macro Expert\MacroService.exe [5/18/2009 10:46 AM 212480]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [7/25/2009 3:19 AM 256512]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [7/25/2009 3:19 AM 398720]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [7/16/2009 10:01 AM 234888]
S2 geshfgvk;Server Driver;c:\windows\system32\svchost.exe -k netsvcs [8/4/2004 6:56 AM 14336]
S2 gupdate1ca14d65b4c8ec2;Google Update Service (gupdate1ca14d65b4c8ec2);c:\program files\Google\Update\GoogleUpdate.exe [8/4/2009 3:37 PM 133104]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Delacruz\LOCALS~1\Temp\HWY5.tmp --> c:\docume~1\Delacruz\LOCALS~1\Temp\HWY5.tmp [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
geshfgvk
.
Contents of the 'Scheduled Tasks' folder

2009-08-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 04:34]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-04 07:36]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-04 07:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.garena.com/portal/
uInternet Settings,ProxyOverride = *.local
IE: &Download All with FlashGet - d:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - d:\program files\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Delacruz\Application Data\Mozilla\Firefox\Profiles\be63pbhn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.ph/
FF - plugin: c:\documents and settings\Delacruz\Desktop\DivX\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: c:\documents and settings\Delacruz\Desktop\DivX\DivX Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: d:\program files\iTunes\Mozilla Plugins\npitunes.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-31 03:54
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Delacruz\LOCALS~1\Temp\HWY5.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\geshfgvk]
"ServiceDll"="c:\windows\system32\ddqkj.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-823518204-1592454029-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:7b,ba,6e,4f,e6,5f,f2,11,ab,d3,f3,61,7d,18,a0,03,af,72,48,29,5d,
41,df,92,85,99,f6,05,ac,0a,70,bb,f7,bf,a3,9a,6a,d0,0c,24,c3,f9,82,7f,54,39,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(784)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(720)
d:\program files\iTunes\iTunesMiniPlayer.dll
d:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
d:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
d:\program files\Alwil Software\Avast4\aswUpdSv.exe
d:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
d:\program files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
d:\program files\Alwil Software\Avast4\ashMaiSv.exe
d:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\GrassSoft\Macro Expert\MacroServiceWnd.exe
c:\windows\system32\wscntfy.exe
d:\program files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Completion time: 2009-08-30 3:56 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-30 19:56

Pre-Run: 7,036,882,944 bytes free
Post-Run: 6,935,175,168 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

276


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP