ComboFix 09-08-30.01 - Delacruz 08/31/2009 3:50.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1585 [GMT 8:00]
Running from: d:\torrentz\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090830-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_WINDOWS_HOSTS_CONTROLLER
((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-30 )))))))))))))))))))))))))))))))
.
2009-08-30 19:19 . 2009-08-30 19:19 -------- d-----w- c:\windows\ERUNT
2009-08-30 19:16 . 2009-08-30 19:27 -------- d-----w- C:\SDFix
2009-08-27 06:38 . 2009-08-30 19:03 -------- d-----w- C:\Downloads
2009-08-26 19:49 . 2009-08-26 19:49 -------- d-----w- c:\documents and settings\Delacruz\Local Settings\Application Data\Temp
2009-08-16 18:11 . 2009-08-16 18:34 -------- d-----w- C:\New Folder
2009-08-16 18:06 . 2009-08-16 18:06 -------- d-----w- c:\documents and settings\All Users\Application Data\VideoMach
2009-08-15 05:51 . 2009-08-21 16:44 -------- d-----w- c:\documents and settings\Delacruz\Application Data\dvdcss
2009-08-13 17:11 . 2009-02-09 00:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-08-13 17:11 . 2009-02-09 00:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-08-13 17:11 . 2009-02-09 00:37 659968 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-08-13 17:11 . 2009-02-09 00:37 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-08-13 17:11 . 2009-02-09 00:37 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-08-13 17:11 . 2009-02-09 00:32 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-08-13 17:11 . 2009-08-13 17:11 -------- d-----w- c:\program files\Common Files\Nokia
2009-08-13 17:10 . 2009-08-13 17:08 24501456 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\NokiaSoftwareUpdaterSetup_1.7.3EN.exe
2009-08-13 17:10 . 2009-08-13 17:10 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\msxml6Exec.exe
2009-08-13 17:10 . 2009-08-13 17:10 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\Sleep.exe
2009-08-13 17:10 . 2009-08-13 17:10 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}\Installer\CommonCustomActions\vcredistExec.exe
2009-08-09 18:38 . 2009-08-09 18:38 -------- d-----w- c:\documents and settings\Delacruz\Local Settings\Application Data\Help
2009-08-05 09:26 . 2009-08-05 09:26 -------- d-----w- c:\documents and settings\Delacruz\Application Data\DivX
2009-08-04 15:26 . 2009-08-04 15:26 -------- d-----w- C:\windowscopy
2009-08-04 13:03 . 2009-08-11 17:18 4096 ----a-w- c:\windows\system32\detoured.dll
2009-08-04 12:40 . 2001-08-17 14:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-08-04 12:40 . 2001-08-17 14:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-08-04 12:40 . 2001-08-17 14:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-08-04 12:40 . 2001-08-17 14:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-08-04 12:40 . 2001-08-17 06:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-08-04 12:40 . 2001-08-17 06:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-08-04 12:40 . 2001-08-17 06:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-08-04 12:38 . 2009-08-04 12:38 -------- d--h--w- c:\windows\PIF
2009-08-04 12:35 . 2009-08-17 11:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-04 07:49 . 2009-08-04 07:49 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-08-04 07:36 . 2009-08-04 07:38 -------- d-----w- c:\documents and settings\Delacruz\Local Settings\Application Data\Google
2009-08-04 07:36 . 2009-08-04 07:38 -------- d-----w- c:\program files\Google
2009-08-04 07:36 . 2009-08-04 07:37 -------- d-----w- c:\program files\Common Files\DivX Shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-30 19:44 . 2009-07-16 02:00 -------- d-----w- c:\documents and settings\Delacruz\Application Data\uTorrent
2009-08-30 19:17 . 2009-07-16 02:40 1137456 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-08-30 08:42 . 2009-07-16 02:39 -------- d-----w- c:\documents and settings\Delacruz\Application Data\TypingMaster7
2009-08-30 04:04 . 2009-07-25 05:17 -------- d-----w- c:\documents and settings\Delacruz\Application Data\vlc
2009-08-22 09:17 . 2009-07-23 03:46 -------- d-----w- c:\documents and settings\Delacruz\Application Data\LimeWire
