Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

View previous topic View next topic Go down

Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 13th October 2009, 12:56 am

A few days ago, there was an icon on the bottom corner with a red circle and a white X insdie, i forgot the exact words but it did say that there was a virus, and when I clicked on it, it said the name was Sheur2.bjwn. So I ran AVG Free 8.5, healed it and it disappeared. Now, AVG no longer scans. And sometimes it just automatically quits. I had Hijack This and Malwarebytes' Anti-Malware installed and was working perfectly fine, but now when I click it it says:

"Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."

and also the icons for HiJackThis and Malwarebytes is this white screen picture. I went on safe mode to re-install Malwarebytes and HijacThis, and I installed Spybot Search and destroy too, but again, the above happen. And when on safe mode, when trying to open the programs, this black window pops up for a couple seconds then disappears.

The internet is also running slow, and it directs me to other websites.

I don't know what to do. I can't do the HijackThis log to post on here because it doesn't work. Please help me.

Here is what I can share:
Microsoft Windows XP Home Edition
Compaq Presario
Use Mozilla Firefox

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 13th October 2009, 8:16 am

Welcome to GeekPolice. We are here to save you money. Our expertise here can help you get rid of threats.

From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a Tech Staff member, administrator, or moderator. Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.

As this topic is for you only, I just need to issue a warning to outside readers:
Roger that Warning: Instructions issued in this topic are for this user only. We are not responsible for damages, so if you need help; please register for this site, and start a new topic requesting help.




Please download ComboFix by sUBs
[You must be registered and logged in to see this link.]

Please save the file to your Desktop, but rename it first:




Important information about ComboFix

Before the download:
  • Please copy and paste these instructions to Notepad and save to your Desktop, or print them - for easier access.
  • It is important to rename ComboFix before the download.
  • Please do not rename ComboFix to other names, but only the one indicated.

After the download:
  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". [You must be registered and logged in to see this link.] if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:
  • Double click on svchost.exe & follow the prompts.
  • It will attempt to install the Recovery Console:




  • When ComboFix finishes, it will produce a report for you.
  • Please post the "C:\Combo-Fix.txt" in your next reply.


Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 14th October 2009, 4:19 am

Thank You For Helping. Here is the log Report.

ComboFix 09-10-13.01 - Compaq_Owner 10/13/2009 20:53.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.91 [GMT -7:00]
Running from: c:\documents and settings\Compaq_Owner\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Compaq_Owner\Application Data\iniasd.txt
c:\documents and settings\Compaq_Owner\Application Data\lizkavd.exe
c:\documents and settings\Compaq_Owner\Application Data\seres.exe
c:\documents and settings\Compaq_Owner\Application Data\svcst.exe
c:\windows\Installer\12ff4ba1.msp
c:\windows\Installer\15df6f.msi
c:\windows\Installer\34166.msp
c:\windows\Installer\37e3f50.msi
c:\windows\Installer\4271fa41.msi
c:\windows\Installer\4271fa47.msi
c:\windows\Installer\4271faef.msi
c:\windows\Installer\4271fdfa.msi
c:\windows\Installer\4271fff7.msi
c:\windows\Installer\42720028.msi
c:\windows\Installer\4d3cc95.msi
c:\windows\Installer\4dde2.msi
c:\windows\Installer\509b129.msi
c:\windows\Installer\509b141.msp
c:\windows\Installer\55e95.msi
c:\windows\Installer\662cd.msi
c:\windows\Installer\794f789.msi
c:\windows\Installer\7cfba.msp
c:\windows\Installer\9a4a04.msi
c:\windows\Installer\b6b2e4.msi
c:\windows\Installer\c3b9ad.msp
c:\windows\Installer\e1e09.msi
c:\windows\Installer\e1e28.msi
c:\windows\Installer\e44a5.msp
c:\windows\Installer\ec4abfb.msi
c:\windows\system32\~.exe
c:\windows\system32\ps2.bat
c:\windows\win32k.sys

Infected copy of c:\windows\system32\eventlog.dll was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\eventlog.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}


((((((((((((((((((((((((( Files Created from 2009-09-14 to 2009-10-14 )))))))))))))))))))))))))))))))
.

2009-10-13 02:06 . 2009-10-13 02:06 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-10-12 20:38 . 2009-10-12 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-12 20:38 . 2009-10-12 20:39 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-11 21:11 . 2009-09-10 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-11 21:11 . 2009-10-12 20:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-11 21:11 . 2009-09-10 21:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-11 21:09 . 2009-10-11 21:09 -------- d-----w- c:\documents and settings\Administrator.RIVERA\Application Data\Malwarebytes
2009-10-11 21:07 . 2009-10-11 21:07 -------- d-----w- c:\documents and settings\Administrator.RIVERA\Local Settings\Application Data\AVG Security Toolbar
2009-10-10 18:16 . 2009-10-10 18:16 89552 --sh--w- c:\windows\system32\TerNa.exe
2009-10-10 18:16 . 2009-10-10 18:16 9216 ----a-w- C:\wridiint.exe
2009-10-10 18:15 . 2009-10-10 18:16 89552 ----a-w- C:\dvglbk.exe
2009-10-09 23:03 . 2009-10-09 23:03 -------- d-----w- c:\program files\Lame for Audacity
2009-10-09 22:16 . 2009-10-13 01:37 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Audacity
2009-10-09 22:16 . 2009-10-09 22:16 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2009-10-09 06:05 . 2009-10-09 06:07 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-10-08 17:51 . 2004-06-10 14:34 53693 ----a-r- c:\windows\UNDPX2A.sys
2009-10-08 17:51 . 2004-06-10 14:31 135168 ----a-r- c:\windows\UNDPX2A.exe
2009-10-08 17:51 . 2004-06-09 23:42 15429 ----a-r- c:\windows\system32\drivers\Sacm2A.sys
2009-10-04 06:18 . 2009-10-04 06:18 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Yahoo
2009-10-04 06:15 . 2009-10-04 06:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-10-04 04:57 . 2009-10-10 18:54 -------- d-----w- c:\program files\RegistryFix8
2009-09-26 03:34 . 2009-10-11 21:13 -------- d-----w- c:\program files\BitLord
2009-09-15 02:55 . 2009-09-15 02:56 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-14 03:37 . 2009-06-29 05:56 7620 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\wklnhst.dat
2009-10-13 05:45 . 2007-02-07 19:10 -------- d--h--w- c:\documents and settings\Compaq_Owner\Application Data\Move Networks
2009-10-10 20:15 . 2005-08-03 21:52 -------- d-----w- c:\program files\Easy Internet signup
2009-10-10 03:42 . 2005-11-18 10:22 60072 -c--a-w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-09 22:03 . 2005-12-09 03:17 -------- d-----w- c:\program files\Yahoo!
2009-10-04 06:17 . 2006-04-27 07:16 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Yahoo!
2009-09-29 08:33 . 2005-08-03 21:41 -------- d-----w- c:\program files\iTunes
2009-09-29 08:32 . 2005-08-03 21:41 -------- d-----w- c:\program files\iPod
2009-09-16 07:16 . 2009-03-28 09:19 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Apple Computer
2009-09-15 06:00 . 2009-08-06 04:40 -------- d-----w- c:\program files\PokerStars.NET
2009-09-15 02:51 . 2005-08-03 21:41 -------- d-----w- c:\program files\QuickTime
2009-09-15 02:49 . 2008-07-22 17:18 -------- d-----w- c:\program files\Common Files\Apple
2009-09-11 22:40 . 2009-06-15 20:34 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-08-17 08:03 . 2009-06-15 20:34 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-17 08:03 . 2009-06-15 20:34 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-17 08:03 . 2009-06-15 20:34 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-07 02:24 . 2004-08-04 12:00 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-07 02:24 . 2004-08-04 12:00 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-07 02:24 . 2008-10-16 22:09 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-07 02:24 . 2004-08-04 12:00 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-07 02:24 . 2004-08-04 12:00 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-07 02:24 . 2004-08-04 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-07 02:23 . 2004-08-04 12:00 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-07 02:23 . 2004-08-04 12:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-04 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 05:17 . 2009-08-03 05:17 2256 ----a-w- c:\windows\current_settings.bin
2009-07-25 12:23 . 2009-06-12 01:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-17 19:01 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2007-12-05 12:23 . 2007-12-05 12:24 774144 -c--a-w- c:\program files\RngInterstitial.dll
2007-01-16 07:32 . 2007-01-16 07:32 7168 -csha-w- c:\program files\Thumbs.db
2003-08-27 21:19 . 2009-06-08 07:19 36963 ----a-r- c:\program files\Common Files\SM1updtr.dll
.

((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 14th October 2009, 4:21 am

