Thread: Can't Run Ad-aware 2007
View Single Post
Old 12-01-2007, 08:12 PM   #9 (permalink)
smilez
Registered User
 
Join Date: Nov 2007
Posts: 22
OS: xp


Re: Can't Run Ad-aware 2007
ComboFix 07-12-02.5 - Administrator 2007-12-02 19:07:35.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.634 [GMT -8:00]
Running from: C:\Documents and Settings\Administrator.RAYMOND-D8FBE0E\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator.RAYMOND-D8FBE0E\My Documents\CFScript.txt
* Created a new restore point

FILE
C:\WINDOWS\system32\mcrh.tmp
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\E404 Helper
C:\Program Files\kcyhfzxx
C:\WINDOWS\system32\mcrh.tmp

.
((((((((((((((((((((((((( Files Created from 2007-11-03 to 2007-12-03 )))))))))))))))))))))))))))))))
.

2007-12-02 16:02 . 2007-12-02 16:02 <DIR> d-------- C:\Program Files\Avira
2007-12-02 16:02 . 2007-12-02 16:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-30 20:28 . 2007-12-02 17:35 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-11-30 20:28 . 2007-11-30 20:28 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2007-11-30 20:28 . 2007-11-30 20:28 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2007-11-30 20:28 . 2007-11-30 20:28 1,406 --a------ C:\WINDOWS\system32\Help.ico
2007-11-30 19:52 . 2007-12-01 14:55 3,078 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-30 19:51 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-30 19:51 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-30 19:51 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-30 19:51 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-30 19:51 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-29 19:59 . 2007-11-29 19:59 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-29 19:56 . 2007-11-29 19:56 <DIR> d-------- C:\Deckard
2007-11-29 19:50 . 2007-11-29 19:50 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-11-26 20:58 . 2007-11-26 22:43 23,817 --a------ C:\Documents and Settings\Administrator.RAYMOND-D8FBE0E\Application Data\info.dat
2007-11-15 18:35 . 2007-11-15 18:35 1,156 --a------ C:\WINDOWS\mozver.dat
2007-11-13 17:39 . 2007-11-13 17:39 0 --a------ C:\WINDOWS\nsreg.dat
2007-11-07 22:08 . 2007-11-07 22:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2007-11-07 22:01 . 2007-11-07 22:01 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-11-07 21:16 . 2007-11-07 21:16 <DIR> d-------- C:\Program Files\uCertify
2007-11-07 20:45 . 2007-11-07 20:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-11-07 20:35 . 2007-11-07 20:35 <DIR> d-------- C:\Program Files\Bonjour
2007-11-07 20:27 . 2007-11-07 20:27 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2007-11-06 20:20 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2007-11-06 16:18 . 2007-11-07 22:02 <DIR> d-------- C:\Program Files\Common Files\Adobe
2007-11-06 16:16 . 2007-11-29 18:39 <DIR> d-------- C:\Program Files\MagicISO

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-28 06:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2007-11-20 00:27 --------- d-----w C:\Program Files\HPQ
2007-11-02 00:05 --------- d-----w C:\Program Files\uTorrent
2007-10-31 03:28 --------- d-----w C:\Program Files\ImgBurn
2007-10-28 21:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-10-28 19:30 --------- d-----w C:\Program Files\DVD Shrink
2007-10-28 19:29 --------- d-----w C:\Program Files\DVD Decrypter
2007-10-18 00:58 --------- d-----w C:\Program Files\Google
2007-10-15 01:26 --------- d-----w C:\Program Files\iTunes
2007-10-15 01:26 --------- d-----w C:\Program Files\iPod
2007-10-15 01:25 --------- d-----w C:\Program Files\QuickTime
2007-10-15 01:25 --------- d-----w C:\Program Files\Common Files\Apple
2007-10-15 01:25 --------- d-----w C:\Program Files\Apple Software Update
2007-10-15 01:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-10-15 01:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-10-15 01:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
2007-10-15 01:08 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2007-10-15 01:06 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-10-15 01:06 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-10-15 00:45 --------- d-----w C:\Program Files\Microsoft ActiveSync
2007-10-15 00:44 --------- d-----w C:\Program Files\Microsoft.NET
2007-10-15 00:38 --------- d-----w C:\Program Files\Common Files\LightScribe
2007-10-14 23:53 --------- d-----w C:\Program Files\MSXML 6.0
2007-10-14 23:38 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-10-14 23:36 --------- d-----w C:\Program Files\MSBuild
2007-10-14 23:33 --------- d-----w C:\Program Files\Reference Assemblies
2007-10-14 22:01 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-14 22:00 --------- d-----w C:\Program Files\Java
2007-10-14 22:00 --------- d-----w C:\Program Files\Common Files\Java
2007-10-14 22:00 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-10-14 22:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2007-10-14 21:59 --------- d-----w C:\Program Files\Sonic
2007-10-14 21:59 --------- d-----w C:\Program Files\Common Files\TiVo Shared
2007-10-14 21:58 --------- d-----w C:\Program Files\Common Files\SureThing Shared
2007-10-14 21:58 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2007-10-14 21:56 --------- d-----w C:\Program Files\muvee Technologies
2007-10-14 21:56 --------- d-----w C:\Program Files\Common Files\muvee Technologies
2007-10-14 21:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\muvee Technologies
2007-10-14 21:55 --------- d-----w C:\Program Files\Zone.com
2007-10-14 21:42 --------- d-----w C:\Program Files\Hp
2007-10-14 21:42 --------- d-----w C:\Program Files\Hewlett-Packard
2007-10-14 21:37 1,579 --sha-r C:\WINDOWS\system32\drivers\103C_HP_NTBK_Pavilion dv5000 (EP414UA#ABA)_YN_0Pavi_QCND608085X_EU_46_I30A4_SHP_V49.37_BF.31_T060104_WXP2_L409_M1023_J80_7AMD_8Turion 64 Technology ML-40_92.19_#071014_N10EC8139_(EP414UA#ABA)_XMOBILE_CN10_Z10024378.MRK
2007-10-14 21:34 --------- d-----w C:\Program Files\InterVideo
2007-10-14 21:34 --------- d-----w C:\Program Files\Common Files\InterVideo
2007-10-14 21:31 --------- d-----w C:\Program Files\ATI Technologies
2007-10-14 21:30 --------- d-----w C:\Program Files\Synaptics
2007-10-14 21:29 --------- d-----w C:\Program Files\CONEXANT
2007-10-14 21:28 --------- d-----w C:\Program Files\AMD
2007-10-14 21:21 --------- d-----w C:\Program Files\microsoft frontpage
2007-10-14 21:16 --------- d-----w C:\Program Files\Windows Plus
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-10 10:07]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 04:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="-C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" []
"SunJavaUpdateSched"="-C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]
"LSBWatcher"="-c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" []
"iTunesHelper"="-C:\Program Files\iTunes\iTunesHelper.exe" []
"hpWirelessAssistant"="-C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" []
"HP Software Update"="-C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" []
"ehTray"="-C:\WINDOWS\ehome\ehtray.exe" []
"eabconfg.cpl"="-C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" []
"Cpqset"="-C:\Program Files\HPQ\Default Settings\cpqset.exe" []
"ATIPTA"="-C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" []
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-02 16:07]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys

*Newly Created Service* - SSMDRV
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 19:09:03
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-02 19:09:25
C:\ComboFix2.txt ... 2007-12-02 15:24
.
--- E O F ---
smilez is offline