2009-08-13 17:11 . 2009-07-22 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-08-13 17:11 . 2009-07-22 19:22 -------- d-----w- c:\program files\Nokia
2009-08-08 07:03 . 2009-07-17 08:07 -------- d-----w- c:\documents and settings\Delacruz\Application Data\Camfrog
2009-08-05 14:36 . 2009-07-16 03:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-07-28 05:14 . 2009-07-16 01:01 42168 ----a-w- c:\documents and settings\Delacruz\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-28 04:45 . 2009-07-28 04:45 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-07-28 04:44 . 2009-07-28 04:44 -------- d-----w- c:\program files\Microsoft.NET
2009-07-27 12:42 . 2009-07-27 12:39 63478 ----a-w- c:\windows\War3Unin.dat
2009-07-27 12:42 . 2009-07-27 12:39 2829 ----a-w- c:\windows\War3Unin.pif
2009-07-27 12:42 . 2009-07-27 12:39 139264 ----a-w- c:\windows\War3Unin.exe
2009-07-26 10:12 . 2009-07-26 10:12 -------- d-----w- c:\program files\123 AVI to GIF Converter
2009-07-25 18:16 . 2009-07-25 18:16 274737 ----a-w- c:\windows\Fast Video to GIF SWF Converter Uninstaller.exe
2009-07-25 05:17 . 2009-07-25 05:17 -------- d-----w- c:\program files\VideoLAN
2009-07-25 04:57 . 2009-07-25 04:57 -------- d-----w- c:\documents and settings\Delacruz\Application Data\FastStone
2009-07-25 04:39 . 2009-07-25 04:39 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-07-24 19:19 . 2009-07-24 19:19 -------- d-----w- c:\program files\Vimicro Corporation
2009-07-24 19:19 . 2009-07-16 01:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-24 06:51 . 2009-07-24 06:51 4096 ----a-w- c:\windows\system32\02.tmp
2009-07-24 06:50 . 2009-07-24 06:50 4096 ----a-w- c:\windows\system32\01.tmp
2009-07-23 17:51 . 2009-07-23 03:45 -------- d-----w- c:\program files\Java
2009-07-23 17:50 . 2009-07-23 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-07-23 17:50 . 2009-07-23 17:50 152576 ----a-w- c:\documents and settings\Delacruz\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-07-23 03:45 . 2009-07-23 03:45 152576 ----a-w- c:\documents and settings\Delacruz\Application Data\Sun\Java\jre1.6.0_11\lzma.dll
2009-07-23 01:21 . 2009-07-23 01:19 -------- d-----w- c:\documents and settings\Delacruz\Application Data\Dev-Cpp
2009-07-22 19:35 . 2009-07-22 19:35 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-07-22 19:35 . 2009-07-22 19:35 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-07-22 19:31 . 2009-07-22 19:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2009-07-22 19:22 . 2009-07-22 19:22 -------- d-----w- c:\program files\MSXML 6.0
2009-07-21 16:37 . 2009-07-21 02:45 -------- d-----w- c:\program files\Gravity
2009-07-20 01:09 . 2009-07-20 01:09 -------- d-----w- c:\program files\AhnLab
2009-07-18 07:09 . 2009-07-16 00:49 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-18 02:49 . 2009-07-16 03:53 -------- d-----w- c:\documents and settings\Delacruz\Application Data\Apple Computer
2009-07-18 00:29 . 2009-07-18 00:29 -------- d-----w- c:\documents and settings\Delacruz\Application Data\2K Sports
2009-07-17 04:12 . 2009-07-16 02:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-07-16 03:53 . 2009-07-16 03:53 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-16 03:53 . 2009-07-16 03:53 -------- d-----w- c:\program files\iPod
2009-07-16 03:53 . 2009-07-16 03:52 -------- d-----w- c:\program files\Common Files\Apple
2009-07-16 03:53 . 2009-07-16 03:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-16 03:53 . 2009-07-16 03:53 -------- d-----w- c:\program files\Bonjour
2009-07-16 03:53 . 2009-07-16 03:52 -------- d-----w- c:\program files\QuickTime
2009-07-16 03:52 . 2009-07-16 03:52 -------- d-----w- c:\program files\Apple Software Update
2009-07-16 03:38 . 2009-07-16 03:38 -------- d--h--r- c:\documents and settings\Delacruz\Application Data\SecuROM
2009-07-16 03:16 . 2009-07-16 03:16 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-07-16 03:14 . 2009-07-16 03:14 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-07-16 03:05 . 2009-07-16 02:45 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-16 03:03 . 2009-07-16 03:03 -------- d-----w- c:\program files\Adobe Media Player
2009-07-16 02:59 . 2009-07-16 02:59 -------- d-----w- c:\program files\Yahoo!