.
+ 2009-10-14 04:05 . 2009-10-14 04:05 16384 c:\windows\temp\Perflib_Perfdata_cf0.dat
+ 2009-10-14 04:04 . 2009-10-14 04:04 16384 c:\windows\temp\Perflib_Perfdata_3f4.dat
+ 2006-09-29 01:56 . 2006-09-29 01:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-09-29 03:13 . 2006-09-29 03:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 38400 c:\windows\system32\wpdshextres.dll
+ 2006-10-19 03:00 . 2006-10-19 03:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2004-08-11 15:45 . 2006-10-19 04:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2004-08-11 15:45 . 2006-10-19 04:47 35840 c:\windows\system32\wpdconns.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 99840 c:\windows\system32\wmpshell.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 37376 c:\windows\system32\wmdmps.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 33792 c:\windows\system32\wmdmlog.dll
+ 2004-08-04 12:00 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2009-08-02 23:36 . 2008-04-14 00:12 53760 c:\windows\system32\vfwwdm32.dll
+ 2008-10-22 09:47 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2004-08-04 19:00 . 2009-06-12 12:31 76288 c:\windows\system32\telnet.exe
+ 2005-08-03 21:19 . 2009-01-08 01:21 26144 c:\windows\system32\spupdsvc.exe
+ 2009-10-09 06:13 . 2007-07-27 17:41 16760 c:\windows\system32\spmsg.dll
+ 2009-10-02 16:03 . 2009-08-07 02:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2009-10-02 16:03 . 2009-08-07 02:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
- 2004-08-04 12:00 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll
+ 2004-08-04 12:00 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
+ 2004-08-04 12:00 . 2009-03-08 11:31 46592 c:\windows\system32\pngfilt.dll
+ 2005-06-25 05:43 . 2009-08-06 00:09 53640 c:\windows\system32\perfc009.dat
- 2005-06-25 05:43 . 2009-06-13 20:27 53640 c:\windows\system32\perfc009.dat
+ 2009-01-08 01:20 . 2009-01-08 01:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 24576 c:\windows\system32\nlsdl.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2004-08-04 12:00 . 2009-03-08 11:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-04 12:00 . 2009-03-08 11:31 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-04 12:00 . 2009-03-08 11:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 11:31 . 2009-07-03 17:09 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-08-02 23:27 . 2001-12-12 05:21 73728 c:\windows\system32\MMAviAx.dll
+ 2009-08-02 23:27 . 2005-12-12 22:57 32768 c:\windows\system32\MLPagAx.dll
+ 2009-08-02 23:25 . 1998-11-03 02:57 57856 c:\windows\system32\MASD32.DLL
- 2009-06-16 11:25 . 2009-06-16 11:25 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-06-16 11:25 . 2009-08-10 23:33 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-08-02 23:25 . 1998-11-03 02:57 27648 c:\windows\system32\MA32.DLL
+ 2004-08-04 12:00 . 2008-04-14 00:11 56320 c:\windows\system32\logevent.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 12288 c:\windows\system32\LMLRes.dll
+ 2004-08-04 12:00 . 2009-03-08 11:34 43008 c:\windows\system32\licmgr10.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 80896 c:\windows\system32\lfwmf13s.dll
+ 2009-08-02 23:25 . 2003-11-07 03:27 76800 c:\windows\system32\Lfwmf13n.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 64512 c:\windows\system32\lftga13s.dll
+ 2009-08-02 23:25 . 2003-11-05 05:40 24576 c:\windows\system32\lftga13n.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 65536 c:\windows\system32\lfpcx13s.dll
+ 2009-08-02 23:25 . 2003-11-05 05:40 65536 c:\windows\system32\Lfpct13n.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 59904 c:\windows\system32\lfpcd13s.dll
+ 2009-08-02 23:25 . 2003-11-05 02:37 73728 c:\windows\system32\lffax13n.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 70144 c:\windows\system32\lfbmp13s.dll
+ 2009-08-02 23:25 . 2003-11-05 05:40 30208 c:\windows\system32\lfbmp13n.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 11264 c:\windows\system32\LAPRXY.dll
+ 2004-08-04 12:00 . 2009-07-03 17:09 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 12:00 . 2009-03-08 11:32 94720 c:\windows\system32\inseng.dll
+ 2004-08-04 12:00 . 2009-03-08 11:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 36864 c:\windows\system32\ieudinit.exe
+ 2004-08-04 12:00 . 2009-03-08 11:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-04 12:00 . 2009-03-08 11:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 26112 c:\windows\system32\idndl.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 59904 c:\windows\system32\icardie.dll
+ 2004-08-04 12:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2009-09-15 02:48 . 2009-08-29 02:42 40448 c:\windows\system32\DRVSTORE\usbaapl_6DA28B91FF48C57089E4D2436654AFA4ECAD0622\usbaapl.sys
+ 2009-09-15 02:56 . 2009-05-18 21:17 26600 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
+ 2006-09-29 02:00 . 2006-09-29 02:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-09-29 01:55 . 2006-09-29 01:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2009-08-02 23:36 . 2008-04-13 18:46 19200 c:\windows\system32\drivers\WSTCODEC.SYS
+ 2004-08-11 15:45 . 2006-10-19 03:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2009-08-02 23:36 . 2006-02-09 18:17 52736 c:\windows\system32\drivers\wisboard.dll
+ 2009-08-02 23:37 . 2008-04-13 18:46 15232 c:\windows\system32\drivers\StreamIP.sys
+ 2009-08-02 23:36 . 2008-04-13 18:46 11136 c:\windows\system32\drivers\SLIP.sys
+ 2009-08-02 23:37 . 2008-04-13 18:46 10880 c:\windows\system32\drivers\NdisIP.sys
+ 2009-08-02 23:36 . 2008-04-13 18:46 85248 c:\windows\system32\drivers\NABTSFEC.sys
+ 2004-01-27 21:29 . 2004-01-27 21:29 23680 c:\windows\system32\drivers\mmc_2k.sys
+ 2004-08-04 19:00 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2005-03-08 01:52 . 2009-05-18 21:17 26600 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2004-01-27 21:39 . 2004-01-27 21:39 23680 c:\windows\system32\drivers\dvd_2k.sys
+ 2004-01-27 21:32 . 2004-01-27 21:32 24576 c:\windows\system32\drivers\cdralw2k.sys
+ 2004-01-27 21:34 . 2004-01-27 21:34 43008 c:\windows\system32\drivers\cdr4_xp.sys
+ 2009-08-02 23:36 . 2008-04-13 18:46 17024 c:\windows\system32\drivers\CCDECODE.sys
+ 2009-08-02 23:26 . 2005-02-24 00:40 11264 c:\windows\system32\drivers\asapiW2k.sys
+ 2009-09-11 22:23 . 2009-07-03 17:09 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-04 12:00 . 2009-08-07 02:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2004-08-04 12:00 . 2009-08-07 02:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2009-08-02 23:36 . 2008-04-13 18:46 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2004-08-04 12:00 . 2006-10-19 04:47 99840 c:\windows\system32\dllcache\wmpshell.dll
+ 2004-08-04 12:00 . 2006-10-19 04:46 64000 c:\windows\system32\dllcache\wmplayer.exe
+ 2004-08-04 12:00 . 2006-10-19 04:47 96256 c:\windows\system32\dllcache\wmpband.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 37376 c:\windows\system32\dllcache\wmdmps.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 33792 c:\windows\system32\dllcache\wmdmlog.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-08-02 23:36 . 2008-04-14 00:12 53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\system32\dllcache\telnet.exe
+ 2009-08-02 23:37 . 2008-04-13 18:46 15232 c:\windows\system32\dllcache\streamip.sys
+ 2009-08-02 23:36 . 2008-04-13 18:46 11136 c:\windows\system32\dllcache\slip.sys
- 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2009-08-02 23:37 . 2008-04-13 18:46 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2009-08-02 23:36 . 2008-04-13 18:46 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2004-08-04 12:00 . 2006-10-19 04:47 27136 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2009-09-11 22:23 . 2009-07-03 17:09 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 11264 c:\windows\system32\dllcache\LAPRXY.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2009-03-08 11:33 . 2009-07-03 17:09 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2009-03-08 11:24 . 2009-03-08 11:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-04 12:00 . 2009-08-07 02:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2009-08-02 23:36 . 2008-04-13 18:46 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\system32\dllcache\atl.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2004-08-04 12:00 . 2009-03-08 11:33 18944 c:\windows\system32\corpol.dll
+ 2004-01-27 21:39 . 2004-01-27 21:39 77824 c:\windows\system32\cdrtc.dll
+ 2004-01-27 21:39 . 2004-01-27 21:39 57344 c:\windows\system32\cdral.dll
+ 2009-08-02 23:27 . 2005-12-30 16:27 41472 c:\windows\system32\CacheX.dll
+ 2004-08-04 12:00 . 2009-06-10 14:13 84992 c:\windows\system32\avifil32.dll
- 2004-08-04 12:00 . 2008-04-14 00:11 84992 c:\windows\system32\avifil32.dll
- 2003-03-19 11:05 . 2003-03-19 11:05 89088 c:\windows\system32\atl71.dll
+ 2003-03-19 11:05 . 2003-03-19 12:05 89088 c:\windows\system32\atl71.dll
+ 2002-01-05 16:18 . 2002-01-05 18:18 84992 c:\windows\system32\ATL70.DLL
- 2002-01-05 16:18 . 2002-01-05 16:18 84992 c:\windows\system32\atl70.dll
+ 2009-08-02 23:26 . 2000-04-27 19:31 19456 c:\windows\system32\asapi.dll
+ 2004-08-04 12:00 . 2009-03-08 11:32 72704 c:\windows\system32\admparse.dll
+ 2009-03-28 09:33 . 2009-03-28 09:33 92160 c:\windows\Installer\c726f.msi
+ 2009-06-12 01:29 . 2009-06-12 01:29 98816 c:\windows\Installer\373463e.msi
+ 2009-06-12 01:29 . 2009-06-12 01:29 87552 c:\windows\Installer\3734632.msi
+ 2005-08-03 21:37 . 2005-08-03 21:37 72704 c:\windows\Installer\1ea04.msi
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\VideoWaveShortCut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\SoundEditorShortcut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\RetrieveShortcut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\PhotoSuiteShortcut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\NewShortcut6_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\NewShortcut1_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\MediaManagerShortcut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\LabelCreatorShortcut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\HomePage_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\EMC_Home_Desktop_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\DVDBuilderShortcut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\DiscCopierShortcut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\D2DShortcut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\CreatorShortcut_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\CaptureUtilityShortc_CB4544EAC18941FE9E3A76591DDB852B.exe
+ 2009-08-03 07:55 . 2009-08-03 07:55 25214 c:\windows\Installer\{CB4544EA-C189-41FE-9E3A-76591DDB852B}\ARPPRODUCTICON.exe
+ 2009-09-11 22:31 . 2009-03-08 11:33 12288 c:\windows\ie8updates\KB972260-IE8\xpshims.dll
+ 2009-09-11 22:31 . 2009-03-08 11:31 55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll
+ 2009-09-11 22:31 . 2009-03-08 11:33 25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll
+ 2009-09-11 22:27 . 2008-04-14 00:12 37888 c:\windows\ie8\url.dll
+ 2009-09-11 22:28 . 2009-03-08 21:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2009-09-11 22:27 . 2008-04-14 00:12 39424 c:\windows\ie8\pngfilt.dll
+ 2009-09-11 22:27 . 2008-04-14 00:12 96256 c:\windows\ie8\occache.dll
+ 2009-09-11 22:27 . 2008-04-13 16:26 56832 c:\windows\ie8\mshtmler.dll
+ 2009-09-11 22:27 . 2008-04-14 00:12 29184 c:\windows\ie8\mshta.exe
+ 2009-09-11 22:27 . 2008-04-14 00:11 22016 c:\windows\ie8\licmgr10.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 15872 c:\windows\ie8\jsproxy.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 96256 c:\windows\ie8\inseng.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 35840 c:\windows\ie8\imgutil.dll
+ 2009-09-11 22:27 . 2008-04-14 00:12 93184 c:\windows\ie8\iexplore.exe
+ 2009-09-11 22:27 . 2008-04-14 00:11 62976 c:\windows\ie8\iesetup.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 48640 c:\windows\ie8\iernonce.dll
+ 2009-09-11 22:27 . 2009-06-26 16:50 81920 c:\windows\ie8\ieencode.dll
+ 2009-09-11 22:27 . 2008-04-14 00:12 34304 c:\windows\ie8\ie4uinit.exe
+ 2009-09-11 22:27 . 2008-04-14 00:11 38912 c:\windows\ie8\hmmapi.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 35328 c:\windows\ie8\corpol.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 99840 c:\windows\ie8\advpack.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 61440 c:\windows\ie8\admparse.dll
+ 2005-08-03 15:57 . 2004-08-04 12:00 66048 c:\windows\I386\WINNT32.MSI
+ 2009-08-02 23:36 . 2006-01-24 22:17 30800 c:\windows\go7007fw.bin
- 2007-04-26 18:58 . 2004-08-11 15:45 96768 c:\windows\$NtUninstallWMFDist11$\logagent.exe
+ 2007-04-26 18:58 . 2008-06-10 17:17 96768 c:\windows\$NtUninstallWMFDist11$\logagent.exe
+ 2009-08-13 10:08 . 2008-04-14 00:11 58880 c:\windows\$NtUninstallKB973507$\atl.dll
+ 2009-07-29 10:04 . 2009-04-29 04:46 81920 c:\windows\$NtUninstallKB972260$\ieencode.dll
+ 2009-08-13 10:08 . 2008-04-14 00:11 84992 c:\windows\$NtUninstallKB971557$\avifil32.dll
+ 2009-08-26 10:01 . 2008-04-14 00:12 60416 c:\windows\$NtUninstallKB970653-v3$\tzchange.exe
+ 2009-08-26 10:01 . 2009-07-16 04:14 14336 c:\windows\$NtUninstallKB970653-v3$\spuninst\tzchange.dll
+ 2009-08-14 10:03 . 2008-04-14 00:12 49152 c:\windows\$NtUninstallKB968389$\wdigest.dll
+ 2009-08-14 10:03 . 2009-02-03 19:59 56832 c:\windows\$NtUninstallKB968389$\secur32.dll
+ 2009-08-14 10:03 . 2008-04-13 18:31 92288 c:\windows\$NtUninstallKB968389$\ksecdd.sys
+ 2009-07-15 10:01 . 2008-04-14 00:11 80896 c:\windows\$NtUninstallKB961371$\fontsub.dll
+ 2009-08-13 10:09 . 2008-04-14 00:12 75776 c:\windows\$NtUninstallKB960859$\telnet.exe
+ 2009-09-11 22:32 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973874-IE8\update\spcustom.dll
+ 2009-09-11 22:32 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973874-IE8\spmsg.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973869\update\spcustom.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973869\spmsg.dll
+ 2009-08-13 10:02 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973815\update\spcustom.dll
+ 2009-08-13 10:02 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973815\spmsg.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973507\update\spcustom.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973507\spmsg.dll
+ 2009-07-17 19:25 . 2009-07-17 19:25 58880 c:\windows\$hf_mig$\KB973507\SP3QFE\atl.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973354\update\spcustom.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973354\spmsg.dll
+ 2009-07-15 10:05 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB973346\update\spcustom.dll
+ 2009-07-15 10:05 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB973346\spmsg.dll
+ 2009-07-29 10:04 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB972260\update\spcustom.dll
+ 2009-07-29 10:04 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB972260\spmsg.dll
+ 2009-06-26 16:42 . 2009-06-26 16:42 81920 c:\windows\$hf_mig$\KB972260\SP3QFE\ieencode.dll
+ 2009-09-11 22:31 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB972260-IE8\update\spcustom.dll
+ 2009-09-11 22:31 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB972260-IE8\spmsg.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 12800 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\xpshims.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 55296 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\msfeedsbs.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 25600 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\jsproxy.dll
+ 2009-09-10 10:01 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB971961\update\spcustom.dll
+ 2009-09-10 10:01 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB971961\spmsg.dll
+ 2009-09-12 10:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971961-IE8\update\spcustom.dll
+ 2009-09-12 10:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971961-IE8\spmsg.dll
+ 2009-08-13 10:09 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971657\update\spcustom.dll
+ 2009-08-13 10:09 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971657\spmsg.dll
+ 2009-07-15 10:04 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971633\update\spcustom.dll
+ 2009-07-15 10:04 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971633\spmsg.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB971557\update\spcustom.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB971557\spmsg.dll
+ 2009-06-10 14:01 . 2009-06-10 14:01 84992 c:\windows\$hf_mig$\KB971557\SP3QFE\avifil32.dll
+ 2009-08-14 10:03 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB968389\update\spcustom.dll
+ 2009-08-14 10:03 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB968389\spmsg.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 54272 c:\windows\$hf_mig$\KB968389\SP3QFE\wdigest.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 56832 c:\windows\$hf_mig$\KB968389\SP3QFE\secur32.dll
+ 2009-06-24 10:28 . 2009-06-24 10:28 92928 c:\windows\$hf_mig$\KB968389\SP3QFE\ksecdd.sys
+ 2009-07-15 10:01 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB961371\update\spcustom.dll
+ 2009-07-15 10:01 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB961371\spmsg.dll
+ 2009-06-16 14:43 . 2009-06-16 14:43 81920 c:\windows\$hf_mig$\KB961371\SP3QFE\fontsub.dll
+ 2009-08-13 10:09 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB960859\update\spcustom.dll
+ 2009-08-13 10:09 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB960859\spmsg.dll
+ 2009-06-12 12:03 . 2009-06-12 12:03 80896 c:\windows\$hf_mig$\KB960859\SP3QFE\tlntsess.exe
+ 2009-06-12 12:03 . 2009-06-12 12:03 76288 c:\windows\$hf_mig$\KB960859\SP3QFE\telnet.exe
+ 2009-09-10 10:01 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB956844\update\spcustom.dll
+ 2009-09-10 10:01 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB956844\spmsg.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB956744\update\spcustom.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB956744\spmsg.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\wmvdmoe2.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\wmvdmod.dll
+ 2004-08-11 15:45 . 2006-10-19 04:47 4096 c:\windows\system32\WMVADVE.DLL
+ 2004-08-11 15:45 . 2006-10-19 04:47 4096 c:\windows\system32\WMVADVD.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\wmsdmoe2.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\wmsdmod.dll
+ 2004-08-11 15:45 . 2006-10-19 04:58 8704 c:\windows\system32\wdfmgr.exe
+ 2004-08-11 15:45 . 2006-10-19 04:47 4096 c:\windows\system32\wdfapi.dll
+ 2004-08-11 15:45 . 2006-10-19 04:58 8704 c:\windows\system32\uwdf.exe
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\MPG4DMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2009-08-02 23:37 . 2008-04-13 18:39 5504 c:\windows\system32\drivers\MSTEE.sys
+ 2007-01-31 13:33 . 2007-01-31 13:33 5632 c:\windows\system32\drivers\avgarkt.sys
+ 2009-06-25 04:50 . 2007-01-18 12:00 3968 c:\windows\system32\drivers\AvgArCln.sys
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\dllcache\wmvdmod.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\dllcache\wmsdmod.dll
+ 2009-08-02 23:37 . 2008-04-13 18:39 5504 c:\windows\system32\dllcache\mstee.sys
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\dllcache\MPG4DMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\dllcache\MP4SDMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 4096 c:\windows\system32\dllcache\MP43DMOD.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 7168 c:\windows\system32\dllcache\asferror.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 7168 c:\windows\system32\asferror.dll
+ 2009-09-11 22:32 . 2009-03-08 11:35 2048 c:\windows\ie8updates\KB973874-IE8\iecompat.dll
- 2009-04-01 03:05 . 2008-04-14 00:12 121856 c:\windows\system32\xmllite.dll
+ 2009-04-01 03:05 . 2009-01-08 01:21 121856 c:\windows\system32\xmllite.dll
+ 2006-09-29 01:56 . 2006-09-29 01:56 316416 c:\windows\system32\WUDFx.dll
+ 2006-09-29 01:56 . 2006-09-29 01:56 165376 c:\windows\system32\WudfPlatform.dll
+ 2006-09-29 01:56 . 2006-09-29 01:56 146432 c:\windows\system32\WudfHost.exe
+ 2004-08-11 15:45 . 2006-10-19 04:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2004-08-11 15:45 . 2006-10-19 04:47 154624 c:\windows\system32\wpdmtp.dll
+ 2004-08-11 15:45 . 2006-10-19 04:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 603648 c:\windows\system32\WMSPDMOD.dll
+ 2004-08-11 15:45 . 2006-10-19 04:47 204288 c:\windows\system32\wmpsrcwp.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 130048 c:\windows\system32\wmpps.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 613376 c:\windows\system32\wmpmde.dll
+ 2006-10-19 04:47 . 2008-06-25 01:12 295936 c:\windows\system32\wmpeffects.dll
+ 2004-08-04 12:00 . 2009-07-14 06:43 286208 c:\windows\system32\wmpdxm.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 242688 c:\windows\system32\wmpasf.dll
+ 2004-08-04 12:00 . 2008-06-18 12:03 938496 c:\windows\system32\WMNetmgr.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 157184 c:\windows\system32\wmidx.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 227328 c:\windows\system32\wmerror.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2004-08-11 15:45 . 2006-10-19 04:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2004-08-11 15:45 . 2006-10-19 04:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2004-08-04 12:00 . 2007-10-28 00:40 222720 c:\windows\system32\wmasf.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 757248 c:\windows\system32\WMADMOD.dll
+ 2004-08-04 12:00 . 2009-06-10 06:14 132096 c:\windows\system32\wkssvc.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 132096 c:\windows\system32\wkssvc.dll
+ 2004-08-04 12:00 . 2009-07-03 17:09 915456 c:\windows\system32\wininet.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-04 12:00 . 2009-03-08 11:34 236544 c:\windows\system32\webcheck.dll
+ 2004-08-04 12:00 . 2009-03-08 11:33 420352 c:\windows\system32\vbscript.dll
+ 2004-08-04 12:00 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2009-05-15 00:55 . 2009-05-15 00:55 245408 c:\windows\system32\unicows.dll
+ 2004-08-04 12:00 . 2009-06-16 14:36 119808 c:\windows\system32\t2embed.dll
+ 2004-08-04 12:00 . 2009-06-25 08:25 147456 c:\windows\system32\schannel.dll
+ 2009-08-02 23:27 . 2005-12-12 22:57 155721 c:\windows\system32\RALMain.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 211456 c:\windows\system32\qasf.dll
+ 2009-08-02 23:26 . 2003-11-10 23:06 406016 c:\windows\system32\PSDrvCheck.exe
+ 2006-10-19 04:47 . 2006-10-19 04:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 284160 c:\windows\system32\PortableDeviceApi.dll
- 2005-06-25 05:43 . 2009-06-13 20:27 382022 c:\windows\system32\perfh009.dat
+ 2005-06-25 05:43 . 2009-08-06 00:09 382022 c:\windows\system32\perfh009.dat
+ 2004-08-04 12:00 . 2009-07-03 17:09 206848 c:\windows\system32\occache.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 321536 c:\windows\system32\mswmdm.dll
- 2003-02-21 18:42 . 2003-02-21 18:42 348160 c:\windows\system32\msvcr71.dll
+ 2003-02-21 18:42 . 2003-09-10 22:36 348160 c:\windows\system32\Msvcr71.dll
+ 2002-01-05 17:37 . 2002-01-05 19:37 344064 c:\windows\system32\MSVCR70.DLL
- 2002-01-05 17:37 . 2002-01-05 17:37 344064 c:\windows\system32\msvcr70.dll
- 2003-03-19 12:14 . 2003-03-19 12:14 499712 c:\windows\system32\msvcp71.dll
+ 2003-03-19 12:14 . 2003-09-10 22:36 499712 c:\windows\system32\msvcp71.dll
+ 2002-01-05 17:40 . 2002-01-05 19:40 487424 c:\windows\system32\MSVCP70.DLL
- 2002-01-05 17:40 . 2002-01-05 17:40 487424 c:\windows\system32\msvcp70.dll
+ 2004-08-04 12:00 . 2009-06-25 08:25 136192 c:\windows\system32\msv1_0.dll
+ 2004-08-04 12:00 . 2009-03-08 11:32 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 12:00 . 2006-12-04 23:21 414720 c:\windows\system32\msscp.dll
+ 2004-08-04 12:00 . 2009-03-08 11:34 193536 c:\windows\system32\msrating.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 175616 c:\windows\system32\mspmsp.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 179712 c:\windows\system32\msnetobj.dll
+ 2004-08-04 12:00 . 2009-03-08 11:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 11:32 . 2009-07-03 17:09 594432 c:\windows\system32\msfeeds.dll
+ 2006-10-02 22:28 . 2006-10-02 22:28 312128 c:\windows\system32\msdelta.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 265720 c:\windows\system32\msdbg2.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 212992 c:\windows\system32\MFPLAT.dll
+ 2009-08-02 23:25 . 1998-11-03 02:57 138752 c:\windows\system32\MASE32.DLL
+ 2009-08-02 23:25 . 1998-11-03 02:57 136192 c:\windows\system32\MAMC32.DLL
+ 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-07-18 03:12 . 2009-07-18 03:12 257440 c:\windows\system32\Macromed\Flash\FlashUtil10c.exe

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 14th October 2009, 4:21 am

+ 2009-08-02 23:25 . 1998-11-03 02:57 196096 c:\windows\system32\MACD32.DLL
+ 2009-08-02 23:25 . 2004-03-03 18:50 306352 c:\windows\system32\Ltrio13n.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 930992 c:\windows\system32\Ltr13n.dll
+ 2009-08-02 23:25 . 2003-11-05 02:37 453120 c:\windows\system32\ltkrn13n.dll
+ 2009-08-02 23:25 . 2003-11-05 05:40 153088 c:\windows\system32\ltfil13n.DLL
+ 2004-08-04 12:00 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2004-08-04 12:00 . 2008-06-18 08:09 100864 c:\windows\system32\logagent.exe
+ 2009-08-02 23:25 . 2004-03-03 18:50 884736 c:\windows\system32\LMUIRes.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 167936 c:\windows\system32\lftif13s.dll
+ 2009-08-02 23:25 . 2003-11-05 05:40 143360 c:\windows\system32\lftif13n.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 110080 c:\windows\system32\lfpsd13s.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 105984 c:\windows\system32\lfpct13s.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 283648 c:\windows\system32\LFJ2K13s.dll
+ 2009-08-02 23:25 . 2003-11-05 05:40 278016 c:\windows\system32\LFJ2K13n.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 116224 c:\windows\system32\lffax13s.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 409600 c:\windows\system32\LFCMP13s.DLL
+ 2009-08-02 23:25 . 2003-11-14 05:41 393216 c:\windows\system32\LFCMP13n.DLL
+ 2004-08-04 12:00 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
+ 2004-08-04 12:00 . 2009-06-22 06:44 726528 c:\windows\system32\jscript.dll
+ 2009-08-11 07:56 . 2009-07-25 12:23 149280 c:\windows\system32\javaws.exe
+ 2009-08-11 07:56 . 2009-07-25 12:23 145184 c:\windows\system32\javaw.exe
+ 2009-08-11 07:56 . 2009-07-25 12:23 145184 c:\windows\system32\java.exe
+ 2009-03-08 11:22 . 2009-03-08 11:22 164352 c:\windows\system32\ieui.dll
+ 2004-08-04 12:00 . 2009-07-03 17:09 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2009-07-03 17:09 386048 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 11:11 . 2009-03-08 11:11 445952 c:\windows\system32\ieapfltr.dll
+ 2004-08-04 12:00 . 2009-03-08 11:32 163840 c:\windows\system32\ieakui.dll
+ 2004-08-04 12:00 . 2009-03-08 11:33 229376 c:\windows\system32\ieaksie.dll
+ 2004-08-04 12:00 . 2009-03-08 11:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-04 12:00 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe
+ 2005-03-08 01:52 . 2008-04-17 20:12 107368 c:\windows\system32\GEARAspi.dll
- 2005-03-08 01:52 . 2008-04-17 19:12 107368 c:\windows\system32\GEARAspi.dll
+ 2005-06-25 05:42 . 2009-10-10 15:49 221632 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-04 12:00 . 2009-03-08 11:31 216064 c:\windows\system32\dxtrans.dll
+ 2004-08-04 12:00 . 2009-03-08 11:31 348160 c:\windows\system32\dxtmsft.dll
+ 2009-09-15 02:56 . 2008-04-17 20:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspi.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 991744 c:\windows\system32\drmv2clt.dll
+ 2006-10-19 03:00 . 2006-10-19 03:00 249856 c:\windows\system32\drmupgds.exe
+ 2009-08-02 23:36 . 2006-02-07 18:49 197632 c:\windows\system32\drivers\wisgostrm.sys
+ 2006-10-19 04:47 . 2006-10-19 04:47 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2004-01-27 21:29 . 2004-01-27 21:29 197632 c:\windows\system32\drivers\Udfreadr.sys
+ 2004-01-27 21:16 . 2004-01-27 21:16 117248 c:\windows\system32\drivers\Pwd_2k.sys
+ 2009-08-02 23:26 . 2005-06-03 01:28 171008 c:\windows\system32\drivers\MarvinBus.sys
+ 2004-01-27 21:34 . 2004-01-27 21:34 140416 c:\windows\system32\drivers\DVDVRRdr_xp.sys
+ 2004-01-27 21:40 . 2004-01-27 21:40 284928 c:\windows\system32\drivers\Cdudf_xp.sys
+ 2004-08-04 12:00 . 2009-08-07 02:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2004-08-04 12:00 . 2009-08-07 02:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2004-08-04 12:00 . 2009-08-07 02:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 603648 c:\windows\system32\dllcache\WMSPDMOD.dll
+ 2004-08-04 12:00 . 2009-07-14 06:43 286208 c:\windows\system32\dllcache\wmpdxm.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 242688 c:\windows\system32\dllcache\wmpasf.dll
+ 2004-08-04 12:00 . 2008-06-18 12:03 938496 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 157184 c:\windows\system32\dllcache\wmidx.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 227328 c:\windows\system32\dllcache\wmerror.dll
+ 2004-08-04 12:00 . 2007-10-28 00:40 222720 c:\windows\system32\dllcache\wmasf.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 757248 c:\windows\system32\dllcache\WMADMOD.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2009-04-29 04:46 . 2009-07-03 17:09 915456 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2008-05-09 10:53 . 2009-03-08 11:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-04 12:00 . 2007-06-27 05:10 317440 c:\windows\system32\dllcache\unregmp2.exe
+ 2009-09-09 23:04 . 2009-06-21 21:44 153088 c:\windows\system32\dllcache\triedit.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 211456 c:\windows\system32\dllcache\qasf.dll
+ 2009-03-08 11:34 . 2009-07-03 17:09 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 321536 c:\windows\system32\dllcache\mswmdm.dll
+ 2009-08-05 09:01 . 2009-08-05 09:01 204800 c:\windows\system32\dllcache\mswebdvd.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 12:00 . 2006-12-04 23:21 414720 c:\windows\system32\dllcache\msscp.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 175616 c:\windows\system32\dllcache\mspmsp.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 179712 c:\windows\system32\dllcache\msnetobj.dll
+ 2004-08-04 12:00 . 2009-03-08 11:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2009-09-11 22:23 . 2009-07-03 17:09 594432 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 243712 c:\windows\system32\dllcache\mpvis.dll
+ 2009-06-13 02:40 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-04 12:00 . 2008-06-18 08:09 100864 c:\windows\system32\dllcache\logagent.exe
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-05-09 10:53 . 2009-06-22 06:44 726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-03-08 21:09 . 2009-03-08 21:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2009-09-11 22:23 . 2009-07-03 17:09 246272 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-03-08 11:31 . 2009-07-03 17:09 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 21:09 . 2009-07-03 17:09 386048 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-09-11 22:23 . 2009-08-07 08:48 100352 c:\windows\system32\dllcache\iecompat.dll
+ 2004-08-04 12:00 . 2009-03-08 11:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2009-03-08 11:33 . 2009-03-08 11:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2009-03-08 11:32 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 991744 c:\windows\system32\dllcache\drmv2clt.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 229376 c:\windows\system32\dllcache\cewmdm.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 542720 c:\windows\system32\dllcache\blackbox.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2009-08-02 23:27 . 2005-12-12 22:57 204881 c:\windows\system32\DiskIO.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 229376 c:\windows\system32\cewmdm.dll
+ 2003-08-20 18:36 . 2003-08-20 18:36 761856 c:\windows\system32\CDDBUIRoxio.dll
+ 2003-08-20 18:33 . 2003-08-20 18:33 589824 c:\windows\system32\CDDBControlRoxio.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 542720 c:\windows\system32\blackbox.dll
+ 2009-08-02 23:27 . 2004-01-02 19:28 126976 c:\windows\system32\AVIPrAx.dll
+ 2004-08-04 12:00 . 2009-03-08 11:32 128512 c:\windows\system32\advpack.dll
+ 2009-04-01 03:03 . 2004-08-04 12:00 366080 c:\windows\ServicePackFiles\i386\digreqex.msi
+ 2009-04-01 03:03 . 2004-08-04 12:00 863232 c:\windows\ServicePackFiles\i386\digopt.msi
+ 2005-06-25 05:42 . 2005-06-25 05:42 264704 c:\windows\Installer\91e3.msi
+ 2009-06-15 20:34 . 2009-06-15 20:34 337408 c:\windows\Installer\4dfae94.msi
+ 2005-08-03 21:14 . 2005-08-03 21:14 227840 c:\windows\Installer\4a0e2.msi
+ 2009-06-12 01:29 . 2009-06-12 01:29 103936 c:\windows\Installer\3734638.msi
+ 2009-06-12 01:29 . 2009-06-12 01:29 230912 c:\windows\Installer\373462c.msi
+ 2009-06-12 01:26 . 2009-06-12 01:27 598016 c:\windows\Installer\3734621.msi
+ 2009-03-31 11:05 . 2009-03-31 11:05 432640 c:\windows\Installer\21c67a6.msi
+ 2005-08-03 21:37 . 2005-08-03 21:37 656896 c:\windows\Installer\1e9fe.msi
+ 2005-08-03 21:37 . 2005-08-03 21:37 564224 c:\windows\Installer\1e9f4.msi
+ 2005-08-03 21:35 . 2005-08-03 21:35 589312 c:\windows\Installer\1e9e8.msi
+ 2005-08-03 21:34 . 2005-08-03 21:34 320512 c:\windows\Installer\1e9e2.msi
+ 2005-08-03 21:34 . 2005-08-03 21:34 746496 c:\windows\Installer\1e9dc.msi
+ 2005-08-03 21:29 . 2005-08-03 21:29 227328 c:\windows\Installer\1e960.msi
+ 2005-08-03 21:29 . 2005-08-03 21:29 226816 c:\windows\Installer\1e958.msi
+ 2009-09-15 02:49 . 2009-09-15 02:49 694272 c:\windows\Installer\1cb7559.msi
+ 2009-05-20 21:08 . 2009-05-20 21:08 156672 c:\windows\Installer\1c71f470.msi
+ 2005-08-03 21:26 . 2005-08-03 21:26 976384 c:\windows\Installer\1bac4.msi
+ 2009-09-29 08:34 . 2009-09-29 08:34 102400 c:\windows\Installer\{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}\iTunesIco.exe
+ 2004-08-04 12:00 . 2007-06-27 05:10 317440 c:\windows\inf\unregmp2.exe
+ 2009-09-11 22:32 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB973874-IE8\spuninst\updspapi.dll
+ 2009-09-11 22:32 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB973874-IE8\spuninst\spuninst.exe
+ 2009-09-11 22:31 . 2009-03-08 11:34 914944 c:\windows\ie8updates\KB972260-IE8\wininet.dll
+ 2009-09-11 22:31 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll
+ 2009-09-11 22:31 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe
+ 2009-09-11 22:31 . 2009-03-08 11:34 109568 c:\windows\ie8updates\KB972260-IE8\occache.dll
+ 2009-09-11 22:31 . 2009-03-08 11:32 594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll
+ 2009-09-11 22:31 . 2009-03-08 11:33 246784 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll
+ 2009-09-11 22:31 . 2009-03-08 11:31 183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll
+ 2009-09-11 22:31 . 2009-03-08 21:09 391536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll
+ 2009-09-11 22:31 . 2009-03-08 11:32 173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe
+ 2009-09-12 10:02 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2009-09-12 10:02 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2009-09-12 10:02 . 2009-03-08 11:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2009-09-11 22:27 . 2009-06-26 16:50 666624 c:\windows\ie8\wininet.dll
+ 2009-09-11 22:27 . 2008-04-14 00:12 276480 c:\windows\ie8\webcheck.dll
+ 2009-09-11 22:27 . 2008-04-14 00:12 851968 c:\windows\ie8\vgx.dll
+ 2009-09-11 22:27 . 2008-05-09 10:53 430080 c:\windows\ie8\vbscript.dll
+ 2009-09-11 22:27 . 2009-06-26 16:50 620032 c:\windows\ie8\urlmon.dll
+ 2009-09-11 22:28 . 2009-01-08 01:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2009-09-11 22:28 . 2009-01-08 01:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-09-11 22:27 . 2006-09-07 00:43 213216 c:\windows\ie8\spuninst.exe
+ 2009-09-11 22:27 . 2008-04-14 00:12 532480 c:\windows\ie8\mstime.dll
+ 2009-09-11 22:27 . 2008-04-14 00:12 146432 c:\windows\ie8\msrating.dll
+ 2009-09-11 22:27 . 2004-08-04 12:00 146432 c:\windows\ie8\msls31.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 449024 c:\windows\ie8\mshtmled.dll
+ 2009-09-11 22:27 . 2009-08-13 15:16 512000 c:\windows\ie8\jscript.dll
+ 2009-09-11 22:27 . 2007-08-14 01:54 287744 c:\windows\ie8\ieproxy.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 251904 c:\windows\ie8\iepeers.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 323584 c:\windows\ie8\iedkcs32.dll
+ 2009-09-11 22:27 . 2004-08-04 12:00 221184 c:\windows\ie8\ieakui.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 216576 c:\windows\ie8\ieaksie.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 143360 c:\windows\ie8\ieakeng.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 205312 c:\windows\ie8\dxtrans.dll
+ 2009-09-11 22:27 . 2008-04-14 00:11 357888 c:\windows\ie8\dxtmsft.dll
+ 2009-08-02 23:36 . 2006-01-24 22:17 143540 c:\windows\go7007sb.bin
+ 2007-06-13 06:30 . 2009-07-13 17:08 286720 c:\windows\$NtUninstallwmp11$\wmpdxm.dll
- 2007-04-26 18:58 . 2007-10-28 00:40 227328 c:\windows\$NtUninstallWMFDist11$\wmasf.dll
+ 2007-04-26 18:58 . 2007-10-28 01:40 227328 c:\windows\$NtUninstallWMFDist11$\wmasf.dll
- 2007-04-26 18:58 . 2004-08-04 12:00 240640 c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2007-04-26 18:58 . 2008-04-14 00:11 240640 c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB973869$\spuninst\updspapi.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe
+ 2009-08-13 10:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973815$\spuninst\updspapi.dll
+ 2009-08-13 10:02 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe
+ 2009-08-13 10:02 . 2008-04-14 00:12 203776 c:\windows\$NtUninstallKB973815$\mswebdvd.dll
+ 2009-08-13 10:07 . 2004-08-11 15:45 282624 c:\windows\$NtUninstallKB973540_WM9$\wmpdxm.dll
+ 2009-08-13 10:07 . 2007-07-27 17:41 382840 c:\windows\$NtUninstallKB973540_WM9$\spuninst\updspapi.dll
+ 2009-08-13 10:07 . 2007-07-27 17:41 231288 c:\windows\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe
+ 2009-08-13 10:08 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973507$\spuninst\updspapi.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe
+ 2009-08-13 10:08 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973354$\spuninst\updspapi.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe
+ 2009-07-15 10:05 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB973346$\spuninst\updspapi.dll
+ 2009-07-15 10:05 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB973346$\spuninst\spuninst.exe
+ 2009-07-29 10:04 . 2009-04-29 04:46 666624 c:\windows\$NtUninstallKB972260$\wininet.dll
+ 2009-07-29 10:04 . 2009-04-29 04:46 620032 c:\windows\$NtUninstallKB972260$\urlmon.dll
+ 2009-07-29 10:04 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB972260$\spuninst\updspapi.dll
+ 2009-07-29 10:04 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB972260$\spuninst\spuninst.exe
+ 2009-09-10 10:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971961$\spuninst\updspapi.dll
+ 2009-09-10 10:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB971961$\spuninst\spuninst.exe
+ 2009-09-10 10:01 . 2008-05-09 10:53 512000 c:\windows\$NtUninstallKB971961$\jscript.dll
+ 2009-08-13 10:08 . 2008-04-14 00:12 132096 c:\windows\$NtUninstallKB971657$\wkssvc.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971657$\spuninst\updspapi.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe
+ 2009-07-15 10:04 . 2008-07-09 07:38 382840 c:\windows\$NtUninstallKB971633$\spuninst\updspapi.dll
+ 2009-07-15 10:04 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971633$\spuninst\spuninst.exe
+ 2009-08-13 10:08 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971557$\spuninst\updspapi.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe
+ 2009-08-26 10:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB970653-v3$\spuninst\updspapi.dll
+ 2009-08-26 10:01 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB970653-v3$\spuninst\spuninst.exe
+ 2009-09-10 10:01 . 2007-07-27 17:41 382840 c:\windows\$NtUninstallKB968816_WM9$\spuninst\updspapi.dll
+ 2009-09-10 10:01 . 2007-07-27 17:41 231288 c:\windows\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe
+ 2009-08-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB968389$\spuninst\updspapi.dll
+ 2009-08-14 10:03 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB968389$\spuninst\spuninst.exe
+ 2009-08-14 10:03 . 2008-12-05 06:54 144896 c:\windows\$NtUninstallKB968389$\schannel.dll
+ 2009-08-14 10:03 . 2008-04-14 00:12 132608 c:\windows\$NtUninstallKB968389$\msv1_0.dll
+ 2009-08-14 10:03 . 2009-02-09 12:10 729088 c:\windows\$NtUninstallKB968389$\lsasrv.dll
+ 2009-08-14 10:03 . 2008-04-14 00:11 299520 c:\windows\$NtUninstallKB968389$\kerberos.dll
+ 2009-07-15 10:01 . 2008-04-14 00:12 117760 c:\windows\$NtUninstallKB961371$\t2embed.dll
+ 2009-07-15 10:01 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB961371$\spuninst\updspapi.dll
+ 2009-07-15 10:01 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB961371$\spuninst\spuninst.exe
+ 2009-08-13 10:09 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB960859$\spuninst\updspapi.dll
+ 2009-08-13 10:09 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe
+ 2009-09-10 10:01 . 2008-04-14 00:12 153088 c:\windows\$NtUninstallKB956844$\triedit.dll
+ 2009-09-10 10:01 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB956844$\spuninst\updspapi.dll
+ 2009-09-10 10:01 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe
+ 2009-08-13 10:08 . 2008-07-08 13:02 382840 c:\windows\$NtUninstallKB956744$\spuninst\updspapi.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB956744$\spuninst\spuninst.exe
+ 2009-09-11 22:32 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973874-IE8\update\updspapi.dll
+ 2009-09-11 22:32 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973874-IE8\update\update.exe
+ 2009-09-11 22:32 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973874-IE8\spuninst.exe
+ 2009-09-11 22:23 . 2009-08-07 08:00 100352 c:\windows\$hf_mig$\KB973874-IE8\SP3QFE\iecompat.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973869\update\updspapi.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973869\update\update.exe
+ 2009-08-13 10:08 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973869\spuninst.exe
+ 2009-08-13 10:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973815\update\updspapi.dll
+ 2009-08-13 10:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973815\update\update.exe
+ 2009-08-13 10:02 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973815\spuninst.exe
+ 2009-08-05 08:52 . 2009-08-05 08:52 204800 c:\windows\$hf_mig$\KB973815\SP3QFE\mswebdvd.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973507\update\updspapi.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973507\update\update.exe
+ 2009-08-13 10:08 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973507\spuninst.exe
+ 2009-08-13 10:08 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973354\update\updspapi.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973354\update\update.exe
+ 2009-08-13 10:08 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973354\spuninst.exe
+ 2009-07-15 10:05 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB973346\update\updspapi.dll
+ 2009-07-15 10:05 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB973346\update\update.exe
+ 2009-07-15 10:05 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB973346\spuninst.exe
+ 2009-07-29 10:04 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB972260\update\updspapi.dll
+ 2009-07-29 10:04 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB972260\update\update.exe
+ 2009-07-29 10:04 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB972260\spuninst.exe
+ 2009-06-26 16:42 . 2009-06-26 16:42 668160 c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll
+ 2009-06-26 16:42 . 2009-06-26 16:42 620544 c:\windows\$hf_mig$\KB972260\SP3QFE\urlmon.dll
+ 2009-09-11 22:31 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB972260-IE8\update\updspapi.dll
+ 2009-09-11 22:31 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB972260-IE8\update\update.exe
+ 2009-09-11 22:31 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB972260-IE8\spuninst.exe
+ 2009-09-11 22:23 . 2009-07-03 17:06 915456 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 206848 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\occache.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 594432 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\msfeeds.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 246272 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\ieproxy.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 184320 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\iepeers.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 386048 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\iedkcs32.dll
+ 2009-09-11 22:23 . 2009-07-03 11:38 173056 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\ie4uinit.exe
+ 2009-09-10 10:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971961\update\updspapi.dll
+ 2009-09-10 10:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971961\update\update.exe
+ 2009-09-10 10:01 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB971961\spuninst.exe
+ 2009-09-09 23:04 . 2009-08-13 15:02 512000 c:\windows\$hf_mig$\KB971961\SP3QFE\jscript.dll
+ 2009-09-12 10:02 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB971961-IE8\update\updspapi.dll
+ 2009-09-12 10:02 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB971961-IE8\update\update.exe
+ 2009-09-12 10:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971961-IE8\spuninst.exe
+ 2009-09-12 05:48 . 2009-06-22 06:47 726528 c:\windows\$hf_mig$\KB971961-IE8\SP3QFE\jscript.dll
+ 2009-08-13 10:09 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971657\update\updspapi.dll
+ 2009-08-13 10:09 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971657\update\update.exe
+ 2009-08-13 10:09 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971657\spuninst.exe
+ 2009-06-10 06:17 . 2009-06-10 06:17 134144 c:\windows\$hf_mig$\KB971657\SP3QFE\wkssvc.dll
+ 2009-07-15 10:04 . 2008-07-09 07:38 382840 c:\windows\$hf_mig$\KB971633\update\updspapi.dll
+ 2009-07-15 10:04 . 2008-07-09 07:38 755576 c:\windows\$hf_mig$\KB971633\update\update.exe
+ 2009-07-15 10:04 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971633\spuninst.exe
+ 2009-08-13 10:08 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971557\update\updspapi.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971557\update\update.exe
+ 2009-08-13 10:08 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB971557\spuninst.exe
+ 2009-08-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB968389\update\updspapi.dll
+ 2009-08-14 10:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB968389\update\update.exe
+ 2009-08-14 10:03 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB968389\spuninst.exe
+ 2009-06-25 08:41 . 2009-06-25 08:41 147456 c:\windows\$hf_mig$\KB968389\SP3QFE\schannel.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 136704 c:\windows\$hf_mig$\KB968389\SP3QFE\msv1_0.dll
+ 2009-06-26 09:41 . 2009-06-26 09:41 730112 c:\windows\$hf_mig$\KB968389\SP3QFE\lsasrv.dll
+ 2009-06-25 08:41 . 2009-06-25 08:41 301568 c:\windows\$hf_mig$\KB968389\SP3QFE\kerberos.dll
+ 2009-07-15 10:01 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB961371\update\updspapi.dll
+ 2009-07-15 10:01 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB961371\update\update.exe
+ 2009-07-15 10:01 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB961371\spuninst.exe
+ 2009-06-16 14:43 . 2009-06-16 14:43 119808 c:\windows\$hf_mig$\KB961371\SP3QFE\t2embed.dll
+ 2009-08-13 10:09 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB960859\update\updspapi.dll
+ 2009-08-13 10:09 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB960859\update\update.exe
+ 2009-08-13 10:09 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB960859\spuninst.exe
+ 2009-09-10 10:01 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956844\update\updspapi.dll
+ 2009-09-10 10:01 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB956844\update\update.exe
+ 2009-09-10 10:01 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956844\spuninst.exe
+ 2009-09-09 23:04 . 2009-06-21 21:49 153088 c:\windows\$hf_mig$\KB956844\SP3QFE\triedit.dll
+ 2009-08-13 10:08 . 2008-07-08 13:02 382840 c:\windows\$hf_mig$\KB956744\update\updspapi.dll
+ 2009-08-13 10:08 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB956744\update\update.exe
+ 2009-08-13 10:08 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB956744\spuninst.exe
+ 2006-10-19 04:47 . 2006-10-19 04:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 1574912 c:\windows\system32\WMVENCOD.dll
+ 2006-10-19 04:47 . 2006-10-19 04:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2004-08-04 12:00 . 2009-05-20 11:56 2458112 c:\windows\system32\WMVCore.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 8231936 c:\windows\system32\wmploc.dll
+ 2004-08-11 15:45 . 2006-10-19 04:47 1661440 c:\windows\system32\wmpencen.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2004-08-04 12:00 . 2004-08-04 12:00 1326080 c:\windows\system32\webfldrs.msi
+ 2004-08-04 12:00 . 2009-07-03 17:09 1208832 c:\windows\system32\urlmon.dll
+ 2004-08-04 12:00 . 2009-07-18 16:05 1509888 c:\windows\system32\shdocvw.dll
+ 2004-08-04 12:00 . 2009-06-03 19:09 1291264 c:\windows\system32\quartz.dll
+ 2004-08-04 12:00 . 2009-06-10 16:19 2066432 c:\windows\system32\mstscax.dll
+ 2004-08-04 12:00 . 2009-07-19 13:18 5937152 c:\windows\system32\mshtml.dll
+ 2003-03-19 11:20 . 2003-03-19 14:20 1060864 c:\windows\system32\MFC71.dll
- 2003-03-19 11:20 . 2003-03-19 11:20 1060864 c:\windows\system32\mfc71.dll
+ 2009-07-18 03:21 . 2009-07-18 03:21 3883424 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 1013248 c:\windows\system32\Ltwvc13n.dll
+ 2009-08-02 23:25 . 2004-03-03 18:50 2079232 c:\windows\system32\LTCLR13s.dll
+ 2009-08-02 23:25 . 2003-11-05 02:37 1693696 c:\windows\system32\LTCLR13n.dll
+ 2009-03-08 11:32 . 2009-07-03 17:09 1985536 c:\windows\system32\iertutil.dll
+ 2009-02-07 04:07 . 2009-02-07 04:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2009-09-15 02:48 . 2009-08-29 02:42 2065696 c:\windows\system32\DRVSTORE\usbaapl_6DA28B91FF48C57089E4D2436654AFA4ECAD0622\usbaaplrc.dll
+ 2004-08-04 12:00 . 2009-08-07 02:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2004-08-04 12:00 . 2009-05-20 11:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 1329152 c:\windows\system32\dllcache\WMSPDMOE.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 8231936 c:\windows\system32\dllcache\wmploc.dll
+ 2004-08-04 12:00 . 2006-10-19 04:47 1117696 c:\windows\system32\dllcache\WMADMOE.dll
+ 2009-04-29 04:46 . 2009-07-03 17:09 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2009-04-29 04:46 . 2009-07-18 16:05 1509888 c:\windows\system32\dllcache\shdocvw.dll
+ 2004-08-04 12:00 . 2006-11-02 01:31 1669120 c:\windows\system32\dllcache\setup_wm.exe
+ 2008-12-20 22:14 . 2009-06-03 19:09 1291264 c:\windows\system32\dllcache\quartz.dll
+ 2004-08-04 12:00 . 2009-06-10 16:19 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2009-08-13 04:53 . 2009-07-10 13:27 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2009-04-29 04:46 . 2009-07-19 13:18 5937152 c:\windows\system32\dllcache\mshtml.dll
+ 2009-09-11 22:23 . 2009-07-03 17:09 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 1022976 c:\windows\system32\dllcache\browseui.dll
+ 2009-04-01 03:04 . 2004-08-04 12:00 1326080 c:\windows\ServicePackFiles\i386\webfldrs.msi
+ 2009-04-01 03:03 . 2004-08-04 12:00 5080576 c:\windows\ServicePackFiles\i386\msnmsgs.msi
+ 2007-05-25 20:08 . 2007-05-25 20:08 9609728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp
+ 2009-09-29 08:34 . 2009-09-29 08:34 4405248 c:\windows\Installer\c65fedc.msi
+ 2005-08-03 21:52 . 2005-08-03 21:52 1328128 c:\windows\Installer\55e88.msi
+ 2005-08-03 21:51 . 2005-08-03 21:51 5107712 c:\windows\Installer\55e7e.msi
+ 2005-08-03 21:09 . 2005-08-03 21:09 3443712 c:\windows\Installer\3d6de.msi
+ 2009-06-16 11:37 . 2009-06-16 11:37 1659392 c:\windows\Installer\3297f99.msi
+ 2009-06-16 11:34 . 2009-06-16 11:34 1549312 c:\windows\Installer\3297cfc.msi
+ 2005-08-03 21:43 . 2005-08-03 21:43 3818496 c:\windows\Installer\1ea20.msi
+ 2005-08-03 21:40 . 2005-08-03 21:40 4716032 c:\windows\Installer\1ea0e.msi
+ 2005-08-03 21:38 . 2005-08-03 21:38 4806656 c:\windows\Installer\1ea09.msi
+ 2005-08-03 21:36 . 2005-08-03 21:36 2727936 c:\windows\Installer\1e9ee.msi
+ 2005-08-03 21:29 . 2005-08-03 21:29 1097728 c:\windows\Installer\1e951.msi
+ 2005-08-03 21:29 . 2005-08-03 21:29 1104896 c:\windows\Installer\1e8c7.msi
+ 2005-08-03 21:29 . 2005-08-03 21:29 1096704 c:\windows\Installer\1e83e.msi
+ 2009-09-15 02:51 . 2009-09-15 02:51 9013760 c:\windows\Installer\1cb77e9.msi
+ 2009-09-15 02:48 . 2009-09-15 02:48 3310592 c:\windows\Installer\1cb754d.msi
+ 2009-09-11 22:31 . 2009-03-08 11:34 1206784 c:\windows\ie8updates\KB972260-IE8\urlmon.dll
+ 2009-09-11 22:31 . 2009-03-08 11:41 5937152 c:\windows\ie8updates\KB972260-IE8\mshtml.dll
+ 2009-09-11 22:31 . 2009-03-08 11:32 1985024 c:\windows\ie8updates\KB972260-IE8\iertutil.dll
+ 2009-09-11 22:27 . 2009-07-18 16:05 3069440 c:\windows\ie8\mshtml.dll
+ 2007-02-01 05:29 . 2007-02-05 07:02 6981632 c:\windows\Downloaded Installations\{156D71EC-9396-49C9-AD1A-808FFD897912}\Microsoft ActiveSync 4.0.msi
- 2007-06-13 06:30 . 2007-04-30 15:20 5537792 c:\windows\$NtUninstallwmp11$\wmp.dll
+ 2007-06-13 06:30 . 2009-07-13 17:08 5537792 c:\windows\$NtUninstallwmp11$\wmp.dll
+ 2007-04-26 18:58 . 2009-05-20 19:44 2355200 c:\windows\$NtUninstallWMFDist11$\wmvcore.dll
+ 2007-04-26 18:58 . 2008-06-10 19:37 1026048 c:\windows\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2009-08-13 10:07 . 2007-04-30 16:20 5537792 c:\windows\$NtUninstallKB973540_WM9$\wmp.dll
+ 2009-08-13 10:08 . 2008-04-14 00:12 1314816 c:\windows\$NtUninstallKB973354$\msoe.dll
+ 2009-07-29 10:04 . 2009-04-29 04:46 1499136 c:\windows\$NtUninstallKB972260$\shdocvw.dll
+ 2009-07-29 10:04 . 2009-04-29 04:46 3068928 c:\windows\$NtUninstallKB972260$\mshtml.dll
+ 2009-07-15 10:04 . 2008-12-20 22:14 1288192 c:\windows\$NtUninstallKB971633$\quartz.dll
+ 2009-09-10 10:01 . 2008-06-10 19:57 2364472 c:\windows\$NtUninstallKB968816_WM9$\wmvcore.dll
+ 2009-08-13 10:08 . 2008-04-14 00:11 2061824 c:\windows\$NtUninstallKB956744$\mstscax.dll
+ 2009-07-11 01:54 . 2009-07-11 01:54 1315328 c:\windows\$hf_mig$\KB973354\SP3QFE\msoe.dll
+ 2009-07-18 15:31 . 2009-07-18 15:31 1509888 c:\windows\$hf_mig$\KB972260\SP3QFE\shdocvw.dll
+ 2009-07-18 15:31 . 2009-07-18 15:31 3069952 c:\windows\$hf_mig$\KB972260\SP3QFE\mshtml.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 1208832 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\urlmon.dll
+ 2009-09-11 22:23 . 2009-07-19 13:17 5938176 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
+ 2009-09-11 22:23 . 2009-07-03 17:06 1985536 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\iertutil.dll
+ 2009-06-03 19:12 . 2009-06-03 19:12 1291264 c:\windows\$hf_mig$\KB971633\SP3QFE\quartz.dll
+ 2009-08-13 04:54 . 2009-06-09 15:21 2067968 c:\windows\$hf_mig$\KB956744\SP3QFE\lhmstscx.dll
+ 2004-08-04 12:00 . 2009-07-14 06:43 10841088 c:\windows\system32\wmp.dll
+ 2009-06-11 09:02 . 2009-08-28 21:38 24689600 c:\windows\system32\MRT.exe
+ 2009-03-08 11:39 . 2009-07-20 01:48 11067392 c:\windows\system32\ieframe.dll
+ 2004-08-04 12:00 . 2009-07-14 06:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-07-20 01:48 . 2009-07-20 01:48 11067392 c:\windows\system32\dllcache\ieframe.dll
+ 2009-03-28 09:18 . 2005-08-03 21:14 10331648 c:\windows\system32\config\systemprofile\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150000}\J2SE Runtime Environment 5.0.msi
+ 2005-08-03 21:10 . 2005-08-03 21:10 19210240 c:\windows\Installer\4a0db.msp
+ 2009-03-31 11:13 . 2009-03-31 11:13 15256576 c:\windows\Installer\21c67bf.msp
+ 2009-08-03 07:55 . 2009-08-03 07:55 12491264 c:\windows\Installer\1c4a078.msi
+ 2009-09-11 22:31 . 2009-03-08 11:39 11063808 c:\windows\ie8updates\KB972260-IE8\ieframe.dll
+ 2005-08-03 21:41 . 2005-08-03 21:40 20156928 c:\windows\Downloaded Installations\{E06F0F1A-F88E-4523-8B5B-403AA5AE1DBC}\iTunes.msi
+ 2006-01-27 16:51 . 2006-01-27 16:51 33979904 c:\windows\Downloaded Installations\{00C2E789-F948-4BE1-8167-6E6447DC4CE2}\iPod for Windows 2006-01-10.msi
+ 2009-09-11 22:23 . 2009-07-19 13:17 11068416 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 14th October 2009, 4:22 am

