Tech Support Forum - View Single Post - Can't Run Ad-aware 2007

smilez · 12-01-2007, 04:33 PM

ComboFix 07-12-02.4 - Administrator 2007-12-01 15:18:54.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.661 [GMT -8:00]
Running from: C:\Documents and Settings\Administrator.RAYMOND-D8FBE0E\Local Settings\Temporary Internet Files\Content.IE5\KXIVC9YN\ComboFix[1].exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrator.RAYMOND-D8FBE0E\Start Menu\Programs\Startup\findfast.exe
C:\Documents and Settings\All Users\Application Data.\pqxcbwra.dll
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe
C:\Program Files\3269.exe
C:\Program Files\ucleaner_setup.exe
C:\Program Files\Ultimate Cleaner
C:\Program Files\Ultimate Defender
C:\Program Files\xloader10181.exe
C:\WINDOWS\Casino.ico
C:\WINDOWS\Free Online Dating.ico
C:\WINDOWS\shell.exe
C:\WINDOWS\Spyware Remover.ico
C:\WINDOWS\system32\awtstut.dll
C:\WINDOWS\system32\cuaricrp.exe
C:\WINDOWS\system32\drvzalr.dll
C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\micsxtys.dll
C:\WINDOWS\system32\ndawfcgr.exe
C:\WINDOWS\system32\nflodaua.exe
C:\WINDOWS\system32\printer.exe
C:\WINDOWS\system32\puvgjmxc.exe
C:\WINDOWS\system32\rihvpbvq.dll
C:\WINDOWS\system32\spoolvs.exe
C:\WINDOWS\system32\ssqqpno.dll
C:\WINDOWS\system32\winpdc32.dll
C:\WINDOWS\system32\xlibgfl254.dll
C:\WINDOWS\system32\ycbeg.bak1
C:\WINDOWS\system32\ycbeg.bak2
C:\WINDOWS\system32\ycbeg.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\DomainService

((((((((((((((((((((((((( Files Created from 2007-11-02 to 2007-12-02 )))))))))))))))))))))))))))))))
.

2007-11-30 20:28 . 2007-11-30 20:45 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-11-30 20:28 . 2007-11-30 20:28 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2007-11-30 20:28 . 2007-11-30 20:28 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2007-11-30 20:28 . 2007-11-30 20:28 1,406 --a------ C:\WINDOWS\system32\Help.ico
2007-11-30 19:52 . 2007-12-01 14:55 3,078 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-30 19:51 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-30 19:51 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-30 19:51 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-30 19:51 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-30 19:51 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-29 19:59 . 2007-11-29 19:59 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-29 19:56 . 2007-11-29 19:56 <DIR> d-------- C:\Deckard
2007-11-29 19:50 . 2007-11-29 19:50 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-11-27 20:52 . 2007-11-27 20:52 41,472 --a------ C:\WINDOWS\system32\e404d.dll
2007-11-26 20:58 . 2007-11-26 22:43 23,817 --a------ C:\Documents and Settings\Administrator.RAYMOND-D8FBE0E\Application Data\info.dat
2007-11-23 17:13 . 2007-11-23 17:13 <DIR> d-------- C:\Program Files\kcyhfzxx
2007-11-22 09:28 . 2007-11-23 17:00 <DIR> d-------- C:\Program Files\E404 Helper
2007-11-22 09:27 . 2007-11-30 19:45 10,240 --a------ C:\Program Files\spoolsv.exe
2007-11-18 17:02 . 2007-11-29 17:48 143 --a------ C:\WINDOWS\system32\mcrh.tmp
2007-11-18 10:11 . 2007-11-18 10:11 <DIR> d-------- C:\Program Files\Lavasoft
2007-11-18 10:11 . 2007-11-18 10:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-18 10:11 . 2007-11-18 10:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-15 18:35 . 2007-11-15 18:35 1,156 --a------ C:\WINDOWS\mozver.dat
2007-11-13 17:39 . 2007-11-13 17:39 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-07 22:08 . 2007-11-07 22:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2007-11-07 22:01 . 2007-11-07 22:01 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-11-07 21:16 . 2007-11-07 21:16 <DIR> d-------- C:\Program Files\uCertify