2009-07-16 02:57 . 2009-07-16 02:57 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-07-16 02:51 . 2009-07-16 02:51 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-07-16 02:40 . 2009-07-16 02:40 -------- d-----w- c:\program files\MSBuild
2009-07-16 02:36 . 2009-07-16 02:36 -------- d-----w- c:\program files\Reference Assemblies
2009-07-16 02:32 . 2009-07-16 02:31 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-07-16 02:31 . 2009-07-16 02:31 -------- d-----w- c:\documents and settings\Delacruz\Application Data\DAEMON Tools Pro
2009-07-16 02:27 . 2009-07-16 02:27 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-16 02:01 . 2009-07-16 02:01 -------- d-----w- c:\program files\AskBarDis
2009-07-16 01:45 . 2009-07-16 01:00 -------- d-----w- c:\program files\Realtek
2009-07-16 01:45 . 2009-07-16 01:45 319488 ----a-w- c:\windows\HideWin.exe
2009-07-16 01:38 . 2009-07-16 01:38 -------- d-----w- c:\documents and settings\Delacruz\Application Data\ATI
2009-07-16 01:38 . 2009-07-16 01:38 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-07-16 01:38 . 2009-07-16 01:38 -------- d-----w- c:\documents and settings\Delacruz\Application Data\Grasssoft
2009-07-16 01:36 . 2009-07-16 01:36 -------- d-----w- c:\program files\Intel
2009-07-16 01:35 . 2009-07-16 01:36 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-07-16 01:32 . 2009-07-16 01:21 -------- d-----w- c:\program files\ATI Technologies
2009-07-16 01:30 . 2009-07-16 01:30 -------- d-----w- c:\program files\GrassSoft
2009-07-16 01:29 . 2009-07-16 01:29 0 ----a-w- c:\windows\ativpsrm.bin
2009-07-16 01:23 . 2009-07-16 01:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Grasssoft
2009-07-16 01:22 . 2009-07-16 01:21 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-16 01:18 . 2009-07-16 01:18 0 ----a-w- c:\windows\nsreg.dat
2009-07-16 01:00 . 2009-07-16 01:00 -------- d-----w- c:\documents and settings\Delacruz\Application Data\InstallShield
2009-07-16 00:50 . 2009-07-16 00:50 -------- d-----w- c:\program files\microsoft frontpage
2009-07-16 00:47 . 2009-07-16 00:47 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-05 05:57 . 2009-06-05 05:57 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-05 03:42 . 2009-07-16 03:52 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-05 03:42 . 2009-07-16 03:52 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2004-08-03 22:56 . 2004-08-03 22:56 166896 --sha-r- c:\windows\system32\ddqkj.dll
.
------- Sigcheck -------
[7] 2004-08-03 21:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\system32\dllcache\tcpip.sys
[-] 2004-08-03 21:14 359040 6A603809F598332DBEDD535BDBCE313E c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 19:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"="d:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-07-16 306088]
"Camfrog"="d:\program files\Camfrog\Camfrog Video Chat\CamfrogNet.exe" [2009-06-16 41800]
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2009-07-16 288048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Flashget"="d:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^Delacruz^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\Delacruz\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"d:\\Program Files\\FlashGet\\flashget.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5506:TCP"= 5506:TCP:egswz
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7/16/2009 10:11 AM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/16/2009 10:11 AM 20560]
R2 Macro Expert;Macro Expert;c:\program files\GrassSoft\Macro Expert\MacroService.exe [5/18/2009 10:46 AM 212480]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [7/25/2009 3:19 AM 256512]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [7/25/2009 3:19 AM 398720]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [7/16/2009 10:01 AM 234888]
S2 geshfgvk;Server Driver;c:\windows\system32\svchost.exe -k netsvcs [8/4/2004 6:56 AM 14336]
S2 gupdate1ca14d65b4c8ec2;Google Update Service (gupdate1ca14d65b4c8ec2);c:\program files\Google\Update\GoogleUpdate.exe [8/4/2009 3:37 PM 133104]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Delacruz\LOCALS~1\Temp\HWY5.tmp --> c:\docume~1\Delacruz\LOCALS~1\Temp\HWY5.tmp [?]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
geshfgvk
.
Contents of the 'Scheduled Tasks' folder
2009-08-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 04:34]
2009-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-04 07:36]
2009-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-04 07:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.garena.com/portal/
uInternet Settings,ProxyOverride = *.local
IE: &Download All with FlashGet - d:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - d:\program files\FlashGet\jc_link.htm
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Delacruz\Application Data\Mozilla\Firefox\Profiles\be63pbhn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.ph/
FF - plugin: c:\documents and settings\Delacruz\Desktop\DivX\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: c:\documents and settings\Delacruz\Desktop\DivX\DivX Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: d:\program files\iTunes\Mozilla Plugins\npitunes.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-31 03:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Delacruz\LOCALS~1\Temp\HWY5.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\geshfgvk]
"ServiceDll"="c:\windows\system32\ddqkj.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-823518204-1592454029-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:7b,ba,6e,4f,e6,5f,f2,11,ab,d3,f3,61,7d,18,a0,03,af,72,48,29,5d,
41,df,92,85,99,f6,05,ac,0a,70,bb,f7,bf,a3,9a,6a,d0,0c,24,c3,f9,82,7f,54,39,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(784)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(720)
d:\program files\iTunes\iTunesMiniPlayer.dll
d:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
d:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
d:\program files\Alwil Software\Avast4\aswUpdSv.exe
d:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
d:\program files\Rockstar Games\Rockstar Games Social Club\1_1_3_0\RGSC.exe
d:\program files\Alwil Software\Avast4\ashMaiSv.exe
d:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\GrassSoft\Macro Expert\MacroServiceWnd.exe
c:\windows\system32\wscntfy.exe
d:\program files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Completion time: 2009-08-30 3:56 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-30 19:56
Pre-Run: 7,036,882,944 bytes free
Post-Run: 6,935,175,168 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
276
Can't access in microsoft and any antivirus site
Started by
shizzle08
, Aug 30 2009 02:00 PM
#1
Posted 30 August 2009 - 02:00 PM
shizzle08
-
- Member
-
- 1 posts
New Member
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