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-09-02 18:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"SM1BG"="c:\windows\SM1BG.EXE" [2003-08-27 94208]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-11 253952]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-08-03 180269]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"RoxioDragToDisc"="c:\program files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" [2004-01-27 1179648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152]
"D-Link D-Link Wireless N DWA-130"="c:\program files\D-Link\DWA-130\AirNCFG.exe" [2008-10-01 1679360]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-09 2023704]
"SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2005-01-24 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 08:03 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6/15/2009 1:34 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6/15/2009 1:34 PM 108552]
S3 RTL8192u;Realtek RTL8192U Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192u.sys [5/20/2009 2:07 PM 443776]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-10-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\odo29sgx.default\
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - hȋdden: XUL Cache: {DF30700B-ED43-408A-90BB-8FA0A69AE598} - c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{DF30700B-ED43-408A-90BB-8FA0A69AE598}
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKLM-Run-PCLEUSBTip - c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-10-13 21:04
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2520)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Roxio\Easy Media Creator 7\Drag to Disc\Shellex.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ANIWConnService.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\progra~1\AVG\AVG8\avgwdsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\wscntfy.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-10-14 21:13 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-14 04:13
ComboFix2.txt 2009-06-25 04:34

Pre-Run: 150,359,035,904 bytes free
Post-Run: 150,565,031,936 bytes free

971 --- E O F --- 2009-10-10 08:42

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 14th October 2009, 5:07 am

Re-running ComboFix to remove infections:

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:

    File::
    c:\windows\system32\TerNa.exe
    C:\wridiint.exe
    C:\dvglbk.exe

    Folder::
    c:\program files\RegistryFix8
  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 14th October 2009, 5:27 am

Question. I already had a combofix.exe saved. Though I went on safe mood, and saved the new Combofix.exe as svchost.exe in the same folder with the one i downloaded before hand and ran it on safemood.

I'm on regular now, (not on safe mood) and i only see combofix.exe and not svchost.exe Did svchost.exe automatically change to combofix.exe?

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 14th October 2009, 5:29 am

because when i do drag CFScript.txt to Combofix.exe it says:

"The Publisher could be verified. Are you sure you want to run this software?"

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 14th October 2009, 5:34 am

If you click Yes, what happens?

It should run, anyway.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 14th October 2009, 5:51 am

ComboFix 09-10-13.01 - Compaq_Owner 10/13/2009 22:37.3.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.220 [GMT -7:00]
Running from: c:\documents and settings\Compaq_Owner\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\Compaq_Owner\My Documents\Downloads\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"C:\dvglbk.exe"
"c:\windows\system32\TerNa.exe"
"C:\wridiint.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\dvglbk.exe
c:\program files\RegistryFix8
c:\program files\RegistryFix8\RegistryFix8Backup\10,3,2009_22,10,56.cab
c:\windows\system32\TerNa.exe
C:\wridiint.exe

.
((((((((((((((((((((((((( Files Created from 2009-09-14 to 2009-10-14 )))))))))))))))))))))))))))))))
.

2009-10-13 02:06 . 2009-10-13 02:06 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-10-12 20:38 . 2009-10-12 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-12 20:38 . 2009-10-12 20:39 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-11 21:11 . 2009-09-10 21:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-11 21:11 . 2009-10-12 20:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-11 21:11 . 2009-09-10 21:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-11 21:09 . 2009-10-11 21:09 -------- d-----w- c:\documents and settings\Administrator.RIVERA\Application Data\Malwarebytes
2009-10-11 21:07 . 2009-10-11 21:07 -------- d-----w- c:\documents and settings\Administrator.RIVERA\Local Settings\Application Data\AVG Security Toolbar
2009-10-09 23:03 . 2009-10-09 23:03 -------- d-----w- c:\program files\Lame for Audacity
2009-10-09 22:16 . 2009-10-13 01:37 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Audacity
2009-10-09 22:16 . 2009-10-09 22:16 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2009-10-09 06:05 . 2009-10-09 06:07 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-10-08 17:51 . 2004-06-10 14:34 53693 ----a-r- c:\windows\UNDPX2A.sys
2009-10-08 17:51 . 2004-06-10 14:31 135168 ----a-r- c:\windows\UNDPX2A.exe
2009-10-08 17:51 . 2004-06-09 23:42 15429 ----a-r- c:\windows\system32\drivers\Sacm2A.sys
2009-10-04 06:18 . 2009-10-04 06:18 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Yahoo
2009-10-04 06:15 . 2009-10-04 06:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-09-26 03:34 . 2009-10-11 21:13 -------- d-----w- c:\program files\BitLord
2009-09-15 02:55 . 2009-09-15 02:56 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-14 03:37 . 2009-06-29 05:56 7620 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\wklnhst.dat
2009-10-13 05:45 . 2007-02-07 19:10 -------- d--h--w- c:\documents and settings\Compaq_Owner\Application Data\Move Networks
2009-10-10 20:15 . 2005-08-03 21:52 -------- d-----w- c:\program files\Easy Internet signup
2009-10-10 03:42 . 2005-11-18 10:22 60072 -c--a-w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-09 22:03 . 2005-12-09 03:17 -------- d-----w- c:\program files\Yahoo!
2009-10-04 06:17 . 2006-04-27 07:16 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Yahoo!
2009-09-29 08:33 . 2005-08-03 21:41 -------- d-----w- c:\program files\iTunes
2009-09-29 08:32 . 2005-08-03 21:41 -------- d-----w- c:\program files\iPod
2009-09-16 07:16 . 2009-03-28 09:19 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Apple Computer
2009-09-15 06:00 . 2009-08-06 04:40 -------- d-----w- c:\program files\PokerStars.NET
2009-09-15 02:51 . 2005-08-03 21:41 -------- d-----w- c:\program files\QuickTime
2009-09-15 02:49 . 2008-07-22 17:18 -------- d-----w- c:\program files\Common Files\Apple
2009-09-11 22:40 . 2009-06-15 20:34 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-08-17 08:03 . 2009-06-15 20:34 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-17 08:03 . 2009-06-15 20:34 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-17 08:03 . 2009-06-15 20:34 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-07 02:24 . 2004-08-04 12:00 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-07 02:24 . 2004-08-04 12:00 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-07 02:24 . 2008-10-16 22:09 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-07 02:24 . 2004-08-04 12:00 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-07 02:24 . 2004-08-04 12:00 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-07 02:24 . 2004-08-04 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-07 02:23 . 2004-08-04 12:00 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-07 02:23 . 2004-08-04 12:00 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-04 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 05:17 . 2009-08-03 05:17 2256 ----a-w- c:\windows\current_settings.bin
2009-07-25 12:23 . 2009-06-12 01:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-17 19:01 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2007-12-05 12:23 . 2007-12-05 12:24 774144 -c--a-w- c:\program files\RngInterstitial.dll
2007-01-16 07:32 . 2007-01-16 07:32 7168 -csha-w- c:\program files\Thumbs.db
2003-08-27 21:19 . 2009-06-08 07:19 36963 ----a-r- c:\program files\Common Files\SM1updtr.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-09-02 18:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"SM1BG"="c:\windows\SM1BG.EXE" [2003-08-27 94208]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-11 253952]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-08-03 180269]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"RoxioDragToDisc"="c:\program files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" [2004-01-27 1179648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152]
"D-Link D-Link Wireless N DWA-130"="c:\program files\D-Link\DWA-130\AirNCFG.exe" [2008-10-01 1679360]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-09 2023704]
"SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2005-01-24 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-17 08:03 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6/15/2009 1:34 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6/15/2009 1:34 PM 108552]
R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [5/20/2009 2:09 PM 143360]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/15/2009 1:34 PM 297752]
S3 RTL8192u;Realtek RTL8192U Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192u.sys [5/20/2009 2:07 PM 443776]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-10-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\odo29sgx.default\
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - hȋdden: XUL Cache: {DF30700B-ED43-408A-90BB-8FA0A69AE598} - c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{DF30700B-ED43-408A-90BB-8FA0A69AE598}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-10-13 22:45
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(616)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-10-14 22:47
ComboFix-quarantined-files.txt 2009-10-14 05:46
ComboFix2.txt 2009-10-14 04:13
ComboFix3.txt 2009-06-25 04:34

Pre-Run: 150,578,417,664 bytes free
Post-Run: 150,566,920,192 bytes free

187 --- E O F --- 2009-10-10 08:42

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 14th October 2009, 6:22 am

Hi

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 14th October 2009, 8:09 am

Malwarebytes' Anti-Malware 1.41
Database version: 2955
Windows 5.1.2600 Service Pack 3

10/14/2009 1:00:53 AM
mbam-log-2009-10-14 (01-00-53).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 232376
Time elapsed: 1 hour(s), 21 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Qoobox\Quarantine\C\Documents and Settings\Compaq_Owner\Application Data\lizkavd.exe.vir (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\eventlog.dll.vir (Trojan.Sirefef) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\~.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP2\A0000295.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP2\A0000317.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP2\A0000320.dll (Trojan.Sirefef) -> Quarantined and deleted successfully.

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 14th October 2009, 8:17 am

Please run [You must be registered and logged in to see this link.] online scan.

  • Click Scan now.
  • Read and put a Check next to Yes I accept the terms of use.
  • Click the Launching HouseCall>> button.
  • If confirmed that HouseCall can run on your system, under Using Java-based HouseCall kernel click the Starting HouseCall>> button.
  • You may receive a Security Warning about the TrendMicro Java applet, click YES.
  • Under Scan complete computer for malware, grayware, and vulnerabilities click the Next>> button.
  • Please be patient while it installs, updates, and scans your system.
  • Once the scan is complete, it will take you to the summary page.
  • Under Cleanup options, choose clean all detected infections automatically.
  • Click the Clean now>> button.
  • If anything was found you may be prompted to run the scan again, you can just close the browser window.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 15th October 2009, 11:09 am

Alright, I did the TrendMicro Housecall. I was prompted to run the scan again, but I closed the browser.

Is there a next step??

Can I delete/uninstall Spybot and Hijack This and other programs??