2007-11-07 20:45 . 2007-11-07 20:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-11-07 20:35 . 2007-11-07 20:35 <DIR> d-------- C:\Program Files\Bonjour
2007-11-07 20:27 . 2007-11-07 20:27 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2007-11-06 20:20 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2007-11-06 16:18 . 2007-11-07 22:02 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-11-06 16:16 . 2007-11-29 18:39 <DIR> d-------- C:\Program Files\MagicISO

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-28 06:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2007-11-20 00:27 --------- d-----w C:\Program Files\HPQ
2007-11-02 00:05 --------- d-----w C:\Program Files\uTorrent
2007-10-31 03:28 --------- d-----w C:\Program Files\ImgBurn
2007-10-28 21:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-10-28 19:30 --------- d-----w C:\Program Files\DVD Shrink
2007-10-28 19:29 --------- d-----w C:\Program Files\DVD Decrypter
2007-10-18 00:58 --------- d-----w C:\Program Files\Google
2007-10-15 01:26 --------- d-----w C:\Program Files\iTunes
2007-10-15 01:26 --------- d-----w C:\Program Files\iPod
2007-10-15 01:25 --------- d-----w C:\Program Files\QuickTime
2007-10-15 01:25 --------- d-----w C:\Program Files\Common Files\Apple
2007-10-15 01:25 --------- d-----w C:\Program Files\Apple Software Update
2007-10-15 01:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-10-15 01:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-10-15 01:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
2007-10-15 01:08 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2007-10-15 00:45 --------- d-----w C:\Program Files\Microsoft ActiveSync
2007-10-15 00:44 --------- d-----w C:\Program Files\Microsoft.NET
2007-10-15 00:38 --------- d-----w C:\Program Files\Common Files\LightScribe
2007-10-14 23:53 --------- d-----w C:\Program Files\MSXML 6.0
2007-10-14 23:38 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-10-14 23:36 --------- d-----w C:\Program Files\MSBuild
2007-10-14 23:33 --------- d-----w C:\Program Files\Reference Assemblies
2007-10-14 22:01 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-14 22:00 --------- d-----w C:\Program Files\Java
2007-10-14 22:00 --------- d-----w C:\Program Files\Common Files\Java
2007-10-14 22:00 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-10-14 22:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2007-10-14 21:59 --------- d-----w C:\Program Files\Sonic
2007-10-14 21:59 --------- d-----w C:\Program Files\Common Files\TiVo Shared
2007-10-14 21:58 --------- d-----w C:\Program Files\Common Files\SureThing Shared
2007-10-14 21:58 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2007-10-14 21:56 --------- d-----w C:\Program Files\muvee Technologies
2007-10-14 21:56 --------- d-----w C:\Program Files\Common Files\muvee Technologies
2007-10-14 21:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\muvee Technologies
2007-10-14 21:55 --------- d-----w C:\Program Files\Zone.com
2007-10-14 21:42 --------- d-----w C:\Program Files\Hp
2007-10-14 21:42 --------- d-----w C:\Program Files\Hewlett-Packard
2007-10-14 21:37 1,579 --sha-r C:\WINDOWS\system32\drivers\103C_HP_NTBK_Pavilion dv5000 (EP414UA#ABA)_YN_0Pavi_QCND608085X_EU_46_I30A4_SHP_V49.37_BF.31_T060104_WXP2_L409_M1023_J80_7AMD_8Turion 64 Technology ML-40_92.19_#071014_N10EC8139_(EP414UA#ABA)_XMOBILE_CN10_Z10024378.MRK
2007-10-14 21:34 --------- d-----w C:\Program Files\InterVideo
2007-10-14 21:34 --------- d-----w C:\Program Files\Common Files\InterVideo
2007-10-14 21:31 --------- d-----w C:\Program Files\ATI Technologies
2007-10-14 21:30 --------- d-----w C:\Program Files\Synaptics
2007-10-14 21:29 --------- d-----w C:\Program Files\CONEXANT
2007-10-14 21:28 --------- d-----w C:\Program Files\AMD
2007-10-14 21:21 --------- d-----w C:\Program Files\microsoft frontpage
2007-10-14 21:16 --------- d-----w C:\Program Files\Windows Plus
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2F02D978-0FF6-80F7-60BB-0426224AB7B3}]
2007-11-23 17:13 110592 --a------ C:\Program Files\kcyhfzxx\azkwxhfy.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-10 10:07]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 04:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="-C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" []
"SunJavaUpdateSched"="-C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]
"LSBWatcher"="-c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" []
"iTunesHelper"="-C:\Program Files\iTunes\iTunesHelper.exe" []
"hpWirelessAssistant"="-C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" []
"HP Software Update"="-C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" []
"ehTray"="-C:\WINDOWS\ehome\ehtray.exe" []
"eabconfg.cpl"="-C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" []
"Cpqset"="-C:\Program Files\HPQ\Default Settings\cpqset.exe" []
"ATIPTA"="-C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"E404Helper"= {06a57c19-3bae-49cd-b275-e9e637b7ba8c} - e404d.dll [ ]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, xlibgfl254.dll

R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys

.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 15:24:02
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-02 15:24:53 - machine was rebooted
.
--- E O F ---

12-01-2007, 04:33 PM	#4 (permalink)
smilez Registered User Join Date: Nov 2007 Posts: 22 OS: xp	Re: Can't Run Ad-aware 2007 ComboFix 07-12-02.4 - Administrator 2007-12-01 15:18:54.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.661 [GMT -8:00] Running from: C:\Documents and Settings\Administrator.RAYMOND-D8FBE0E\Local Settings\Temporary Internet Files\Content.IE5\KXIVC9YN\ComboFix[1].exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Administrator.RAYMOND-D8FBE0E\Start Menu\Programs\Startup\findfast.exe C:\Documents and Settings\All Users\Application Data.\pqxcbwra.dll C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe C:\Program Files\3269.exe C:\Program Files\ucleaner_setup.exe C:\Program Files\Ultimate Cleaner C:\Program Files\Ultimate Defender C:\Program Files\xloader10181.exe C:\WINDOWS\Casino.ico C:\WINDOWS\Free Online Dating.ico C:\WINDOWS\shell.exe C:\WINDOWS\Spyware Remover.ico C:\WINDOWS\system32\awtstut.dll C:\WINDOWS\system32\cuaricrp.exe C:\WINDOWS\system32\drvzalr.dll C:\WINDOWS\system32\gebcy.dll C:\WINDOWS\system32\micsxtys.dll C:\WINDOWS\system32\ndawfcgr.exe C:\WINDOWS\system32\nflodaua.exe C:\WINDOWS\system32\printer.exe C:\WINDOWS\system32\puvgjmxc.exe C:\WINDOWS\system32\rihvpbvq.dll C:\WINDOWS\system32\spoolvs.exe C:\WINDOWS\system32\ssqqpno.dll C:\WINDOWS\system32\winpdc32.dll C:\WINDOWS\system32\xlibgfl254.dll C:\WINDOWS\system32\ycbeg.bak1 C:\WINDOWS\system32\ycbeg.bak2 C:\WINDOWS\system32\ycbeg.ini . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE -------\DomainService ((((((((((((((((((((((((( Files Created from 2007-11-02 to 2007-12-02 ))))))))))))))))))))))))))))))) . 2007-11-30 20:28 . 2007-11-30 20:45 <DIR> d-------- C:\WINDOWS\system32\ActiveScan 2007-11-30 20:28 . 2007-11-30 20:28 30,590 --a------ C:\WINDOWS\system32\pavas.ico 2007-11-30 20:28 . 2007-11-30 20:28 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico 2007-11-30 20:28 . 2007-11-30 20:28 1,406 --a------ C:\WINDOWS\system32\Help.ico 2007-11-30 19:52 . 2007-12-01 14:55 3,078 --a------ C:\WINDOWS\system32\tmp.reg 2007-11-30 19:51 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-11-30 19:51 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-11-30 19:51 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-11-30 19:51 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-11-30 19:51 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-11-29 19:59 . 2007-11-29 19:59 <DIR> d-------- C:\Program Files\Trend Micro 2007-11-29 19:56 . 2007-11-29 19:56 <DIR> d-------- C:\Deckard 2007-11-29 19:50 . 2007-11-29 19:50 <DIR> d-------- C:\Program Files\SpywareBlaster 2007-11-27 20:52 . 2007-11-27 20:52 41,472 --a------ C:\WINDOWS\system32\e404d.dll 2007-11-26 20:58 . 2007-11-26 22:43 23,817 --a------ C:\Documents and Settings\Administrator.RAYMOND-D8FBE0E\Application Data\info.dat 2007-11-23 17:13 . 2007-11-23 17:13 <DIR> d-------- C:\Program Files\kcyhfzxx 2007-11-22 09:28 . 2007-11-23 17:00 <DIR> d-------- C:\Program Files\E404 Helper 2007-11-22 09:27 . 2007-11-30 19:45 10,240 --a------ C:\Program Files\spoolsv.exe 2007-11-18 17:02 . 2007-11-29 17:48 143 --a------ C:\WINDOWS\system32\mcrh.tmp 2007-11-18 10:11 . 2007-11-18 10:11 <DIR> d-------- C:\Program Files\Lavasoft 2007-11-18 10:11 . 2007-11-18 10:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-11-18 10:11 . 2007-11-18 10:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-11-15 18:35 . 2007-11-15 18:35 1,156 --a------ C:\WINDOWS\mozver.dat 2007-11-13 17:39 . 2007-11-13 17:39 0 --a------ C:\WINDOWS\nsreg.dat 2007-11-07 22:08 . 2007-11-07 22:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2007-11-07 22:01 . 2007-11-07 22:01 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2007-11-07 21:16 . 2007-11-07 21:16 <DIR> d-------- C:\Program Files\uCertify 2007-11-07 20:45 . 2007-11-07 20:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2007-11-07 20:35 . 2007-11-07 20:35 <DIR> d-------- C:\Program Files\Bonjour 2007-11-07 20:27 . 2007-11-07 20:27 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared 2007-11-06 20:20 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys 2007-11-06 16:18 . 2007-11-07 22:02 <DIR> d-------- C:\Program Files\Common Files\Adobe 2007-11-06 16:16 . 2007-11-29 18:39 <DIR> d-------- C:\Program Files\MagicISO . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-28 06:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7 2007-11-20 00:27 --------- d-----w C:\Program Files\HPQ 2007-11-02 00:05 --------- d-----w C:\Program Files\uTorrent 2007-10-31 03:28 --------- d-----w C:\Program Files\ImgBurn 2007-10-28 21:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink 2007-10-28 19:30 --------- d-----w C:\Program Files\DVD Shrink 2007-10-28 19:29 --------- d-----w C:\Program Files\DVD Decrypter 2007-10-18 00:58 --------- d-----w C:\Program Files\Google 2007-10-15 01:26 --------- d-----w C:\Program Files\iTunes 2007-10-15 01:26 --------- d-----w C:\Program Files\iPod 2007-10-15 01:25 --------- d-----w C:\Program Files\QuickTime 2007-10-15 01:25 --------- d-----w C:\Program Files\Common Files\Apple 2007-10-15 01:25 --------- d-----w C:\Program Files\Apple Software Update 2007-10-15 01:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2007-10-15 01:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2007-10-15 01:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime 2007-10-15 01:08 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7 2007-10-15 00:45 --------- d-----w C:\Program Files\Microsoft ActiveSync 2007-10-15 00:44 --------- d-----w C:\Program Files\Microsoft.NET 2007-10-15 00:38 --------- d-----w C:\Program Files\Common Files\LightScribe 2007-10-14 23:53 --------- d-----w C:\Program Files\MSXML 6.0 2007-10-14 23:38 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-10-14 23:36 --------- d-----w C:\Program Files\MSBuild 2007-10-14 23:33 --------- d-----w C:\Program Files\Reference Assemblies 2007-10-14 22:01 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-14 22:00 --------- d-----w C:\Program Files\Java 2007-10-14 22:00 --------- d-----w C:\Program Files\Common Files\Java 2007-10-14 22:00 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-10-14 22:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield 2007-10-14 21:59 --------- d-----w C:\Program Files\Sonic 2007-10-14 21:59 --------- d-----w C:\Program Files\Common Files\TiVo Shared 2007-10-14 21:58 --------- d-----w C:\Program Files\Common Files\SureThing Shared 2007-10-14 21:58 --------- d-----w C:\Program Files\Common Files\Sonic Shared 2007-10-14 21:56 --------- d-----w C:\Program Files\muvee Technologies 2007-10-14 21:56 --------- d-----w C:\Program Files\Common Files\muvee Technologies 2007-10-14 21:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\muvee Technologies 2007-10-14 21:55 --------- d-----w C:\Program Files\Zone.com 2007-10-14 21:42 --------- d-----w C:\Program Files\Hp 2007-10-14 21:42 --------- d-----w C:\Program Files\Hewlett-Packard 2007-10-14 21:37 1,579 --sha-r C:\WINDOWS\system32\drivers\103C_HP_NTBK_Pavilion dv5000 (EP414UA#ABA)_YN_0Pavi_QCND608085X_EU_46_I30A4_SHP_V49.37_BF.31_T060104_WXP2_L409_M1023_J80_7AMD_8Turion 64 Technology ML-40_92.19_#071014_N10EC8139_(EP414UA#ABA)_XMOBILE_CN10_Z10024378.MRK 2007-10-14 21:34 --------- d-----w C:\Program Files\InterVideo 2007-10-14 21:34 --------- d-----w C:\Program Files\Common Files\InterVideo 2007-10-14 21:31 --------- d-----w C:\Program Files\ATI Technologies 2007-10-14 21:30 --------- d-----w C:\Program Files\Synaptics 2007-10-14 21:29 --------- d-----w C:\Program Files\CONEXANT 2007-10-14 21:28 --------- d-----w C:\Program Files\AMD 2007-10-14 21:21 --------- d-----w C:\Program Files\microsoft frontpage 2007-10-14 21:16 --------- d-----w C:\Program Files\Windows Plus . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2F02D978-0FF6-80F7-60BB-0426224AB7B3}] 2007-11-23 17:13 110592 --a------ C:\Program Files\kcyhfzxx\azkwxhfy.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-10 10:07] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 04:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="-C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [] "SunJavaUpdateSched"="-C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe" [] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24] "LSBWatcher"="-c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [] "iTunesHelper"="-C:\Program Files\iTunes\iTunesHelper.exe" [] "hpWirelessAssistant"="-C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [] "HP Software Update"="-C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [] "ehTray"="-C:\WINDOWS\ehome\ehtray.exe" [] "eabconfg.cpl"="-C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [] "Cpqset"="-C:\Program Files\HPQ\Default Settings\cpqset.exe" [] "ATIPTA"="-C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "E404Helper"= {06a57c19-3bae-49cd-b275-e9e637b7ba8c} - e404d.dll [ ] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, xlibgfl254.dll R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys . ************************************************************************ catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-02 15:24:02 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2007-12-02 15:24:53 - machine was rebooted . --- E O F ---