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 15th October 2009, 3:19 pm

Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 15th October 2009, 9:15 pm

Malwarebytes' Anti-Malware 1.41
Database version: 2968
Windows 5.1.2600 Service Pack 3

10/15/2009 2:14:18 PM
mbam-log-2009-10-15 (14-14-18).txt

Scan type: Quick Scan
Objects scanned: 114053
Time elapsed: 5 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 16th October 2009, 1:15 am

Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


==

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 16th October 2009, 1:38 am

Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG Free 8.5
AVG Anti-Rootkit Free
``````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
AVG Anti-Rootkit Free
HijackThis 2.0.2
Java(TM) 6 Update 15
Adobe Flash Player 10
Adobe Reader 7.0
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
``````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 16th October 2009, 7:02 am

Please download the newest version of Adobe Acrobat Reader from [You must be registered and logged in to see this link.]

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.

==

How is your computer running? Are those programs you mentioned operational? Are you satisfied with the results?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 17th October 2009, 7:03 am

Malwarebytes and AVG are working. Spybot Search and Destroy and Hijack This are still saying " Windows cannot access the specified device, path, or file. You may not have the appropriate permission to access the item."

Do I uninstall and then re-install them? Or do I not need them anymore?

The computer is still running slower then usual, but other than that I am satisfied with what your instructions has accomplished for me.

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 17th October 2009, 12:17 pm

Please download SystemLook from one of the links below and save it to your Desktop.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code:

    :filefind
    scecli.dll
    netlogon.dll
    eventlog.dll
    winlogon.exe
    comres.dll
    crypt32.dll
    gpedit.dll
    rundll32.exe
    sfc.dll
    svchost.exe
    cngaudit.dll
    beep.sys
    wscntfy.exe
    atapi.sys

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 17th October 2009, 7:30 pm

SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 11:29 on 17/10/2009 by Compaq_Owner (Administrator - Elevation successful)

========== filefind ==========

Searching for "scecli.dll"
C:\WINDOWS\$NtServicePackUninstall$\scecli.dll -----c 180224 bytes [20:32 12/06/2009] [12:00 04/08/2004] 0F78E27F563F2AAF74B91A49E2ABF19A
C:\WINDOWS\ERDNT\cache\scecli.dll --a--- 181248 bytes [04:11 14/10/2009] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084
C:\WINDOWS\ServicePackFiles\i386\scecli.dll ------ 181248 bytes [03:04 01/04/2009] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\scecli.dll --a--c 181248 bytes [22:53 19/08/2008] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084
C:\WINDOWS\system32\scecli.dll ------ 181248 bytes [12:00 04/08/2004] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084

Searching for "netlogon.dll"
C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll -----c 407040 bytes [20:32 12/06/2009] [12:00 04/08/2004] 96353FCECBA774BB8DA74A1C6507015A
C:\WINDOWS\ERDNT\cache\netlogon.dll --a--- 407040 bytes [04:11 14/10/2009] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550
C:\WINDOWS\ServicePackFiles\i386\netlogon.dll ------ 407040 bytes [03:03 01/04/2009] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\netlogon.dll --a--c 407040 bytes [22:53 19/08/2008] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550
C:\WINDOWS\system32\netlogon.dll ------ 407040 bytes [12:00 04/08/2004] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550

Searching for "eventlog.dll"
C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll -----c 55808 bytes [20:32 12/06/2009] [12:00 04/08/2004] 82B24CB70E5944E6E34662205A2A5B78
C:\WINDOWS\ERDNT\cache\eventlog.dll --a--- 56320 bytes [04:11 14/10/2009] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656
C:\WINDOWS\ServicePackFiles\i386\eventlog.dll ------ 56320 bytes [03:03 01/04/2009] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\eventlog.dll --a--c 56320 bytes [22:52 19/08/2008] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656
C:\WINDOWS\system32\eventlog.dll ------ 56320 bytes [12:00 04/08/2004] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656

Searching for "winlogon.exe"
C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe -----c 502272 bytes [20:32 12/06/2009] [12:00 04/08/2004] 01C3346C241652F43AED8E2149881BFE
C:\WINDOWS\ERDNT\cache\winlogon.exe --a--- 507904 bytes [04:11 14/10/2009] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E
C:\WINDOWS\ServicePackFiles\i386\winlogon.exe ------ 507904 bytes [03:04 01/04/2009] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\winlogon.exe --a--c 507904 bytes [22:53 19/08/2008] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E
C:\WINDOWS\system32\winlogon.exe ------ 507904 bytes [12:00 04/08/2004] [00:12 14/04/2008] ED0EF0A136DEC83DF69F04118870003E

Searching for "comres.dll"
C:\WINDOWS\$NtServicePackUninstall$\comres.dll -----c 792064 bytes [20:32 12/06/2009] [12:00 04/08/2004] 6728270CB7DBB776ED086F5AC4C82310
C:\WINDOWS\ServicePackFiles\i386\comres.dll ------ 792064 bytes [03:03 01/04/2009] [00:11 14/04/2008] 1280A158C722FA95A80FB7AEBE78FA7D
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\comres.dll --a--c 792064 bytes [22:52 19/08/2008] [00:11 14/04/2008] 1280A158C722FA95A80FB7AEBE78FA7D
C:\WINDOWS\system32\comres.dll --a--- 792064 bytes [12:00 04/08/2004] [00:11 14/04/2008] 1280A158C722FA95A80FB7AEBE78FA7D

Searching for "crypt32.dll"
C:\WINDOWS\$NtServicePackUninstall$\crypt32.dll -----c 597504 bytes [20:32 12/06/2009] [12:00 04/08/2004] EFC958396A7A7EF7E6D4A52B97512E18
C:\WINDOWS\ServicePackFiles\i386\crypt32.dll ------ 599040 bytes [03:03 01/04/2009] [00:11 14/04/2008] BDAAF79DD63F194434D31A74B9BB8B77
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\crypt32.dll --a--c 599040 bytes [22:52 19/08/2008] [00:11 14/04/2008] BDAAF79DD63F194434D31A74B9BB8B77
C:\WINDOWS\system32\crypt32.dll --a--- 599040 bytes [12:00 04/08/2004] [00:11 14/04/2008] BDAAF79DD63F194434D31A74B9BB8B77

Searching for "gpedit.dll"
No files found.

Searching for "rundll32.exe"
C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe -----c 33280 bytes [20:32 12/06/2009] [12:00 04/08/2004] DA285490BBD8A1D0CE6623577D5BA1FF
C:\WINDOWS\ServicePackFiles\i386\rundll32.exe ------ 33280 bytes [03:04 01/04/2009] [00:12 14/04/2008] 037B1E7798960E0420003D05BB577EE6
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\rundll32.exe --a--c 33280 bytes [22:53 19/08/2008] [00:12 14/04/2008] 037B1E7798960E0420003D05BB577EE6
C:\WINDOWS\system32\rundll32.exe --a--- 33280 bytes [12:00 04/08/2004] [00:12 14/04/2008] 037B1E7798960E0420003D05BB577EE6

Searching for "sfc.dll"
C:\WINDOWS\$NtServicePackUninstall$\sfc.dll -----c 5120 bytes [20:32 12/06/2009] [12:00 04/08/2004] E8A12A12EA9088B4327D49EDCA3ADD3E
C:\WINDOWS\ERDNT\cache\sfc.dll --a--- 5120 bytes [04:11 14/10/2009] [00:12 14/04/2008] 96E1C926F22EE1BFBAE82901A35F6BF3
C:\WINDOWS\ServicePackFiles\i386\sfc.dll ------ 5120 bytes [03:04 01/04/2009] [00:12 14/04/2008] 96E1C926F22EE1BFBAE82901A35F6BF3
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\sfc.dll --a--c 5120 bytes [22:53 19/08/2008] [00:12 14/04/2008] 96E1C926F22EE1BFBAE82901A35F6BF3
C:\WINDOWS\system32\sfc.dll ------ 5120 bytes [12:00 04/08/2004] [00:12 14/04/2008] 96E1C926F22EE1BFBAE82901A35F6BF3

Searching for "svchost.exe"
C:\WINDOWS\$NtServicePackUninstall$\svchost.exe -----c 14336 bytes [20:32 12/06/2009] [12:00 04/08/2004] 8F078AE4ED187AAABC0A305146DE6716
C:\WINDOWS\ERDNT\cache\svchost.exe --a--- 14336 bytes [04:11 14/10/2009] [00:12 14/04/2008] 27C6D03BCDB8CFEB96B716F3D8BE3E18
C:\WINDOWS\ServicePackFiles\i386\svchost.exe ------ 14336 bytes [03:04 01/04/2009] [00:12 14/04/2008] 27C6D03BCDB8CFEB96B716F3D8BE3E18
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\svchost.exe --a--c 14336 bytes [22:53 19/08/2008] [00:12 14/04/2008] 27C6D03BCDB8CFEB96B716F3D8BE3E18
C:\WINDOWS\system32\svchost.exe ------ 14336 bytes [12:00 04/08/2004] [00:12 14/04/2008] 27C6D03BCDB8CFEB96B716F3D8BE3E18

Searching for "cngaudit.dll"
No files found.

Searching for "beep.sys"
C:\WINDOWS\ERDNT\cache\beep.sys --a--- 4224 bytes [04:11 14/10/2009] [12:00 04/08/2004] DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\dllcache\beep.sys --a--c 4224 bytes [12:00 04/08/2004] [12:00 04/08/2004] DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\drivers\beep.sys ------ 4224 bytes [12:00 04/08/2004] [12:00 04/08/2004] DA1F27D85E0D1525F6621372E7B685E9

Searching for "wscntfy.exe"
C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe -----c 13824 bytes [20:33 12/06/2009] [12:00 04/08/2004] 49911DD39E023BB6C45E4E436CFBD297
C:\WINDOWS\ERDNT\cache\wscntfy.exe --a--- 13824 bytes [04:11 14/10/2009] [00:12 14/04/2008] F92E1076C42FCD6DB3D72D8CFE9816D5
C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe ------ 13824 bytes [03:05 01/04/2009] [00:12 14/04/2008] F92E1076C42FCD6DB3D72D8CFE9816D5
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\wscntfy.exe --a--c 13824 bytes [22:53 19/08/2008] [00:12 14/04/2008] F92E1076C42FCD6DB3D72D8CFE9816D5
C:\WINDOWS\system32\wscntfy.exe ------ 13824 bytes [12:00 04/08/2004] [00:12 14/04/2008] F92E1076C42FCD6DB3D72D8CFE9816D5

Searching for "atapi.sys"
C:\WINDOWS\$NtServicePackUninstall$\atapi.sys -----c 95360 bytes [20:32 12/06/2009] [12:00 04/08/2004] CDFE4411A69C224BD1D11B2DA92DAC51
C:\WINDOWS\ServicePackFiles\i386\atapi.sys ------ 96512 bytes [03:02 01/04/2009] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\atapi.sys --a--c 96512 bytes [22:52 19/08/2008] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\system32\drivers\atapi.sys --a--- 96512 bytes [12:00 04/08/2004] [18:40 13/04/2008] 9F3A2F5AA6875C72BF062C712CFA2674

-=End Of File=-

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 17th October 2009, 8:40 pm

Hi

Deeper inspection Roger that

Download [You must be registered and logged in to see this link.] to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %systemroot%\system32\eventlog.dll
    %systemroot%\system32\scecli.dll
    %systemroot%\netlogon.dll
    %systemroot%\system32\cngaudit.dll
    %systemroot%\system32\sceclt.dll
    %systemroot%\ntelogon.dll
    %systemroot%\system32\logevent.dll
    %systemroot%\system32\drivers\iaStor.sys
    %systemroot%\System32\drivers\nvstor.sys
    %systemroot%\system32\drivers\atapi.sys

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time



Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 18th October 2009, 12:37 am

Oh no...sorry!! Hehe...BUT THANK YOU AGAIN FOR HELPING ME....

OTL.Txt



OTL logfile created on: 10/17/2009 5:30:40 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.48 Mb Total Physical Memory | 196.66 Mb Available Physical Memory | 44.05% Memory free
1.06 Gb Paging File | 0.60 Gb Available in Paging File | 56.17% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 179.80 Gb Total Space | 138.00 Gb Free Space | 76.75% Space Free | Partition Type: NTFS
Drive D: | 6.50 Gb Total Space | 1.19 Gb Free Space | 18.24% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RIVERA
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/10/17 17:27:29 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
PRC - [2009/10/16 23:33:08 | 02,025,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/08/17 01:03:09 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/17 01:03:05 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/17 01:02:56 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/27 17:19:10 | 00,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2009/07/25 05:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/09 13:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/01 11:22:50 | 01,679,360 | ---- | M] (D-Link) -- C:\Program Files\D-Link\DWA-130\AirNCFG.exe
PRC - [2008/07/09 08:58:42 | 00,143,360 | ---- | M] () -- C:\WINDOWS\System32\ANIWConnService.exe
PRC - [2008/04/13 17:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/01/19 11:49:26 | 00,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
PRC - [2007/01/19 11:49:04 | 00,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2005/06/21 06:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005/06/08 04:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005/06/07 22:38:32 | 00,376,832 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2005/02/17 06:11:42 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
PRC - [2005/02/02 16:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\HP\KBD\KBD.EXE
PRC - [2005/01/24 02:56:00 | 00,544,768 | ---- | M] (Motorola Inc.) -- C:\WINDOWS\sm56hlpr.exe
PRC - [2004/09/07 13:47:52 | 00,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCXMNTR.EXE
PRC - [2004/01/27 14:39:00 | 01,179,648 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
PRC - [2003/08/27 14:20:00 | 00,094,208 | R--- | M] (Cypress Semiconductor) -- C:\WINDOWS\SM1BG.EXE
PRC - [2003/06/20 06:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [1998/05/07 09:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- c:\windows\system\hpsysdrv.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/08/17 01:02:56 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])
SRV - [2009/07/25 05:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/01/14 17:53:02 | 00,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/11/09 13:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Auto | Running])
SRV - [2008/07/09 08:58:42 | 00,143,360 | ---- | M] () -- C:\WINDOWS\System32\ANIWConnService.exe -- (ANIWConnService [Auto | Running])
SRV - [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/01/19 11:49:26 | 00,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2005/06/21 06:10:30 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2005/06/07 22:38:32 | 00,376,832 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2004/10/22 10:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2004/07/15 08:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2003/07/28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2003/06/20 06:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: avg@igeared:2.609.002.003
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:7
FF - prefs.js..extensions.enabledItems: {DF30700B-ED43-408A-90BB-8FA0A69AE598}:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="

FF - HKLM\software\mozilla\Firefox\extensions\\{DF30700B-ED43-408A-90BB-8FA0A69AE598}: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{DF30700B-ED43-408A-90BB-8FA0A69AE598} [2009/06/11 18:39:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/06/21 08:11:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/10/10 01:39:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/06/11 18:27:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/13 11:54:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/16 17:22:51 | 00,000,000 | ---D | M]

[2009/10/09 15:13:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions
[2009/10/09 15:13:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/16 18:15:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\mozilla\Firefox\Profiles\odo29sgx.default\extensions
[2009/10/16 23:36:08 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/10/09 15:11:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/11 00:56:28 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/08/24 13:15:25 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 13:15:26 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/25 05:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/08/24 13:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/10/13 11:54:21 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/10/13 11:54:22 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/10/13 11:54:24 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/10/13 11:54:24 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/10/13 11:54:24 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/10/13 11:54:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/10/13 11:54:25 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/08/24 11:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/24 11:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/10/11 14:07:19 | 00,001,497 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
[2009/08/24 11:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 11:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/08/24 11:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/24 11:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/24 11:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [D-Link D-Link Wireless N DWA-130] C:\Program Files\D-Link\DWA-130\AirNCFG.exe (D-Link)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE (Cypress Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk = C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll File not found
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O9 - Extra 'Tools' menuitem : Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} [You must be registered and logged in to see this link.] (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/06/24 22:32:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 07:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{5ac526cc-8d0c-11de-9d19-0013d486933c}\Shell - "" = AutoRun
O33 - MountPoints2\{5ac526cc-8d0c-11de-9d19-0013d486933c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ac526cc-8d0c-11de-9d19-0013d486933c}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\VfWWDM32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[1 C:\WINDOWS\*.tmp files]
[2009/10/16 04:59:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/10/16 04:56:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2009/10/16 04:51:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/10/12 13:38:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/10/03 23:15:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2009/10/09 15:16:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Audacity
[2009/10/09 15:13:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla
[2009/10/03 23:18:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Yahoo
[2009/10/16 04:59:42 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/10/09 15:16:28 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2009/10/09 16:03:42 | 00,000,000 | ---D | C] -- C:\Program Files\Lame for Audacity
[2009/10/11 14:11:55 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/16 04:55:56 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2009/10/12 13:38:31 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/10/17 17:27:28 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2009/10/17 01:24:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/10/16 17:56:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Desktop\1
[2009/10/16 04:59:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2009/10/15 18:25:58 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/10/14 01:38:01 | 00,102,664 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/10/13 22:49:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp
[2009/10/11 14:11:56 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/11 14:11:55 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/09 14:37:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\My Documents\VirtualDJ
[2009/10/08 23:05:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2009/10/08 10:51:15 | 00,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys
[2009/06/08 00:19:54 | 00,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll
[2007/12/05 05:24:13 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 14 Days ==========

[16 C:\WINDOWS\System32\*.tmp files]
[1 C:\WINDOWS\*.tmp files]
[2009/10/17 17:27:29 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\Desktop\OTL.exe
[2009/10/17 11:28:48 | 00,102,660 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SystemLook.exe
[2009/10/17 08:08:26 | 43,179,769 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2009/10/16 23:54:56 | 00,017,920 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/16 19:18:59 | 00,002,256 | ---- | M] () -- C:\WINDOWS\current_settings.bin
[2009/10/16 17:52:29 | 00,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2009/10/16 17:28:15 | 00,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/10/16 17:22:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/16 17:22:41 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/16 17:22:39 | 46,824,2432 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/16 04:56:03 | 00,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk
[2009/10/15 23:54:30 | 00,000,686 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\BitLord.lnk
[2009/10/15 18:36:40 | 00,843,167 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SecurityCheck.exe
[2009/10/15 17:17:08 | 00,033,037 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\microavi.avg
[2009/10/14 03:12:10 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/14 01:36:45 | 00,102,664 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2009/10/14 01:24:12 | 00,000,036 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[2009/10/13 23:30:40 | 00,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/13 22:45:14 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/13 21:04:44 | 00,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2009/10/13 21:04:13 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/10/13 20:37:49 | 00,007,620 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2009/10/13 20:37:48 | 00,009,216 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\videos.wps
[2009/10/12 19:06:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/12 16:41:26 | 00,082,264 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Production 1.dmsm
[2009/10/12 13:38:35 | 00,000,941 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Spybot - Search & Destroy.lnk
[2009/10/11 14:20:09 | 00,000,633 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/11 14:20:09 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/10/11 13:48:34 | 00,010,240 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\lb.wps
[2009/10/11 08:10:09 | 00,236,544 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/10/10 12:43:07 | 00,009,728 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\home.wps
[2009/10/10 08:49:02 | 00,221,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/09 20:42:22 | 00,060,072 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/09 15:16:42 | 00,000,737 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2009/10/09 15:11:31 | 00,001,610 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/08 23:36:54 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/08 23:30:49 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/10/08 23:30:49 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/10/08 23:07:56 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/10/08 23:06:02 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpEE697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpD0797.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpC3797.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp4F597.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp32697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp24697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp18697.FOT
[2009/10/03 23:15:54 | 00,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk

========== Files - No Company Name ==========
[2009/10/17 11:28:36 | 00,102,660 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SystemLook.exe
[2009/10/17 01:24:54 | 00,003,525 | R--- | C] () -- C:\WINDOWS\System32\drivers\CamF2111.bin
[2009/10/17 01:24:53 | 00,014,217 | R--- | C] () -- C:\WINDOWS\System\SenF2111.csr
[2009/10/17 01:24:53 | 00,014,174 | R--- | C] () -- C:\WINDOWS\System\SenH2111.csr
[2009/10/17 01:24:53 | 00,005,295 | R--- | C] () -- C:\WINDOWS\VF0080.uns
[2009/10/17 01:24:53 | 00,003,525 | R--- | C] () -- C:\WINDOWS\System32\drivers\CamH2111.bin
[2009/10/16 04:56:03 | 00,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk
[2009/10/15 23:54:30 | 00,000,686 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\BitLord.lnk
[2009/10/15 18:36:38 | 00,843,167 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\SecurityCheck.exe
[2009/10/14 01:24:12 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\housecall.guid.cache
[2009/10/13 20:50:53 | 46,824,2432 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/13 20:37:47 | 00,009,216 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\videos.wps
[2009/10/12 16:41:26 | 00,082,264 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\Production 1.dmsm
[2009/10/12 13:38:35 | 00,000,941 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Spybot - Search & Destroy.lnk
[2009/10/11 14:11:58 | 00,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/11 13:48:33 | 00,010,240 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\lb.wps
[2009/10/10 12:43:06 | 00,009,728 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\home.wps
[2009/10/09 15:16:42 | 00,000,737 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2009/10/09 15:11:31 | 00,001,610 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/10/08 23:06:02 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009/10/08 10:51:15 | 00,135,168 | R--- | C] () -- C:\WINDOWS\UNDPX2A.exe
[2009/10/08 10:51:15 | 00,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpEE697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpD0797.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpC3797.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp4F597.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp32697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp24697.FOT
[2009/10/08 10:38:22 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp18697.FOT
[2009/10/03 23:15:54 | 00,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2009/08/02 16:25:16 | 00,138,752 | ---- | C] () -- C:\WINDOWS\System32\MASE32.DLL
[2009/08/02 16:25:16 | 00,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
[2009/08/02 16:25:15 | 00,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
[2009/08/02 16:25:15 | 00,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
[2009/08/02 16:25:15 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\MA32.DLL
[2009/06/28 22:56:58 | 00,007,620 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2009/06/14 14:50:53 | 00,005,448 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\f4a922ec565C.manifest
[2009/06/14 14:50:53 | 00,001,814 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\f4a922ec565P.manifest
[2009/06/14 14:50:53 | 00,000,793 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\f4a922ec565O.manifest
[2009/06/14 14:50:53 | 00,000,011 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\f4a922ec565S.manifest
[2009/06/11 02:03:42 | 00,000,285 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009/05/28 01:45:48 | 00,000,911 | ---- | C] () -- C:\WINDOWS\ifotucig.dll
[2009/05/20 14:09:04 | 00,262,144 | ---- | C] () -- C:\WINDOWS\System32\wlanapp.dll
[2009/05/20 14:09:04 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2009/05/20 14:08:31 | 00,385,024 | ---- | C] () -- C:\WINDOWS\System32\ANIOWPS.dll
[2009/03/28 02:19:35 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\desktop.ini
[2009/03/28 02:19:34 | 01,579,848 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\IconCache.db
[2008/06/17 17:41:15 | 00,000,000 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\0000000000t.dat
[2008/06/17 17:37:58 | 00,000,033 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\install.ini
[2007/07/18 21:14:00 | 00,060,857 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\5E41BDC33E9B4A7DADED969491FFC466.rul
[2007/07/18 21:14:00 | 00,013,990 | -HS- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\5E41BDC33E9B4A7DADED969491FFC466.sta
[2007/01/31 22:33:12 | 00,002,508 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\$_hpcst$.hpc
[2007/01/23 01:26:21 | 00,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/16 00:32:52 | 00,007,168 | -HS- | C] () -- C:\Program Files\Thumbs.db
[2006/09/28 21:02:51 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006/01/19 21:13:38 | 00,000,080 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/12/08 20:45:28 | 00,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameE.txt
[2005/11/26 23:26:31 | 00,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/18 03:22:48 | 00,060,072 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2005/10/15 02:48:38 | 00,017,920 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/08/03 15:12:12 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/03 14:46:08 | 00,012,964 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/08/03 14:46:03 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/08/03 14:43:51 | 00,000,172 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/08/03 14:40:33 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/08/03 14:35:33 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/08/03 14:35:32 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/08/03 14:35:32 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/08/03 14:35:32 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/08/03 14:35:32 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/08/03 14:35:32 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/08/03 14:29:53 | 00,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/08/03 14:25:21 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56spn.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56itl.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56ger.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56fra.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56eng.dll
[2005/08/03 14:23:07 | 00,065,536 | ---- | C] () -- C:\WINDOWS\sm56brz.dll
[2005/08/03 14:23:07 | 00,049,152 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll
[2005/08/03 14:23:07 | 00,045,056 | ---- | C] () -- C:\WINDOWS\sm56cht.dll
[2005/08/03 14:23:07 | 00,045,056 | ---- | C] () -- C:\WINDOWS\sm56chs.dll
[2005/08/03 14:11:27 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/08/03 14:07:50 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/08/03 14:07:50 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/08/03 14:07:28 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2005/07/07 13:07:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/06/24 22:32:00 | 00,000,633 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/06/24 15:26:26 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/06/24 15:26:14 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/05/09 23:52:32 | 00,022,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2004/08/04 12:00:00 | 00,020,580 | ---- | C] () -- C:\WINDOWS\batmeter16.dll
[2004/06/15 22:38:02 | 00,000,592 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/01/07 22:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2009/10/16 04:59:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data
[2008/12/01 23:38:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/09/14 19:56:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/16 04:39:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/09/11 15:40:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2005/08/03 14:43:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2007/12/04 19:18:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2006/09/02 02:02:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2006/04/27 00:28:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2009/08/02 16:23:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2005/10/06 22:03:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2009/08/03 00:46:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Roxio
[2005/08/03 14:12:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2005/12/11 01:14:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2007/10/15 20:46:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/10/13 21:00:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data
[2005/11/04 01:02:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\.bittorrent
[2005/11/26 23:32:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\acccore
[2007/10/15 20:09:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Aim
[2009/10/12 18:37:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Audacity
[2007/07/18 21:18:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Error Safe
[2005/12/11 01:48:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\funkitron
[2005/10/12 17:54:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\InterVideo
[2005/08/03 14:43:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intuit
[2005/11/18 11:30:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2009/10/12 22:45:50 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Move Networks
[2007/10/15 20:37:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\MSNInstaller
[2007/10/15 20:40:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\OpenOffice.org2
[2005/12/09 23:22:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\OurPictures
[2006/06/13 11:44:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Roxio
[2005/08/03 14:45:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2005/10/10 01:04:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2007/02/06 22:24:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Viewpoint
[2006/04/13 18:48:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\WeatherBug
[2005/10/06 22:03:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\You've Got Pictures Screensaver
[2009/10/12 19:06:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 12:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/16 17:22:45 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %systemroot%\system32\eventlog.dll >
[2008/04/13 17:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
[16 C:\WINDOWS\system32\*.tmp files]

< %systemroot%\system32\scecli.dll >
[2008/04/13 17:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
[16 C:\WINDOWS\system32\*.tmp files]

< %systemroot%\netlogon.dll >

< %systemroot%\system32\cngaudit.dll >

< %systemroot%\system32\sceclt.dll >

< %systemroot%\ntelogon.dll >

< %systemroot%\system32\logevent.dll >
[2008/04/13 17:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\logevent.dll
[16 C:\WINDOWS\system32\*.tmp files]

< %systemroot%\system32\drivers\iaStor.sys >
[2005/03/09 18:09:18 | 00,870,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\iaStor.sys

< %systemroot%\System32\drivers\nvstor.sys >

< %systemroot%\system32\drivers\atapi.sys >
[2008/04/13 11:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys
< End of report >

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 18th October 2009, 12:37 am

Extra.Txt


OTL Extras logfile created on: 10/17/2009 5:30:40 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Compaq_Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.48 Mb Total Physical Memory | 196.66 Mb Available Physical Memory | 44.05% Memory free
1.06 Gb Paging File | 0.60 Gb Available in Paging File | 56.17% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 179.80 Gb Total Space | 138.00 Gb Free Space | 76.75% Space Free | Partition Type: NTFS
Drive D: | 6.50 Gb Total Space | 1.19 Gb Free Space | 18.24% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RIVERA
Current User Name: Compaq_Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%ProgramFiles%\iTunes\iTunes.exe" = %ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Enabled:Compaq Connections -- (Hewlett-Packard)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*:Disabled:BitLord -- ([You must be registered and logged in to see this link.]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1A103D70-5C9B-4E1A-B306-5106C68F9914}" = Microsoft Plus! Dancer LE
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}" = Cypress USB Mass Storage Driver Installation
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3912A629-0020-0005-3757-2FBA74D4DF0A}" = InterVideo WinDVD Player
"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7AA86B66-4232-4CCA-9530-51B991301376}" = D-Link Wireless N DWA-130
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB61A692-5543-4C48-979B-8CEA1C52FE9C}" = PC-Doctor 5 for Windows
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{BE9FEFBA-F2F8-468B-A108-4356F73A3E9C}" = Office 2003 Tour
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4544EA-C189-41FE-9E3A-76591DDB852B}" = Roxio Easy Media Creator 7
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}" = HP Software Update
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F25B14A1-3863-41B6-9F8A-931DECA6D384}" = D-Link Wireless N DWA-130
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"05E21449-3BA3-42BF-BBDA-95205F4EA40A" = Polar Bowler from Compaq (remove only)
"220B08B4-42B6-4452-A646-5646B6CB8063" = Flip Words from Compaq (remove only)
"29FF6D07-4A15-41F1-9D5E-E0F3A58012C6" = Bounce Symphony from Compaq (remove only)
"2FC85AE2-A516-46DC-9622-BEE432D2276B" = Jewel Quest from Compaq (remove only)
"3DB5E24E-D0CE-437E-96BB-35E09A45B800" = Digby's Donuts from Compaq (remove only)
"422C7575-C10D-4795-87FA-9972765379E6" = Mah Jong Quest from Compaq (remove only)
"4A750179-4CAB-4A94-911D-36ECBC64B6B2" = SCRABBLE Blast from Compaq (remove only)
"52AEBC18-F252-4B0C-B3E1-724537D9F873" = Ricochet Lost Worlds from Compaq (remove only)
"5AF1DD17-7B06-45EF-8592-2E524E458BAB" = Insaniquarium Deluxe from Compaq (remove only)
"66195170-D19D-46C5-8FB7-8A4630071ADC" = Tradewinds from Compaq (remove only)
"75528D5F-DD82-402E-BA7C-045B7DC6A712" = Blasterball 2 from Compaq (remove only)
"8BA6F58B-7A91-461F-95F8-E34F8BD8AA4E" = Slyder from Compaq (remove only)
"AC542946-E8F0-4163-9902-A1DCB02E327F" = SCRABBLE Rack Attack from Compaq (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.9 (Unicode)
"AVG8Uninstall" = AVG Free 8.5
"AVGantiRootkit" = AVG Anti-Rootkit Free
"BitLord" = BitLord 1.1
"C43D84CD-EBFC-48D3-A330-7868C8AD415A" = Crystal Maze from Compaq (remove only)
"C6D35CCA-3F9E-4B6E-A17F-409EE7379D6B" = Boggle Supreme from Compaq (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Compaq Game Console" = Compaq Game Console and games
"Creative VF0080" = Creative WebCam Live! Pro Driver (1.01.01.1011)
"D06AB82F-D68E-405A-9886-AB8804291B6D" = Blasterball 2 Holidays from Compaq (remove only)
"D84AC71A-75E8-4709-8BA5-4B46EAC00C5E" = Bejeweled 2 Deluxe from Compaq (remove only)
"E1A0F769-A43A-4DDB-9F73-12791E453557" = Puzzle Express from Compaq (remove only)
"E618FC78-EE4F-4243-8409-078EB5E0B1F6" = Bookworm Deluxe from Compaq (remove only)
"EC103FAC-9610-4651-BD68-CCEA97C7AB02" = FATE Demo from Compaq (remove only)
"FA6A73EB-40AB-4B58-851D-3892B3C10EF6" = SCRABBLE from Compaq (remove only)
"HijackThis" = HijackThis 2.0.2
"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"InstallShield_{AB61A692-5543-4C48-979B-8CEA1C52FE9C}" = PC-Doctor 5 for Windows
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2005b" = Microsoft Money 2005
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PS2" = PS2
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"SM1FX_AT" = USB Storage Adapter FX (SM1)
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/27/2009 7:08:39 PM | Computer Name = RIVERA | Source = Application Error | ID = 1000
Description = Faulting application firefox.exe, version 1.9.0.3474, faulting module
js3250.dll, version 4.0.0.0, fault address 0x0007b69d.

Error - 8/2/2009 9:11:34 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/2/2009 9:12:39 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/2/2009 9:15:52 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/2/2009 9:17:04 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/3/2009 3:57:52 AM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application wmplayer.exe, version 10.0.0.3646, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/4/2009 8:48:06 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3498, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/5/2009 8:13:26 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3498, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/5/2009 8:13:26 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.0.3498, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 8/5/2009 8:13:36 PM | Computer Name = RIVERA | Source = Application Hang | ID = 1001
Description = Fault bucket 1394815431.

[ System Events ]
Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:58 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:59 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:59 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 7:48:59 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/16/2009 8:04:03 AM | Computer Name = RIVERA | Source = Service Control Manager | ID = 7034
Description = The getPlus(R) Helper service terminated unexpectedly. It has done
this 1 time(s).


< End of report >

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 18th October 2009, 2:25 am

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    C:\Documents and Settings\Compaq_Owner\Application Data\Error Safe
    C:\WINDOWS\ifotucig.dll


  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

NEXT

I see you are running a P2P application. I suggest to read the following, and then decide whether you want to keep it or not: [You must be registered and logged in to see this link.]

I see you have Viewpoint installed...
Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". I suggest you remove the program now. Navigate to Start --> Control Panel --> Add or Remove Programs and uninstall the following programs if present.

  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player
  • Viewpoint Toolbar

Let me know if you decided to uninstall it.

NEXT

Please download CKScanner by askey127 from [You must be registered and logged in to see this link.]

Save it to your desktop.

  • Doubleclick CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


NEXT

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


==

Please make sure to post the following logs in your next reply:

-OTL Fix Log
-CKScanner Log
-Security Check Log

Also, please tell me how your computer is running, and if you uninstalled Viewpoint. You may have to use 2-3 posts to fit all the contents from the logs in.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 18th October 2009, 3:55 am

Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!

OTL by OldTimer - Version 3.0.21.0 log created on 10172009_205152

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 18th October 2009, 4:12 am

I uninstalled Limewire.

For Viewpoint, I could not find any of those listed above. I did go to control panel, then Add or Remove Programs, but there was nȯne. So I uninstalled no viewpoint programs.

There was no CKFiles.txt on my desktop, so I did a search for the file...and found it in C:\Programs\Mozilla Firefox

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\wildtangent\apps\gamechannel\games\2fc85ae2-a516-46dc-9622-bee432d2276b\audio\st_win3_crackle.ogg
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\tile_firecracker-1.pnge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\tile_firecracker-2.pnge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\tile_firecracker-3.pnge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\tile_firecracker1.pnge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\kwazi3\level5-1cracktop.jpge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\kwazi5\5_lvl_5a_postcrack1.jpge
c:\program files\wildtangent\apps\gamechannel\games\422c7575-c10d-4795-87fa-9972765379e6\images\kwazi5\5_lvl_5a_postcrack2.jpge
c:\program files\wildtangent\apps\gamechannel\games\d84ac71a-75e8-4709-8ba5-4b46eac00c5e\sounds\firecrackle.ogg
scanner sequence 3.CF.11
----- EOF -----

Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
AVG Free 8.5
AVG Anti-Rootkit Free
McAfee Security Scan
``````````````````````````````
Anti-malware/Other Utilities Check:

Spybot - Search & Destroy
AVG Anti-Rootkit Free
HijackThis 2.0.2
Java(TM) 6 Update 15
Adobe Flash Player 10
Adobe Reader 9.2
``````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
``````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Dr Jay on 18th October 2009, 9:06 am

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

AntiSpyware

  • [You must be registered and logged in to see this link.]
    SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found [You must be registered and logged in to see this link.].
  • [You must be registered and logged in to see this link.].
    Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).


NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
[You must be registered and logged in to see this link.]

Securing your computer

  • [You must be registered and logged in to see this link.] - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • [You must be registered and logged in to see this link.] replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.


Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:


Thank you for choosing GeekPolice. Please see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13743
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302211
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 19th November 2009, 7:40 am

Can you help me again. The computer is running really really slow. I uninstalled Spybot and spyblaster and installed Trend Micro Antivirus & Antispyware Trial Version. I wanted to try it out. Though, the computer is running slow again. I disabled Trend Micro and ran ComboFix again. Can you check if there is something else that is wrong. Please.

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 19th November 2009, 7:41 am

ComboFix 09-11-18.07 - Compaq_Owner 11/18/2009 23:08.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.136 [GMT -8:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
AV: Trend Micro AntiVirus *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Search Settings
c:\program files\Search Settings\kb128\SeARchsettings.dll
c:\program files\Search Settings\kb128\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe

.
((((((((((((((((((((((((( Files Created from 2009-10-19 to 2009-11-19 )))))))))))))))))))))))))))))))
.

2009-11-19 07:05 . 2009-11-19 07:03 389120 ----a-w- c:\windows\system32\CF14187.exe
2009-11-16 13:14 . 2009-11-16 13:14 127872 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Move Networks\uninstall.exe
2009-11-13 08:48 . 2008-03-02 11:28 206608 ----a-w- c:\windows\system32\drivers\TMPassthru.sys
2009-11-07 18:13 . 2009-11-07 18:24 -------- d-----w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\Yahoo!
2009-11-04 19:27 . 2009-11-04 19:27 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-04 02:01 . 2009-11-04 02:01 152576 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-03 21:03 . 2009-11-03 21:03 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Search Settings
2009-11-03 20:49 . 2009-11-03 20:49 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\DivX
2009-11-03 19:59 . 2009-11-03 19:59 -------- d-----w- c:\windows\system32\custom matrices
2009-11-03 19:58 . 2009-11-03 19:58 -------- d-----w- c:\windows\system32\QuickTime
2009-11-03 19:58 . 2009-11-03 20:00 -------- d-----w- c:\windows\system32\C2MP
2009-11-01 19:15 . 2009-11-01 18:04 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys
2009-11-01 19:15 . 2009-11-01 18:04 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys
2009-11-01 19:15 . 2009-11-01 18:04 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-11-01 19:08 . 2009-11-01 19:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2009-11-01 18:04 . 2009-11-01 18:04 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys
2009-11-01 18:04 . 2009-11-01 18:04 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys
2009-11-01 18:04 . 2009-11-01 18:04 225808 ----a-w- c:\windows\system32\drivers\tmxpflt.sys
2009-11-01 18:04 . 2009-11-01 18:04 1223832 ----a-w- c:\windows\system32\drivers\vsapint.sys
2009-10-29 09:54 . 2009-10-29 09:59 -------- d-----w- c:\windows\SxsCaPendDel
2009-10-25 19:32 . 2003-12-11 18:15 44544 ----a-r- c:\windows\system32\MSXML4a.dll
2009-10-25 19:32 . 2003-12-11 18:15 626960 ----a-r- c:\windows\system32\hpvaut32.dll
2009-10-25 19:32 . 2003-12-11 18:15 487424 ----a-r- c:\windows\system32\hpvcp70.dll
2009-10-25 19:32 . 2003-12-11 18:15 344064 ----a-r- c:\windows\system32\hpvcr70.dll
2009-10-25 19:31 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-10-25 19:31 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
2009-10-22 17:32 . 2009-10-22 17:32 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Xilisoft Corporation
2009-10-22 17:26 . 2009-10-22 17:26 -------- d-----w- c:\program files\Xilisoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-18 21:34 . 2009-06-29 05:56 8950 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\wklnhst.dat
2009-11-16 13:14 . 2007-02-07 19:10 -------- d--h--w- c:\documents and settings\Compaq_Owner\Application Data\Move Networks
2009-11-16 13:14 . 2009-06-16 06:35 4183416 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
2009-11-13 08:48 . 2005-08-03 21:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-13 08:48 . 2009-06-25 04:59 -------- d-----w- c:\program files\Trend Micro
2009-11-08 19:21 . 2005-12-09 03:17 -------- d-----w- c:\program files\Yahoo!
2009-11-07 18:24 . 2009-10-04 06:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-11-04 19:39 . 2005-08-03 21:41 -------- d-----w- c:\program files\iTunes
2009-11-04 19:38 . 2005-08-03 21:41 -------- d-----w- c:\program files\iPod
2009-11-04 02:04 . 2005-08-03 21:14 -------- d-----w- c:\program files\Java
2009-11-01 18:59 . 2009-10-12 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-29 21:02 . 2005-11-18 10:22 49896 -c--a-w- c:\documents and settings\Compaq_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-29 09:55 . 2009-06-15 20:34 -------- d-----w- c:\program files\AVG
2009-10-29 09:50 . 2005-12-09 03:04 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-10-29 07:14 . 2009-10-18 19:40 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-29 01:08 . 2005-08-03 21:35 -------- d-----w- c:\program files\Hewlett-Packard
2009-10-29 01:08 . 2005-08-03 21:26 -------- d-----w- c:\program files\HP
2009-10-28 16:03 . 2009-10-12 20:38 -------- d-----w- c:\program files\Spybot - Search & Destroy (old)
2009-10-28 16:02 . 2007-06-13 06:30 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-28 16:02 . 2006-07-03 00:14 -------- d-----w- c:\program files\Incomplete
2009-10-24 16:42 . 2005-10-06 09:24 -------- d-----w- c:\program files\Microsoft
2009-10-21 12:13 . 2006-05-03 06:02 -------- d-----w- c:\program files\LimeWire
2009-10-19 23:13 . 2009-10-09 22:16 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Audacity
2009-10-18 18:57 . 2009-10-18 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-10-17 02:18 . 2009-08-03 05:17 2256 ----a-w- c:\windows\current_settings.bin
2009-10-17 00:23 . 2009-10-16 11:51 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-10-16 12:02 . 2005-08-03 21:36 -------- d-----w- c:\program files\Common Files\Adobe
2009-10-16 11:59 . 2009-10-16 11:59 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-10-16 11:57 . 2009-10-16 12:03 38208 ----a-w- c:\documents and settings\Compaq_Owner\Application Data\Macromedia\Flash Player\[You must be registered and logged in to see this link.]
2009-10-16 11:57 . 2009-10-16 11:59 38208 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\[You must be registered and logged in to see this link.]
2009-10-16 11:56 . 2009-10-16 11:56 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-16 11:55 . 2009-10-16 11:55 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-10-16 06:54 . 2009-09-26 03:34 -------- d-----w- c:\program files\BitLord
2009-10-14 06:30 . 2009-10-11 21:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-11 21:09 . 2009-10-11 21:09 -------- d-----w- c:\documents and settings\Administrator.RIVERA\Application Data\Malwarebytes
2009-10-11 12:17 . 2009-06-12 01:28 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-10 20:15 . 2005-08-03 21:52 -------- d-----w- c:\program files\Easy Internet signup
2009-10-04 06:17 . 2006-04-27 07:16 -------- d-----w- c:\documents and settings\Compaq_Owner\Application Data\Yahoo!
2009-09-11 14:18 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 21:54 . 2009-10-11 21:11 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 21:53 . 2009-10-11 21:11 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:03 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 02:42 . 2009-06-16 11:34 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-29 02:42 . 2009-06-16 11:34 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-27 19:04 . 2009-08-27 19:04 557003 ----a-w- c:\windows\system32\libmplayer.dll
2009-08-27 19:04 . 2009-08-27 19:04 811835 ----a-w- c:\windows\system32\ff_x264.dll
2009-08-27 19:03 . 2009-08-27 19:03 4456201 ----a-w- c:\windows\system32\libavcodec.dll
2009-08-26 08:00 . 2004-08-04 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 18:07 . 2009-08-25 18:07 328334 ----a-w- c:\windows\system32\ff_kernelDeint.dll
2009-08-25 17:38 . 2009-08-25 17:38 425040 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2009-08-25 16:56 . 2009-08-25 16:56 829781 ----a-w- c:\windows\system32\xvidcore.dll
2009-08-25 16:37 . 2009-08-25 16:37 146098 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2007-12-05 12:23 . 2007-12-05 12:24 774144 -c--a-w- c:\program files\RngInterstitial.dll
2007-01-16 07:32 . 2007-01-16 07:32 7168 -csha-w- c:\program files\Thumbs.db
2003-08-27 21:19 . 2009-06-08 07:19 36963 ----a-r- c:\program files\Common Files\SM1updtr.dll
.

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 19th November 2009, 7:41 am

((((((((((((((((((((((((((((( SnapShot_2009-10-14_04.04.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-12 03:54 . 2009-07-12 03:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-12 03:32 . 2009-07-12 03:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-12 08:07 . 2009-07-12 08:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 08:19 . 2009-07-12 08:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2009-07-12 02:41 . 2009-07-12 02:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2009-10-17 08:24 . 2004-08-04 01:00 20480 c:\windows\V0080Cfg.exe
+ 2009-10-17 08:24 . 2004-06-21 02:02 73728 c:\windows\twain_32\Creative\VF0080\HookWnd.dll
+ 2009-10-17 08:24 . 2004-07-16 01:02 98304 c:\windows\twain_32\Creative\VF0080\CtTwain.dll
+ 2009-11-19 03:37 . 2009-11-19 03:37 16384 c:\windows\temp\Perflib_Perfdata_270.dat
+ 2009-11-19 03:37 . 2009-11-19 03:37 16384 c:\windows\temp\Perflib_Perfdata_12c.dat
+ 2009-10-17 08:24 . 2004-05-21 01:00 20480 c:\windows\system32\V0080Srv.exe
+ 2009-10-17 08:24 . 2004-07-19 01:00 36864 c:\windows\system32\V0080Pin.dll
+ 2009-10-17 08:24 . 2004-07-26 01:00 49152 c:\windows\system32\V0080Hwx.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 61440 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpztbi10.dll
+ 2009-10-09 06:13 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2008-06-08 22:58 . 2008-06-08 22:58 60273 c:\windows\system32\pthreadGC2.dll
+ 2005-06-25 05:43 . 2009-11-19 03:42 53640 c:\windows\system32\perfc009.dat
- 2005-06-25 05:43 . 2009-08-06 00:09 53640 c:\windows\system32\perfc009.dat
- 2004-08-04 19:00 . 2008-04-14 00:12 16896 c:\windows\system32\msyuv.dll
+ 2004-08-04 19:00 . 2008-04-14 00:12 16896 c:\windows\system32\msyuv.dll
- 2009-03-08 11:31 . 2009-07-03 17:09 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 11:31 . 2009-08-29 08:08 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-01-10 22:14 . 2009-01-10 22:14 79360 c:\windows\system32\mkzlib.dll
+ 2009-01-10 22:14 . 2009-01-10 22:14 23552 c:\windows\system32\mkunicode.dll
+ 2004-08-04 12:00 . 2009-08-29 08:08 25600 c:\windows\system32\jsproxy.dll
- 2004-08-04 12:00 . 2009-07-03 17:09 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 19:00 . 2008-04-14 00:11 47616 c:\windows\system32\iyuv_32.dll
- 2004-08-04 19:00 . 2008-04-14 00:11 47616 c:\windows\system32\iyuv_32.dll
+ 2009-06-02 17:11 . 2009-06-02 17:11 98304 c:\windows\system32\ff_wmv9.dll
+ 2009-06-02 17:11 . 2009-06-02 17:11 85504 c:\windows\system32\ff_vfw.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 57344 c:\windows\system32\dpv11.dll
+ 2009-05-01 21:02 . 2009-05-01 21:02 90112 c:\windows\system32\dpl100.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-09-11 22:23 . 2009-07-03 17:09 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2004-08-04 19:00 . 2008-04-14 00:12 16896 c:\windows\system32\dllcache\msyuv.dll
- 2009-09-11 22:23 . 2009-07-03 17:09 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
- 2009-03-08 11:33 . 2009-07-03 17:09 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 11:33 . 2009-08-29 08:08 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 19:00 . 2008-04-14 00:11 47616 c:\windows\system32\dllcache\iyuv_32.dll
+ 2009-10-17 08:24 . 2002-09-17 01:04 36864 c:\windows\system32\CtRegApp.dll
+ 2009-10-17 08:24 . 2003-10-03 01:05 65536 c:\windows\system32\CtCamMgr.dll
+ 2009-08-30 22:30 . 2009-08-30 22:30 44474 c:\windows\system32\C2MP\Un_Parts.exe
+ 2008-05-25 14:39 . 2008-05-25 14:39 13824 c:\windows\system32\C2MP\StatsReader.exe
+ 2002-12-12 00:14 . 2002-12-12 00:14 13312 c:\windows\system32\C2MP\msdmo.dll
+ 2002-06-12 16:52 . 2002-06-12 16:52 23040 c:\windows\system32\C2MP\MiniCalc.exe
+ 2009-05-01 21:02 . 2009-05-01 21:02 69632 c:\windows\system32\C2MP\DivXConfig.exe
+ 2007-02-01 23:19 . 2007-02-01 23:19 28088 c:\windows\system32\bass_wv.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 18888 c:\windows\system32\bass_mpc.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 23616 c:\windows\system32\bass_flac.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 33240 c:\windows\system32\bass_ape.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 12784 c:\windows\system32\bass_alac.dll
+ 2007-02-01 23:19 . 2007-02-01 23:19 92728 c:\windows\system32\bass.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 97280 c:\windows\system32\avs.dll
+ 2009-08-11 20:21 . 2009-08-11 20:21 87552 c:\windows\system32\ac3config.exe
+ 2009-06-25 02:56 . 2009-06-25 02:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-14 04:58 . 2007-04-14 04:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-14 05:30 . 2007-04-14 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-05-28 08:30 . 2008-05-28 08:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2009-11-01 18:05 . 2009-11-01 18:04 24576 c:\windows\Installer\nlsdl.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 57856 c:\windows\Installer\mfcm80u.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 69632 c:\windows\Installer\mfcm80.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 96256 c:\windows\Installer\atl80.dll
+ 2009-10-16 12:03 . 2009-10-16 12:03 21504 c:\windows\Installer\3adc14c.msi
+ 2009-10-16 11:59 . 2009-10-16 11:59 27648 c:\windows\Installer\3adc140.msi
+ 2009-11-03 20:03 . 2009-11-03 20:03 10134 c:\windows\Installer\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}\ARPPRODUCTICON.exe
+ 2009-10-14 10:12 . 2009-07-03 17:09 12800 c:\windows\ie8updates\KB974455-IE8\xpshims.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 55296 c:\windows\ie8updates\KB974455-IE8\msfeedsbs.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 25600 c:\windows\ie8updates\KB974455-IE8\jsproxy.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_4749f896\System.Drawing.Design.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_c94e156d\CustomMarshalers.dll
+ 2009-10-14 10:06 . 2008-04-14 00:11 57344 c:\windows\$NtUninstallKB974571$\msasn1.dll
+ 2009-10-14 10:02 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB975467\update\spcustom.dll
+ 2009-10-14 10:02 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB975467\spmsg.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB975025\update\spcustom.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB975025\spmsg.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974571\update\spcustom.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974571\spmsg.dll
+ 2009-09-04 20:57 . 2009-09-04 20:57 58880 c:\windows\$hf_mig$\KB974571\SP3QFE\msasn1.dll
+ 2009-10-14 10:12 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB974455-IE8\update\spcustom.dll
+ 2009-10-14 10:12 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB974455-IE8\spmsg.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 12800 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\xpshims.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 55296 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeedsbs.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 25600 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\jsproxy.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB974112\update\spcustom.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB974112\spmsg.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB973525\update\spcustom.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB973525\spmsg.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 26488 c:\windows\$hf_mig$\KB971486\update\spcustom.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 17272 c:\windows\$hf_mig$\KB971486\spmsg.dll
+ 2009-10-14 10:07 . 2008-07-08 13:02 26488 c:\windows\$hf_mig$\KB969059\update\spcustom.dll
+ 2009-10-14 10:07 . 2008-07-08 13:02 17272 c:\windows\$hf_mig$\KB969059\spmsg.dll
- 2004-08-04 19:00 . 2004-08-04 19:00 8192 c:\windows\system32\tsbyuv.dll
+ 2004-08-04 19:00 . 2001-08-18 05:36 8192 c:\windows\system32\tsbyuv.dll
+ 2009-10-17 08:24 . 2004-08-11 03:22 3525 c:\windows\system32\drivers\CamH2111.bin
+ 2009-10-17 08:24 . 2004-08-11 03:22 3525 c:\windows\system32\drivers\CamF2111.bin
+ 2004-08-04 19:00 . 2001-08-18 05:36 8192 c:\windows\system32\dllcache\tsbyuv.dll
+ 2003-12-26 19:26 . 2003-12-26 19:26 9216 c:\windows\system32\C2MP\OGMCalc.exe
+ 2004-03-04 20:00 . 2004-03-04 20:00 6144 c:\windows\system32\C2MP\AviC.exe
+ 2007-02-01 23:19 . 2007-02-01 23:19 8664 c:\windows\system32\bass_tta.dll
+ 2009-07-12 08:12 . 2009-07-12 08:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 08:09 . 2009-07-12 08:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 08:08 . 2009-07-12 08:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2008-12-03 22:11 . 2008-12-03 22:11 180224 c:\windows\system32\xvidvfw.dll
+ 2004-08-04 12:00 . 2009-04-02 06:02 604160 c:\windows\system32\wmspdmod.dll
+ 2008-08-26 22:11 . 2008-08-26 22:11 987136 c:\windows\system32\VSFilter.dll
+ 2004-12-10 09:03 . 2004-12-10 09:03 438272 c:\windows\system32\vp6vfw.dll
+ 2009-10-17 08:24 . 2004-06-10 01:00 126976 c:\windows\system32\V0080Vfw.dll
+ 2009-10-17 08:24 . 2004-06-29 01:55 106496 c:\windows\system32\V0080Sti.dll
+ 2009-01-10 22:17 . 2009-01-10 22:17 163840 c:\windows\system32\ts.dll
+ 2009-05-01 21:02 . 2009-05-01 21:02 200704 c:\windows\system32\ssldivx.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 172032 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpztbu10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 163840 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzstw10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 385024 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzstc10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 180315 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzsnt10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 679936 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzslk10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 331776 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzpre10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 487424 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzpm310.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 200704 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzjui10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 352256 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzime10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 647168 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzeng10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 344064 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzcon10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 196608 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzcoi10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 286720 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzcfg10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 196608 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpz2ku10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 168758 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpf2vw10.dat
+ 2009-10-25 19:31 . 2005-07-23 03:25 172032 c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe
+ 2005-06-25 05:43 . 2009-11-19 03:42 382022 c:\windows\system32\perfh009.dat
- 2005-06-25 05:43 . 2009-08-06 00:09 382022 c:\windows\system32\perfh009.dat
+ 2004-04-20 22:00 . 2004-04-20 22:00 172032 c:\windows\system32\OptimFROG.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 120832 c:\windows\system32\ogm.dll
+ 2004-08-04 12:00 . 2009-08-29 08:08 206848 c:\windows\system32\occache.dll
- 2004-08-04 12:00 . 2009-07-03 17:09 206848 c:\windows\system32\occache.dll
- 2004-08-04 19:00 . 2008-04-14 00:12 294912 c:\windows\system32\msh263.drv
+ 2004-08-04 19:00 . 2008-04-14 00:12 294912 c:\windows\system32\msh263.drv
+ 2009-03-08 11:32 . 2009-08-29 08:08 594432 c:\windows\system32\msfeeds.dll
- 2009-03-08 11:32 . 2009-07-03 17:09 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-10 22:16 . 2009-01-10 22:16 141312 c:\windows\system32\mp4.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 159744 c:\windows\system32\mmfinfo.dll
+ 2009-01-10 22:16 . 2009-01-10 22:16 148480 c:\windows\system32\mkx.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 135168 c:\windows\system32\mkv2vfr.exe
+ 2009-11-04 02:04 . 2009-10-11 12:17 149280 c:\windows\system32\javaws.exe
- 2009-08-11 07:56 . 2009-07-25 12:23 149280 c:\windows\system32\javaws.exe
+ 2009-11-04 02:04 . 2009-10-11 12:17 145184 c:\windows\system32\javaw.exe
- 2009-08-11 07:56 . 2009-07-25 12:23 145184 c:\windows\system32\javaw.exe
- 2009-08-11 07:56 . 2009-07-25 12:23 145184 c:\windows\system32\java.exe
+ 2009-11-04 02:04 . 2009-10-11 12:17 145184 c:\windows\system32\java.exe
+ 2004-08-04 12:00 . 2009-08-29 08:08 184320 c:\windows\system32\iepeers.dll
- 2004-08-04 12:00 . 2009-07-03 17:09 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 12:00 . 2009-08-29 08:08 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-04 12:00 . 2009-08-28 10:35 173056 c:\windows\system32\ie4uinit.exe
- 2004-08-04 12:00 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe
+ 2007-07-05 01:33 . 2007-07-05 01:33 892928 c:\windows\system32\iconv.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 344064 c:\windows\system32\hpzcon10.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 196608 c:\windows\system32\hpzcoi10.dll
+ 2009-01-10 22:16 . 2009-01-10 22:16 335872 c:\windows\system32\gdsmux.exe
+ 2005-06-25 05:42 . 2009-11-11 11:26 192976 c:\windows\system32\FNTCACHE.DAT
+ 2009-06-02 17:15 . 2009-06-02 17:15 113152 c:\windows\system32\ff_unrar.dll
+ 2009-06-02 17:15 . 2009-06-02 17:15 146944 c:\windows\system32\ff_tremor.dll
+ 2009-06-02 17:15 . 2009-06-02 17:15 183296 c:\windows\system32\ff_samplerate.dll
+ 2009-06-02 17:14 . 2009-06-02 17:14 178688 c:\windows\system32\ff_libmad.dll
+ 2009-06-02 17:14 . 2009-06-02 17:14 486400 c:\windows\system32\ff_libfaad2.dll
+ 2009-06-02 17:13 . 2009-06-02 17:13 257024 c:\windows\system32\ff_libdts.dll
+ 2009-06-02 17:13 . 2009-06-02 17:13 142848 c:\windows\system32\ff_liba52.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 246784 c:\windows\system32\dxr.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 196608 c:\windows\system32\dtu100.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 103424 c:\windows\system32\dsmux.exe
+ 2009-10-17 08:24 . 2004-10-09 09:51 503507 c:\windows\system32\drivers\V0080Dev.sys
+ 2008-08-05 21:59 . 2008-08-05 21:59 344064 c:\windows\system32\dpus11.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 593920 c:\windows\system32\dpuGUI11.dll
+ 2008-08-05 21:59 . 2008-08-05 21:59 294912 c:\windows\system32\dpu11.dll
+ 2004-08-04 12:00 . 2009-04-02 06:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2009-04-29 04:46 . 2009-08-29 08:08 916480 c:\windows\system32\dllcache\wininet.dll
- 2004-08-04 12:00 . 2008-10-03 10:15 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2004-08-04 12:00 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
- 2009-03-08 11:34 . 2009-07-03 17:09 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 11:34 . 2009-08-29 08:08 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2009-06-25 08:25 . 2009-06-25 08:25 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 594432 c:\windows\system32\dllcache\msfeeds.dll
- 2009-09-11 22:23 . 2009-07-03 17:09 594432 c:\windows\system32\dllcache\msfeeds.dll
+ 2004-08-04 19:00 . 2008-04-13 19:16 141056 c:\windows\system32\dllcache\ks.sys
- 2009-09-11 22:23 . 2009-07-03 17:09 246272 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 246272 c:\windows\system32\dllcache\ieproxy.dll
+ 2009-03-08 11:31 . 2009-08-29 08:08 184320 c:\windows\system32\dllcache\iepeers.dll
- 2009-03-08 11:31 . 2009-07-03 17:09 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 21:09 . 2009-08-29 08:08 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 11:32 . 2009-08-28 10:35 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-03-08 11:32 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-05-01 21:03 . 2009-05-01 21:03 528384 c:\windows\system32\DivXsm.exe
+ 2009-05-01 21:02 . 2009-05-01 21:02 685056 c:\windows\system32\DivX.dll
+ 2009-08-30 22:30 . 2009-08-30 22:30 241288 c:\windows\system32\C2MP\Uninst.exe
+ 2007-02-19 15:28 . 2007-02-19 15:28 117974 c:\windows\system32\C2MP\GSpot27.dat
+ 2007-02-22 20:08 . 2007-02-22 20:08 925696 c:\windows\system32\C2MP\GSpot.exe
+ 2007-02-01 23:19 . 2007-02-01 23:19 150520 c:\windows\system32\bass_aac.dll
+ 2009-01-10 22:15 . 2009-01-10 22:15 102400 c:\windows\system32\avss.dll
+ 2009-01-10 22:16 . 2009-01-10 22:16 108032 c:\windows\system32\avi.dll
- 2007-04-14 04:58 . 2007-04-14 04:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-28 07:49 . 2008-05-28 07:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-28 07:48 . 2008-05-28 07:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 04:56 . 2007-04-14 04:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-14 05:30 . 2007-04-14 05:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-28 08:30 . 2008-05-28 08:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-11-01 18:05 . 2009-11-01 18:04 126208 c:\windows\Installer\tmdbg32.dll
+ 2009-11-01 18:05 . 2009-11-01 18:04 626688 c:\windows\Installer\msvcr80.dll
+ 2009-11-01 18:05 . 2009-11-01 18:04 548864 c:\windows\Installer\msvcp80.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 479232 c:\windows\Installer\msvcm80.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 159168 c:\windows\Installer\libexpat.dll
+ 2009-11-04 19:30 . 2009-11-04 19:30 796672 c:\windows\Installer\e44d32c.msi
+ 2009-10-29 09:54 . 2009-10-29 09:54 424448 c:\windows\Installer\1cd8a1d.msi
+ 2009-11-04 19:39 . 2009-11-04 19:39 102400 c:\windows\Installer\{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}\iTunesIco.exe
+ 2009-11-05 11:01 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB976749-IE8\spuninst\updspapi.dll
+ 2009-11-05 11:01 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB976749-IE8\spuninst\spuninst.exe
+ 2009-10-14 10:12 . 2009-07-03 17:09 915456 c:\windows\ie8updates\KB974455-IE8\wininet.dll
+ 2009-10-14 10:12 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB974455-IE8\spuninst\updspapi.dll
+ 2009-10-14 10:12 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB974455-IE8\spuninst\spuninst.exe
+ 2009-10-14 10:12 . 2009-07-03 17:09 206848 c:\windows\ie8updates\KB974455-IE8\occache.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 594432 c:\windows\ie8updates\KB974455-IE8\msfeeds.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 246272 c:\windows\ie8updates\KB974455-IE8\ieproxy.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 184320 c:\windows\ie8updates\KB974455-IE8\iepeers.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 386048 c:\windows\ie8updates\KB974455-IE8\iedkcs32.dll
+ 2009-10-14 10:12 . 2009-07-03 11:01 173056 c:\windows\ie8updates\KB974455-IE8\ie4uinit.exe
+ 2009-10-14 10:06 . 2009-10-14 10:06 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_b773dc85\System.Drawing.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_51ccb6a4\System.Drawing.Design.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_aa3e128c\CustomMarshalers.dll
+ 2009-10-14 10:02 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975467$\spuninst\updspapi.dll
+ 2009-10-14 10:02 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe
+ 2009-10-14 10:02 . 2009-06-25 08:25 136192 c:\windows\$NtUninstallKB975467$\msv1_0.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB975025$\spuninst\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974571$\spuninst\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe
+ 2009-10-14 10:06 . 2008-10-03 10:15 247326 c:\windows\$NtUninstallKB974112$\strmdll.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB974112$\spuninst\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB973525$\spuninst\updspapi.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB973525$\spuninst\spuninst.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB971486$\spuninst\updspapi.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe
+ 2009-10-14 10:07 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB969059$\spuninst\updspapi.dll
+ 2009-10-14 10:07 . 2008-07-08 13:02 231288 c:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe
+ 2009-10-14 10:11 . 2009-05-26 11:40 382840 c:\windows\$NtUninstallKB958869$\spuninst\updspapi.dll
+ 2009-10-14 10:11 . 2009-05-26 11:40 231288 c:\windows\$NtUninstallKB958869$\spuninst\spuninst.exe
+ 2009-10-14 10:07 . 2006-10-19 04:47 603648 c:\windows\$NtUninstallKB954155_WM9$\wmspdmod.dll
+ 2009-10-14 10:07 . 2007-07-27 17:41 382840 c:\windows\$NtUninstallKB954155_WM9$\spuninst\updspapi.dll
+ 2009-10-14 10:07 . 2007-07-27 17:41 231288 c:\windows\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe
+ 2009-10-14 10:02 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975467\update\updspapi.dll
+ 2009-10-14 10:02 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975467\update\update.exe
+ 2009-10-14 10:02 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB975467\spuninst.exe
+ 2009-09-11 14:13 . 2009-09-11 14:13 136704 c:\windows\$hf_mig$\KB975467\SP3QFE\msv1_0.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB975025\update\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB975025\update\update.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB975025\spuninst.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974571\update\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974571\update\update.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974571\spuninst.exe
+ 2009-10-14 10:12 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974455-IE8\update\updspapi.dll
+ 2009-10-14 10:12 . 2008-07-08 13:02 755576 c:\windows\$hf_mig$\KB974455-IE8\update\update.exe
+ 2009-10-14 10:12 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB974455-IE8\spuninst.exe
+ 2009-10-13 21:30 . 2009-08-29 08:01 916480 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 206848 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\occache.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 594432 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\msfeeds.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 246272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieproxy.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 184320 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iepeers.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 387584 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iedkcs32.dll
+ 2009-10-13 21:30 . 2009-08-28 10:07 173056 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ie4uinit.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB974112\update\updspapi.dll
+ 2009-10-14 10:06 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB974112\update\update.exe
+ 2009-10-14 10:06 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB974112\spuninst.exe
+ 2009-08-26 08:03 . 2009-08-26 08:03 247326 c:\windows\$hf_mig$\KB974112\SP3QFE\strmdll.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB973525\update\updspapi.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB973525\update\update.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB973525\spuninst.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB971486\update\updspapi.dll
+ 2009-10-14 10:03 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB971486\update\update.exe
+ 2009-10-14 10:03 . 2009-05-26 11:40 231288 c:\windows\$hf_mig$\KB971486\spuninst.exe
+ 2009-10-14 10:07 . 2009-05-26 11:40 382840 c:\windows\$hf_mig$\KB969059\update\updspapi.dll
+ 2009-10-14 10:07 . 2009-05-26 11:40 755576 c:\windows\$hf_mig$\KB969059\update\update.exe
+ 2009-10-14 10:07 . 2008-07-08 13:02 231288 c:\windows\$hf_mig$\KB969059\spuninst.exe
+ 2009-10-13 21:29 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-07-12 03:46 . 2009-07-12 03:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-12 03:46 . 2009-07-12 03:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2009-10-17 08:24 . 2001-08-23 08:25 1706800 c:\windows\twain_32\Creative\VF0080\GdiPlus.dll
+ 2004-08-04 12:00 . 2009-08-14 13:21 1850624 c:\windows\system32\win32k.sys
+ 2008-11-06 16:37 . 2008-11-06 16:37 1585664 c:\windows\system32\VC80CRTRedist.msi
+ 2004-08-04 12:00 . 2009-08-29 08:08 1208832 c:\windows\system32\urlmon.dll
- 2004-08-04 12:00 . 2009-07-03 17:09 1208832 c:\windows\system32\urlmon.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 7331840 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpztbx10.exe
+ 2005-07-23 03:25 . 2005-07-23 03:25 1695744 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzrm310.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 3182592 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzr3210.dll
+ 2005-07-23 03:25 . 2005-07-23 03:25 1589248 c:\windows\system32\spool\drivers\w32x86\hpdeskjet_37404f2e\hpzimc10.dll
- 2004-08-04 12:00 . 2008-04-14 00:12 1435648 c:\windows\system32\query.dll
+ 2004-08-04 12:00 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
+ 2008-11-06 16:37 . 2008-11-06 16:37 3596288 c:\windows\system32\qt-dx331.dll
+ 2004-08-04 19:00 . 2009-08-04 15:13 2145280 c:\windows\system32\ntoskrnl.exe
- 2004-08-04 19:00 . 2009-02-06 11:06 2145280 c:\windows\system32\ntoskrnl.exe
- 2004-08-04 19:00 . 2009-02-06 10:32 2023936 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 19:00 . 2009-08-04 14:20 2023936 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-04 12:00 . 2009-10-22 09:19 5939712 c:\windows\system32\mshtml.dll
+ 2009-05-01 21:02 . 2009-05-01 21:02 1044480 c:\windows\system32\libdivx.dll
+ 2009-03-08 11:32 . 2009-08-29 08:08 1985536 c:\windows\system32\iertutil.dll
- 2009-03-08 11:32 . 2009-07-03 17:09 1985536 c:\windows\system32\iertutil.dll
+ 2009-10-17 08:24 . 2004-05-21 06:05 1125376 c:\windows\system32\drivers\V0080Evx.sys
+ 2009-04-17 12:26 . 2009-08-14 13:21 1850624 c:\windows\system32\dllcache\win32k.sys
+ 2009-04-29 04:46 . 2009-08-29 08:08 1208832 c:\windows\system32\dllcache\urlmon.dll
- 2009-04-29 04:46 . 2009-07-03 17:09 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2009-06-13 02:40 . 2009-08-05 03:44 2189184 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-06-13 02:40 . 2009-08-04 14:20 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-06-13 02:40 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-02-08 02:02 . 2009-02-08 02:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2009-02-08 02:02 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-06-13 02:40 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-06-13 02:40 . 2009-08-04 15:13 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-04-29 04:46 . 2009-10-22 09:19 5939712 c:\windows\system32\dllcache\mshtml.dll
- 2009-09-11 22:23 . 2009-07-03 17:09 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-09-11 22:23 . 2009-08-29 08:08 1985536 c:\windows\system32\dllcache\iertutil.dll
+ 2009-05-12 18:46 . 2009-05-12 18:46 1650992 c:\windows\system32\C2MP\npdivx32.dll
+ 2008-05-28 08:35 . 2008-05-28 08:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 05:35 . 2007-04-14 05:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-14 05:35 . 2007-04-14 05:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2008-05-28 08:35 . 2008-05-28 08:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-28 07:48 . 2008-05-28 07:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-14 04:57 . 2007-04-14 04:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-28 07:48 . 2008-05-28 07:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-14 04:50 . 2007-04-14 04:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2008-05-28 07:43 . 2008-05-28 07:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 1093120 c:\windows\Installer\mfc80u.dll
+ 2009-11-01 18:05 . 2009-11-01 18:03 1101824 c:\windows\Installer\mfc80.dll
+ 2009-11-04 19:39 . 2009-11-04 19:39 4454912 c:\windows\Installer\e44dad5.msi
+ 2009-11-03 20:03 . 2009-11-03 20:03 1603584 c:\windows\Installer\93ce61f.msi
+ 2009-11-01 19:08 . 2009-11-01 19:08 3204096 c:\windows\Installer\52fc5.msi
+ 2009-10-16 12:02 . 2009-10-16 12:02 3940352 c:\windows\Installer\3adc146.msi
+ 2009-11-05 11:01 . 2009-08-29 08:08 5940224 c:\windows\ie8updates\KB976749-IE8\mshtml.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 1208832 c:\windows\ie8updates\KB974455-IE8\urlmon.dll
+ 2009-10-14 10:12 . 2009-07-19 13:18 5937152 c:\windows\ie8updates\KB974455-IE8\mshtml.dll
+ 2009-10-14 10:12 . 2009-07-03 17:09 1985536 c:\windows\ie8updates\KB974455-IE8\iertutil.dll
+ 2009-06-13 02:40 . 2009-08-05 03:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-06-13 02:40 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-06-13 02:40 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-08 02:02 . 2009-02-08 02:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-08 02:02 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-06-13 02:40 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-06-13 02:40 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-10-14 10:05 . 2009-10-14 10:05 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_f2099334\System.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_38233a9e\System.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_82d2af0f\System.Xml.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_65dc8259\System.Xml.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_e112058d\System.Windows.Forms.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_43691044\System.Windows.Forms.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_38386980\System.Drawing.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f61a2c51\System.Design.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_0f6b4a91\System.Design.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e99f0118\mscorlib.dll
+ 2009-10-14 10:06 . 2009-10-14 10:06 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a5795710\mscorlib.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-03-31 11:14 . 2009-03-31 11:14 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-10-14 10:05 . 2009-10-14 10:05 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-03-31 11:14 . 2009-03-31 11:14 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-14 10:03 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
+ 2009-10-14 10:03 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrpamp.exe
+ 2009-10-14 10:03 . 2009-02-06 10:32 2023936 c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
+ 2009-10-14 10:03 . 2009-02-06 11:06 2145280 c:\windows\$NtUninstallKB971486$\ntkrnlmp.exe
+ 2009-10-14 10:07 . 2008-04-14 00:12 1435648 c:\windows\$NtUninstallKB969059$\query.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 1209344 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\urlmon.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 5942272 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
+ 2009-10-13 21:30 . 2009-08-29 08:01 1986048 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\iertutil.dll
+ 2009-10-13 21:29 . 2009-08-04 13:56 2189312 c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
+ 2009-10-13 21:29 . 2009-08-04 13:17 2023936 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrpamp.exe
+ 2009-08-05 01:47 . 2009-08-05 01:47 2066176 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
+ 2009-10-13 21:29 . 2009-08-04 13:54 2145280 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlmp.exe
+ 2009-07-17 16:01 . 2009-07-17 16:01 1435648 c:\windows\$hf_mig$\KB969059\SP3QFE\query.dll
+ 2009-06-11 09:02 . 2009-11-05 17:36 26768832 c:\windows\system32\MRT.exe
+ 2009-03-08 11:39 . 2009-08-29 08:08 11069440 c:\windows\system32\ieframe.dll
+ 2009-07-20 01:48 . 2009-08-29 08:08 11069440 c:\windows\system32\dllcache\ieframe.dll
+ 2009-08-11 04:08 . 2009-08-11 04:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-10 21:09 . 2009-08-10 21:09 17254912 c:\windows\Installer\6f2fa5.msp
+ 2009-10-14 10:12 . 2009-07-20 01:48 11067392 c:\windows\ie8updates\KB974455-IE8\ieframe.dll
+ 2009-08-29 20:31 . 2009-08-29 20:31 11069952 c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\ieframe.dll
.
-- Snapshot reset to current date --
.

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 19th November 2009, 7:42 am

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2006-07-05 4538368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"SM1BG"="c:\windows\SM1BG.EXE" [2003-08-27 94208]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2005-05-11 253952]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152]
"D-Link D-Link Wireless N DWA-130"="c:\program files\D-Link\DWA-130\AirNCFG.exe" [2008-10-01 1679360]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-11-01 1020248]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-29 141600]
"TMRUBottedTray"="c:\program files\Trend Micro\RUBotted\TMRUBottedTray.exe" [2008-11-06 288088]
"SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2005-01-24 544768]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [5/20/2009 1:09 PM 143360]
R2 RUBotted;Trend Micro RUBotted Service;c:\program files\Trend Micro\RUBotted\TMRUBotted.exe [11/13/2009 12:48 AM 582992]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [11/1/2009 10:04 AM 36368]
R3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [11/1/2009 11:15 AM 50704]
R3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\TMPassthru.sys [11/13/2009 12:48 AM 206608]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [11/1/2009 11:15 AM 689416]
S3 RTL8192u;Realtek RTL8192U Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192u.sys [5/20/2009 1:07 PM 443776]
S3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\drivers\TMPassthru.sys [11/13/2009 12:48 AM 206608]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
Contents of the 'Scheduled Tasks' folder

2009-11-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 20:34]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uDefault_Search_URL = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\odo29sgx.default\
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\documents and settings\Compaq_Owner\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: c:\windows\system32\C2MP\npdivx32.dll
FF - hȋdden: XUL Cache: {DF30700B-ED43-408A-90BB-8FA0A69AE598} - c:\documents and settings\Compaq_Owner\Local Settings\Application Data\{DF30700B-ED43-408A-90BB-8FA0A69AE598}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-11-18 23:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(800)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-11-18 23:29
ComboFix-quarantined-files.txt 2009-11-19 07:29
ComboFix2.txt 2009-10-14 05:47
ComboFix3.txt 2009-10-14 04:13
ComboFix4.txt 2009-06-25 04:34

Pre-Run: 142,114,787,328 bytes free
Post-Run: 142,287,659,008 bytes free

- - End Of File - - 3D1C2B5D2D7DAE354FE2ADFD293C14DD

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Belahzur on 19th November 2009, 7:58 pm

Please download GooredFix from one of the locations below and save it to your Desktop
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 20th November 2009, 8:49 am

GooredFix by jpshortstuff (18.11.09.1)
Log created at 00:46 on 20/11/2009 (Compaq_Owner)
Firefox version 3.5.5 (en-US)

========== GooredScan ==========

Deleting HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{DF30700B-ED43-408A-90BB-8FA0A69AE598} -> Success!
Deleting C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\{DF30700B-ED43-408A-90BB-8FA0A69AE598} -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
[You must be registered and logged in to see this link.] [20:03 03/11/2009]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [22:11 09/10/2009]
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [07:56 11/08/2009]
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [02:04 04/11/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [01:27 12/06/2009]

-=E.O.F=-

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by Belahzur on 20th November 2009, 5:08 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245079
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Malwarebytes, HijackThis, Spybot S&D, AVG no longer working

Post by rockrlife on 20th November 2009, 7:58 pm

I ran the combofix...but the black screen appeared, the one which ask you how you like to restart... "Last Configuration Safe Mood with networking, etc, Start Normal" Though, I when I clicked enter on any of the options it returned me back to the same black screen with the same commands. I tried all the other options, i.e. reboot, but still it returned me back to the black screen. The last thing I read was it was deleting a file: C:\\....iide.exe or something similar to that.

So the only thing that the computer allowed me to do was a PC recovery. I lost all my files, but then again, the computer is fast.
Thank you!

rockrlife
Novice
Novice

Posts Posts : 24
Joined Joined : 2009-10-13
OS OS : Microsoft Window XP Home Edition
Points Points : 26230
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum