Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help > Resolved HJT Threads
keep getting random webpages keep getting random webpages
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

Resolved HJT Threads Resolved spyware and popup issues.

 
Page 2 of 3 < 1 2 3 >
 
Thread Tools
Old 03-24-2007, 08:06 AM   #21 (permalink)
Manager, Security Center, TSF Academy; Analyst, Security Team
 
tetonbob's Avatar
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 26,734
OS: 2000 Pro; XP Pro; XP Home


Re: keep getting random webpages
In computer terms, the "path" is the entire naming convention of the file, like your complete address has street name, town, state.....Windows uses Windows Directory\subdirectory (folder)\perhaps another subdirectory (etc..) (folder)\file name

In this case, the full path to enter in the box is those items in bold I've outlined in the HijackThis Delete on reboot instruction.

All you need do, is one at a time, copy then paste the entire file path. Do that by copying to clipboard (highlight with mouse, right click and select copy), and then pasting in the box that says File Name (see first image below) this path:

First:

C:\WINDOWS\system32\driverb.exe

The computer will respond with a message telling you the file will be deleted on next reboot, do you want to reboot now. Since we're going to add another file to it's task list, at this time, click on "No".

You then repeat that process by copying to clipboard (highlight with mouse, right click and select copy), and then pasting in the box that says File Name this path:

C:\WINDOWS\system32\monterreyb_olive.exe

This time, click on Yes when the message appears, and your system will restart. (See second image below)





__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of ASAP since 2005
Proud Member of UNITE since 2006


Please do not ask for help via Private Message.
tetonbob is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 03-24-2007, 02:12 PM   #22 (permalink)
Registered User
 
Join Date: Mar 2007
Location: SF Bay Area
Posts: 23
OS: xp


Re: keep getting random webpages
Here are the new logs...

"Steve" - 07-03-24 12:52:55 Service Pack 1
ComboFix 07-03-22.2 - Running from: "C:\Documents and Settings\Steve\desktop"
Command switches used :: /v driverb tutusr

(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\driverb.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((( Files Created from 2007-02-24 to 2007-03-24 ))))))))))))))))))))))))))))))))))


2007-03-22 19:30 96,256 --a------ C:\WINDOWS\system32\driverb.exe
2007-03-22 19:29 96,256 --a-s---- C:\WINDOWS\system32\monterreyb_olive.exe
2007-03-22 10:03 106,539 --a------ C:\WINDOWS\tutusr.dll
2007-03-21 23:20 <DIR> d-------- C:\Deckard
2007-03-21 21:13 <DIR> d-------- C:\WINDOWS\Prefetch
2007-03-21 21:06 115,200 --a------ C:\WINDOWS\system32\dpcdll.dll
2007-03-21 21:04 921,475 --------- C:\WINDOWS\system32\ati3d2ag.dll
2007-03-21 21:04 89,088 --a------ C:\WINDOWS\system32\mqsec.dll
2007-03-21 21:04 844,675 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-03-21 21:04 73,728 --a------ C:\WINDOWS\system32\tlntsess.exe
2007-03-21 21:04 7,168 --a------ C:\WINDOWS\system32\tlntsvrp.dll
2007-03-21 21:04 67,584 --a------ C:\WINDOWS\system32\tlntsvr.exe
2007-03-21 21:04 67,584 --a------ C:\WINDOWS\system32\fdeploy.dll
2007-03-21 21:04 67,200 --a------ C:\WINDOWS\system32\drivers\mqac.sys
2007-03-21 21:04 63,663 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-03-21 21:04 613,888 --a------ C:\WINDOWS\system32\mqqm.dll
2007-03-21 21:04 6,912 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-03-21 21:04 57,856 --a------ C:\WINDOWS\system32\tlntadmn.exe
2007-03-21 21:04 57,344 --a------ C:\WINDOWS\system32\nwwks.dll
2007-03-21 21:04 56,591 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-03-21 21:04 545,792 --a------ C:\WINDOWS\system32\wsecedit.dll
2007-03-21 21:04 5,120 --------- C:\WINDOWS\system32\hccoin.dll
2007-03-21 21:04 478,720 --a------ C:\WINDOWS\system32\mqsnap.dll
2007-03-21 21:04 469,504 --a------ C:\WINDOWS\system32\mqutil.dll
2007-03-21 21:04 450,176 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-03-21 21:04 403,456 --------- C:\WINDOWS\system32\winbrand.dll
2007-03-21 21:04 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-03-21 21:04 36,463 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-03-21 21:04 34,735 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-03-21 21:04 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-03-21 21:04 310,272 --a------ C:\WINDOWS\system32\winhttp.dll
2007-03-21 21:04 30,671 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-03-21 21:04 3,584 --------- C:\WINDOWS\system32\dsprpres.dll
2007-03-21 21:04 29,696 --------- C:\WINDOWS\system32\asr_pfu.exe
2007-03-21 21:04 29,455 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-03-21 21:04 277,504 --a------ C:\WINDOWS\system32\appmgr.dll
2007-03-21 21:04 26,367 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-03-21 21:04 231,936 --a------ C:\WINDOWS\system32\tracerpt.exe
2007-03-21 21:04 218,112 --------- C:\WINDOWS\system32\sbe.dll
2007-03-21 21:04 21,343 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-03-21 21:04 202,496 --------- C:\WINDOWS\system32\ati2dvag.dll
2007-03-21 21:04 19,328 --------- C:\WINDOWS\system32\drivers\usbehci.sys
2007-03-21 21:04 187,904 --------- C:\WINDOWS\system32\xpsp1res.dll
2007-03-21 21:04 183,296 --a------ C:\WINDOWS\system32\gptext.dll
2007-03-21 21:04 18,944 --------- C:\WINDOWS\system32\faxpatch.exe
2007-03-21 21:04 172,032 --------- C:\WINDOWS\system32\mssap.dll
2007-03-21 21:04 17,792 --------- C:\WINDOWS\system32\drivers\irbus.sys
2007-03-21 21:04 164,864 --a------ C:\WINDOWS\system32\mqrt.dll
2007-03-21 21:04 164,352 --a------ C:\WINDOWS\system32\mqtrig.dll
2007-03-21 21:04 156,672 --a------ C:\WINDOWS\system32\appmgmts.dll
2007-03-21 21:04 156,544 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2007-03-21 21:04 155,648 --------- C:\WINDOWS\system32\encdec.dll
2007-03-21 21:04 14,848 --a------ C:\WINDOWS\system32\mqise.dll
2007-03-21 21:04 130,048 --a------ C:\WINDOWS\system32\mqad.dll
2007-03-21 21:04 13,056 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-03-21 21:04 12,288 --------- C:\WINDOWS\system32\encapi.dll
2007-03-21 21:04 12,047 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-03-21 21:04 113,664 --a------ C:\WINDOWS\system32\schtasks.exe
2007-03-21 21:04 113,152 --a------ C:\WINDOWS\system32\gpresult.exe
2007-03-21 21:04 110,080 --------- C:\WINDOWS\system32\sbeio.dll
2007-03-21 21:04 11,904 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-03-21 21:04 11,615 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-03-21 21:04 103,936 --a------ C:\WINDOWS\system32\rsnotify.exe
2007-03-21 21:04 10,752 --------- C:\WINDOWS\system32\spiisupd.exe
2007-03-21 21:04 1,677,312 --------- C:\WINDOWS\system32\wmvcore2.dll
2007-03-21 21:04 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-03-21 21:04 <DIR> d-------- C:\WINDOWS\ehome
2007-03-21 21:03 98,816 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-03-21 21:03 98,304 --a------ C:\WINDOWS\system32\oleprn.dll
2007-03-21 21:03 95,744 --a------ C:\WINDOWS\system32\nlhtml.dll
2007-03-21 21:03 94,720 --a------ C:\WINDOWS\system32\dmusic.dll
2007-03-21 21:03 94,208 --a------ C:\WINDOWS\system32\odbccp32.dll
2007-03-21 21:03 91,648 --a------ C:\WINDOWS\system32\iuctl.dll
2007-03-21 21:03 91,648 --a------ C:\WINDOWS\system32\ahui.exe
2007-03-21 21:03 9,728 --a------ C:\WINDOWS\system32\mstinit.exe
2007-03-21 21:03 9,216 --a------ C:\WINDOWS\system32\icaapi.dll
2007-03-21 21:03 9,216 --a------ C:\WINDOWS\system32\dumprep.exe
2007-03-21 21:03 857,600 --a------ C:\WINDOWS\system32\netplwiz.dll
2007-03-21 21:03 82,944 --a------ C:\WINDOWS\system32\psbase.dll
2007-03-21 21:03 82,432 --a------ C:\WINDOWS\system32\fldrclnr.dll
2007-03-21 21:03 81,408 --a------ C:\WINDOWS\system32\msoert2.dll
2007-03-21 21:03 802,304 --a------ C:\WINDOWS\system32\dxmrtp.dll
2007-03-21 21:03 8,832 --a------ C:\WINDOWS\system32\framebuf.dll
2007-03-21 21:03 8,192 --a------ C:\WINDOWS\system32\autolfn.exe
2007-03-21 21:03 786,432 --a------ C:\WINDOWS\system32\dxdiag.exe
2007-03-21 21:03 77,312 --a------ C:\WINDOWS\system32\dmscript.dll
2007-03-21 21:03 76,288 --a------ C:\WINDOWS\system32\dfrgfat.exe
2007-03-21 21:03 76,288 --a------ C:\WINDOWS\system32\avifil32.dll
2007-03-21 21:03 74,810 --a------ C:\WINDOWS\system32\atl.dll
2007-03-21 21:03 73,728 --a------ C:\WINDOWS\system32\ils.dll
2007-03-21 21:03 71,680 --a------ C:\WINDOWS\system32\browsewm.dll
2007-03-21 21:03 70,656 --a------ C:\WINDOWS\system32\defrag.exe
2007-03-21 21:03 70,144 --a------ C:\WINDOWS\system32\cryptdlg.dll
2007-03-21 21:03 7,040 --a------ C:\WINDOWS\system32\kd1394.dll
2007-03-21 21:03 699,392 --a------ C:\WINDOWS\system32\msxml2.dll
2007-03-21 21:03 686,080 --a------ C:\WINDOWS\system32\opengl32.dll
2007-03-21 21:03 68,096 --a------ C:\WINDOWS\system32\mscms.dll
2007-03-21 21:03 67,584 --a------ C:\WINDOWS\system32\msctfp.dll
2007-03-21 21:03 66,560 --a------ C:\WINDOWS\system32\faultrep.dll
2007-03-21 21:03 65,536 --a------ C:\WINDOWS\system32\msconf.dll
2007-03-21 21:03 64,512 --a------ C:\WINDOWS\system32\ciodm.dll
2007-03-21 21:03 62,976 --a------ C:\WINDOWS\system32\browselc.dll
2007-03-21 21:03 62,464 --a------ C:\WINDOWS\system32\adsmsext.dll
2007-03-21 21:03 61,440 --a------ C:\WINDOWS\system32\odbccu32.dll
2007-03-21 21:03 61,440 --a------ C:\WINDOWS\system32\odbccr32.dll
2007-03-21 21:03 61,440 --a------ C:\WINDOWS\system32\dbnetlib.dll
2007-03-21 21:03 60,928 --a------ C:\WINDOWS\system32\ipv6.exe
2007-03-21 21:03 6,656 --a------ C:\WINDOWS\system32\batt.dll
2007-03-21 21:03 598,016 --a------ C:\WINDOWS\system32\mstscax.dll
2007-03-21 21:03 59,392 --a------ C:\WINDOWS\system32\iesetup.dll
2007-03-21 21:03 59,392 --a------ C:\WINDOWS\system32\6to4svc.dll
2007-03-21 21:03 587,776 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-03-21 21:03 584,192 --a------ C:\WINDOWS\system32\netcfgx.dll
2007-03-21 21:03 582,656 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-03-21 21:03 58,880 --a------ C:\WINDOWS\system32\pautoenr.dll
2007-03-21 21:03 58,368 --a------ C:\WINDOWS\system32\dpvsetup.exe
2007-03-21 21:03 57,856 --a------ C:\WINDOWS\system32\licwmi.dll
2007-03-21 21:03 57,344 --a------ C:\WINDOWS\system32\dmcompos.dll
2007-03-21 21:03 56,320 --a------ C:\WINDOWS\system32\mshtmler.dll
2007-03-21 21:03 56,320 --a------ C:\WINDOWS\system32\dpnhupnp.dll
2007-03-21 21:03 557,568 --a------ C:\WINDOWS\system32\crypt32.dll
2007-03-21 21:03 552,991 --a------ C:\WINDOWS\system32\msrepl40.dll
2007-03-21 21:03 55,296 --a------ C:\WINDOWS\system32\digest.dll
2007-03-21 21:03 54,272 --a------ C:\WINDOWS\system32\clusapi.dll
2007-03-21 21:03 53,248 --a------ C:\WINDOWS\system32\packager.exe
2007-03-21 21:03 53,248 --a------ C:\WINDOWS\system32\odbcconf.exe
2007-03-21 21:03 53,248 --a------ C:\WINDOWS\system32\cryptsvc.dll
2007-03-21 21:03 512,031 --a------ C:\WINDOWS\system32\msexch40.dll
2007-03-21 21:03 511,488 --a------ C:\WINDOWS\system32\qedit.dll
2007-03-21 21:03 51,712 --a------ C:\WINDOWS\system32\ipconfig.exe
2007-03-21 21:03 504,320 --a------ C:\WINDOWS\system32\logonui.exe
2007-03-21 21:03 498,205 --a------ C:\WINDOWS\system32\dxmasf.dll
2007-03-21 21:03 49,664 --a------ C:\WINDOWS\system32\ixsso.dll
2007-03-21 21:03 49,664 --a------ C:\WINDOWS\system32\dpwsockx.dll
2007-03-21 21:03 49,152 --a------ C:\WINDOWS\system32\npptools.dll
2007-03-21 21:03 49,152 --a------ C:\WINDOWS\system32\eventlog.dll
2007-03-21 21:03 49,152 --a------ C:\WINDOWS\system32\browser.dll
2007-03-21 21:03 471,040 --a------ C:\WINDOWS\system32\cryptui.dll
2007-03-21 21:03 45,568 --a------ C:\WINDOWS\system32\docprop2.dll
2007-03-21 21:03 435,200 --a------ C:\WINDOWS\system32\ipnathlp.dll
2007-03-21 21:03 421,919 --a------ C:\WINDOWS\system32\msrd2x40.dll
2007-03-21 21:03 42,537 --a------ C:\WINDOWS\system32\keyboard.sys
2007-03-21 21:03 42,496 --a------ C:\WINDOWS\system32\ncobjapi.dll
2007-03-21 21:03 41,984 --a------ C:\WINDOWS\system32\alg.exe
2007-03-21 21:03 41,472 --a------ C:\WINDOWS\system32\cmdl32.exe
2007-03-21 21:03 401,462 --a------ C:\WINDOWS\system32\msvcp60.dll
2007-03-21 21:03 4,608 --a------ C:\WINDOWS\system32\msimg32.dll
2007-03-21 21:03 4,126 --a------ C:\WINDOWS\system32\msdxmlc.dll
2007-03-21 21:03 399,360 --a------ C:\WINDOWS\system32\netlogon.dll
2007-03-21 21:03 392,704 --a------ C:\WINDOWS\system32\ntmssvc.dll
2007-03-21 21:03 39,424 --a------ C:\WINDOWS\system32\net.exe
2007-03-21 21:03 388,608 --a------ C:\WINDOWS\system32\mstsc.exe
2007-03-21 21:03 381,440 --a------ C:\WINDOWS\system32\lmrt.dll
2007-03-21 21:03 380,445 --a------ C:\WINDOWS\system32\expsrv.dll
2007-03-21 21:03 38,912 --a------ C:\WINDOWS\system32\audiosrv.dll
2007-03-21 21:03 38,400 --a------ C:\WINDOWS\system32\ntmsapi.dll
2007-03-21 21:03 38,400 --a------ C:\WINDOWS\system32\ntlanman.dll
2007-03-21 21:03 37,888 --a------ C:\WINDOWS\system32\hhsetup.dll
2007-03-21 21:03 368,710 --a------ C:\WINDOWS\system32\msisam11.dll
2007-03-21 21:03 36,922 --a------ C:\WINDOWS\system32\imeshare.dll
2007-03-21 21:03 359,936 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-03-21 21:03 357,376 --a------ C:\WINDOWS\system32\qdvd.dll
2007-03-21 21:03 35,328 --a------ C:\WINDOWS\system32\dfrgsnap.dll
2007-03-21 21:03 348,195 --a------ C:\WINDOWS\system32\msjetoledb40.dll
2007-03-21 21:03 348,191 --a------ C:\WINDOWS\system32\mspbde40.dll
2007-03-21 21:03 344,095 --a------ C:\WINDOWS\system32\msxbde40.dll
2007-03-21 21:03 339,968 --a------ C:\WINDOWS\system32\mspaint.exe
2007-03-21 21:03 33,808 --a------ C:\WINDOWS\system32\ntio.sys
2007-03-21 21:03 328,704 --a------ C:\WINDOWS\system32\oakley.dll
2007-03-21 21:03 324,608 --a------ C:\WINDOWS\system32\cmdial32.dll
2007-03-21 21:03 323,072 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-03-21 21:03 32,768 --a------ C:\WINDOWS\system32\odbcad32.exe
2007-03-21 21:03 32,768 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-03-21 21:03 32,256 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-03-21 21:03 319,760 --a------ C:\WINDOWS\system32\msnsspc.dll
2007-03-21 21:03 319,519 --a------ C:\WINDOWS\system32\msexcl40.dll
2007-03-21 21:03 318,464 --a------ C:\WINDOWS\system32\ippromon.dll
2007-03-21 21:03 31,744 --a------ C:\WINDOWS\system32\dmloader.dll
2007-03-21 21:03 307,712 --a------ C:\WINDOWS\system32\cscui.dll
2007-03-21 21:03 30,208 --a------ C:\WINDOWS\system32\imgutil.dll
2007-03-21 21:03 29,696 --a------ C:\WINDOWS\system32\dpnhpast.dll
2007-03-21 21:03 28,672 --a------ C:\WINDOWS\system32\dbnmpntw.dll
2007-03-21 21:03 272,896 --a------ C:\WINDOWS\system32\kerberos.dll
2007-03-21 21:03 266,752 --a------ C:\WINDOWS\winhlp32.exe
2007-03-21 21:03 266,752 --a------ C:\WINDOWS\system32\msctf.dll
2007-03-21 21:03 263,680 --a------ C:\WINDOWS\system32\duser.dll
2007-03-21 21:03 263,168 --a------ C:\WINDOWS\system32\devmgr.dll
2007-03-21 21:03 26,112 --a------ C:\WINDOWS\system32\dmband.dll
2007-03-21 21:03 254,976 --a------ C:\WINDOWS\system32\pdh.dll
2007-03-21 21:03 253,983 --a------ C:\WINDOWS\system32\mstext40.dll
2007-03-21 21:03 253,440 --a------ C:\WINDOWS\system32\ddraw.dll
2007-03-21 21:03 250,368 --a------ C:\WINDOWS\system32\mstask.dll
2007-03-21 21:03 25,600 --a------ C:\WINDOWS\system32\dfsshlex.dll
2007-03-21 21:03 241,725 --a------ C:\WINDOWS\system32\msuni11.dll
2007-03-21 21:03 241,695 --a------ C:\WINDOWS\system32\msjtes40.dll
2007-03-21 21:03 240,640 --a------ C:\WINDOWS\system32\hnetcfg.dll
2007-03-21 21:03 24,576 --a------ C:\WINDOWS\system32\odbcbcp.dll
2007-03-21 21:03 24,576 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-03-21 21:03 24,576 --a------ C:\WINDOWS\system32\dbmsvinn.dll
2007-03-21 21:03 24,576 --a------ C:\WINDOWS\system32\dbmsrpcn.dll
2007-03-21 21:03 24,576 --a------ C:\WINDOWS\system32\conime.exe
2007-03-21 21:03 239,616 --a------ C:\WINDOWS\system32\adsnt.dll
2007-03-21 21:03 238,592 --a------ C:\WINDOWS\system32\compatui.dll
2007-03-21 21:03 238,080 --a------ C:\WINDOWS\system32\newdev.dll
2007-03-21 21:03 236,032 --a------ C:\WINDOWS\system32\icm32.dll
2007-03-21 21:03 233,472 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2007-03-21 21:03 229,888 --a------ C:\WINDOWS\system32\msieftp.dll
2007-03-21 21:03 228,864 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-03-21 21:03 227,840 --a------ C:\WINDOWS\system32\dsquery.dll
2007-03-21 21:03 225,280 --a------ C:\WINDOWS\system32\es.dll
2007-03-21 21:03 221,696 --a------ C:\WINDOWS\system32\qmgr.dll
2007-03-21 21:03 22,528 --a------ C:\WINDOWS\system32\mslbui.dll
2007-03-21 21:03 22,528 --a------ C:\WINDOWS\system32\at.exe
2007-03-21 21:03 219,648 --a------ C:\WINDOWS\system32\logon.scr
2007-03-21 21:03 213,023 --a------ C:\WINDOWS\system32\msltus40.dll
2007-03-21 21:03 212,480 --a------ C:\WINDOWS\system32\osk.exe
2007-03-21 21:03 210,944 --a------ C:\WINDOWS\system32\moricons.dll
2007-03-21 21:03 206,336 --a------ C:\WINDOWS\system32\dpvoice.dll
2007-03-21 21:03 200,704 --a------ C:\WINDOWS\system32\odbc32.dll
2007-03-21 21:03 20,480 --a------ C:\WINDOWS\system32\dbmsadsn.dll
2007-03-21 21:03 196,096 --a------ C:\WINDOWS\system32\mobsync.dll
2007-03-21 21:03 192,512 --a------ C:\WINDOWS\system32\mswebdvd.dll
2007-03-21 21:03 19,456 --a------ C:\WINDOWS\system32\licmgr10.dll
2007-03-21 21:03 19,456 --a------ C:\WINDOWS\system32\fontview.exe
2007-03-21 21:03 19,456 --a------ C:\WINDOWS\system32\ersvc.dll
2007-03-21 21:03 186,880 --a------ C:\WINDOWS\system32\certcli.dll
2007-03-21 21:03 184,832 --a------ C:\WINDOWS\system32\qcap.dll
2007-03-21 21:03 182,784 --a------ C:\WINDOWS\system32\msutb.dll
2007-03-21 21:03 180,224 --a------ C:\WINDOWS\system32\dwwin.exe
2007-03-21 21:03 178,688 --a------ C:\WINDOWS\system32\eudcedit.exe
2007-03-21 21:03 172,544 --a------ C:\WINDOWS\system32\dmime.dll
2007-03-21 21:03 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-03-21 21:03 17,408 --a------ C:\WINDOWS\system32\psapi.dll
2007-03-21 21:03 168,960 --a------ C:\WINDOWS\system32\dinput8.dll
2007-03-21 21:03 165,888 --a------ C:\WINDOWS\system32\ntmsdba.dll
2007-03-21 21:03 165,376 --a------ C:\WINDOWS\system32\els.dll
2007-03-21 21:03 163,840 --a------ C:\WINDOWS\system32\mindex.dll
2007-03-21 21:03 162,816 --a------ C:\WINDOWS\system32\adsldp.dll
2007-03-21 21:03 16,384 --a------ C:\WINDOWS\system32\ping.exe
2007-03-21 21:03 16,384 --a------ C:\WINDOWS\system32\odbc32gt.dll
2007-03-21 21:03 16,384 --a------ C:\WINDOWS\system32\nddenb32.dll
2007-03-21 21:03 16,384 --a------ C:\WINDOWS\system32\ds32gt.dll
2007-03-21 21:03 158,720 --a------ C:\WINDOWS\system32\credui.dll
2007-03-21 21:03 156,672 --a------ C:\WINDOWS\system32\dpnet.dll
2007-03-21 21:03 155,648 --a------ C:\WINDOWS\system32\ipsecsvc.dll
2007-03-21 21:03 154,112 --a------ C:\WINDOWS\system32\netman.dll
2007-03-21 21:03 151,552 --a------ C:\WINDOWS\system32\dinput.dll
2007-03-21 21:03 147,456 --a------ C:\WINDOWS\system32\odbctrac.dll
2007-03-21 21:03 143,872 --a------ C:\WINDOWS\system32\msimtf.dll
2007-03-21 21:03 143,872 --a------ C:\WINDOWS\system32\itircl.dll
2007-03-21 21:03 14,366 --a------ C:\WINDOWS\system32\asfsipc.dll
2007-03-21 21:03 139,776 --a------ C:\WINDOWS\system32\adsldpc.dll
2007-03-21 21:03 137,216 --a------ C:\WINDOWS\system32\ntshrui.dll
2007-03-21 21:03 135,680 --a------ C:\WINDOWS\system32\dsprop.dll
2007-03-21 21:03 134,144 --a------ C:\WINDOWS\system32\ipv6mon.dll
2007-03-21 21:03 131,072 --a------ C:\WINDOWS\system32\msorcl32.dll
2007-03-21 21:03 13,312 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-03-21 21:03 126,976 --a------ C:\WINDOWS\system32\msdart.dll
2007-03-21 21:03 124,928 --a------ C:\WINDOWS\system32\dssenh.dll
2007-03-21 21:03 123,904 --a------ C:\WINDOWS\system32\imapi.exe
2007-03-21 21:03 122,880 --a------ C:\WINDOWS\system32\odbcconf.dll
2007-03-21 21:03 122,368 --a------ C:\WINDOWS\system32\itss.dll
2007-03-21 21:03 12,288 --a------ C:\WINDOWS\system32\odbcp32r.dll
2007-03-21 21:03 12,288 --a------ C:\WINDOWS\system32\mscpx32r.dll
2007-03-21 21:03 116,736 --a------ C:\WINDOWS\system32\mplay32.exe
2007-03-21 21:03 115,712 --a------ C:\WINDOWS\system32\apphelp.dll
2007-03-21 21:03 115,200 --a------ C:\WINDOWS\system32\net1.exe
2007-03-21 21:03 114,176 --a------ C:\WINDOWS\system32\input.dll
2007-03-21 21:03 113,664 --a------ C:\WINDOWS\system32\msvfw32.dll
2007-03-21 21:03 113,152 --a------ C:\WINDOWS\system32\idq.dll
2007-03-21 21:03 113,152 --a------ C:\WINDOWS\system32\dfrgui.dll
2007-03-21 21:03 112,128 --a------ C:\WINDOWS\system32\ntmarta.dll
2007-03-21 21:03 110,080 --a------ C:\WINDOWS\system32\dmstyle.dll
2007-03-21 21:03 109,568 --a------ C:\WINDOWS\system32\offfilt.dll
2007-03-21 21:03 105,984 --a------ C:\WINDOWS\system32\netdde.exe
2007-03-21 21:03 103,936 --a------ C:\WINDOWS\system32\imm32.dll
2007-03-21 21:03 103,424 --a------ C:\WINDOWS\system32\dgnet.dll
2007-03-21 21:03 10,752 --a------ C:\WINDOWS\hh.exe
2007-03-21 21:03 10,240 --a------ C:\WINDOWS\system32\msrle32.dll
2007-03-21 21:03 10,240 --a------ C:\WINDOWS\system32\localui.dll
2007-03-21 21:03 1,740 --a------ C:\WINDOWS\system32\dcache.bin
2007-03-21 21:03 1,622,528 --a------ C:\WINDOWS\system32\netshell.dll
2007-03-21 21:03 1,503,262 --a------ C:\WINDOWS\system32\msjet40.dll
2007-03-21 21:03 1,220,608 --a------ C:\WINDOWS\system32\msvidctl.dll
2007-03-21 21:03 1,180,672 --a------ C:\WINDOWS\system32\d3d8.dll
2007-03-21 21:03 1,172,992 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-03-21 21:03 1,169,920 --a------ C:\WINDOWS\system32\ole32.dll
2007-03-21 21:03 1,142,784 --a------ C:\WINDOWS\system32\quartz.dll
2007-03-21 21:03 1,128,960 --a------ C:\WINDOWS\system32\mmcndmgr.dll
2007-03-21 21:03 1,122,304 --a------ C:\WINDOWS\system32\msxml3.dll
2007-03-21 21:03 1,004,032 --a------ C:\WINDOWS\explorer.exe
2007-03-21 21:02 91,136 --a------ C:\WINDOWS\system32\rastls.dll
2007-03-21 21:02 9,216 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-03-21 21:02 88,064 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-03-21 21:02 87,304 --a------ C:\WINDOWS\system32\rdpdd.dll
2007-03-21 21:02 86,528 --a------ C:\WINDOWS\system32\wlnotify.dll
2007-03-21 21:02 86,016 --a------ C:\WINDOWS\system32\xactsrv.dll
2007-03-21 21:02 82,944 --a------ C:\WINDOWS\system32\smlogsvc.exe
2007-03-21 21:02 81,920 --a------ C:\WINDOWS\system32\trkwks.dll
2007-03-21 21:02 8,192 --a------ C:\WINDOWS\system32\scrnsave.scr
2007-03-21 21:02 77,824 --a------ C:\WINDOWS\system32\wmpstub.exe
2007-03-21 21:02 75,912 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-03-21 21:02 74,240 --a------ C:\WINDOWS\system32\rtcshare.exe
2007-03-21 21:02 71,168 --a------ C:\WINDOWS\system32\sdbinst.exe
2007-03-21 21:02 674,816 --a------ C:\WINDOWS\system32\sxs.dll
2007-03-21 21:02 667,648 --a------ C:\WINDOWS\system32\ss3dfo.scr
2007-03-21 21:02 66,560 --a------ C:\WINDOWS\system32\spoolss.dll
2007-03-21 21:02 66,048 --a------ C:\WINDOWS\system32\sigverif.exe
2007-03-21 21:02 638,976 --a------ C:\WINDOWS\system32\sstext3d.scr
2007-03-21 21:02 63,488 --a------ C:\WINDOWS\system32\srclient.dll
2007-03-21 21:02 62,976 --a------ C:\WINDOWS\system32\shgina.dll
2007-03-21 21:02 61,952 --a------ C:\WINDOWS\system32\webclnt.dll
2007-03-21 21:02 61,952 --a------ C:\WINDOWS\system32\sti.dll
2007-03-21 21:02 60,416 --a------ C:\WINDOWS\system32\wextract.exe
2007-03-21 21:02 60,416 --a------ C:\WINDOWS\system32\shimeng.dll
2007-03-21 21:02 6,144 --a------ C:\WINDOWS\system32\sensapi.dll
2007-03-21 21:02 57,856 --a------ C:\WINDOWS\system32\raschap.dll
2007-03-21 21:02 569,344 --a------ C:\WINDOWS\system32\sspipes.scr
2007-03-21 21:02 56,832 --a------ C:\WINDOWS\system32\wzcdlg.dll
2007-03-21 21:02 56,320 --a------ C:\WINDOWS\system32\remotepg.dll
2007-03-21 21:02 548,864 --a------ C:\WINDOWS\system32\rtcdll.dll
2007-03-21 21:02 534,016 --a------ C:\WINDOWS\system32\spider.exe
2007-03-21 21:02 530,432 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-03-21 21:02 52,224 --a------ C:\WINDOWS\system32\secur32.dll
2007-03-21 21:02 51,200 --a------ C:\WINDOWS\system32\wmerrenu.dll
2007-03-21 21:02 48,640 --a------ C:\WINDOWS\system32\vdmredir.dll
2007-03-21 21:02 48,128 --a------ C:\WINDOWS\system32\winsta.dll
2007-03-21 21:02 48,128 --a------ C:\WINDOWS\system32\reg.exe
2007-03-21 21:02 479,261 --a------ C:\WINDOWS\system32\vbscript.dll
2007-03-21 21:02 47,616 --a------ C:\WINDOWS\system32\utilman.exe
2007-03-21 21:02 446,464 --a------ C:\WINDOWS\system32\wmvdmoe.dll
2007-03-21 21:02 44,032 --a------ C:\WINDOWS\system32\regapi.dll
2007-03-21 21:02 44,032 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-03-21 21:02 43,008 --a------ C:\WINDOWS\system32\ssdpsrv.dll
2007-03-21 21:02 420,864 --a------ C:\WINDOWS\system32\shimgvw.dll
2007-03-21 21:02 409,088 --a------ C:\WINDOWS\system32\vssapi.dll
2007-03-21 21:02 40,960 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-03-21 21:02 385,024 --a------ C:\WINDOWS\system32\sqlsrv32.dll
2007-03-21 21:02 384,000 --a------ C:\WINDOWS\system32\themeui.dll
2007-03-21 21:02 38,912 --a------ C:\WINDOWS\system32\wsnmp32.dll
2007-03-21 21:02 364,544 --a------ C:\WINDOWS\system32\ssflwbox.scr
2007-03-21 21:02 36,352 --a------ C:\WINDOWS\system32\sens.dll
2007-03-21 21:02 34,304 --a------ C:\WINDOWS\system32\rcimlby.exe
2007-03-21 21:02 339,456 --a------ C:\WINDOWS\system32\usp10.dll
2007-03-21 21:02 334,848 --a------ C:\WINDOWS\system32\smlogcfg.dll
2007-03-21 21:02 33,280 --a------ C:\WINDOWS\system32\shmgrate.exe
2007-03-21 21:02 32,256 --a------ C:\WINDOWS\system32\umandlg.dll
2007-03-21 21:02 316,416 --a------ C:\WINDOWS\system32\zipfldr.dll
2007-03-21 21:02 311,327 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2007-03-21 21:02 3,338 --a------ C:\WINDOWS\system32\redir.exe
2007-03-21 21:02 297,984 --a------ C:\WINDOWS\system32\scesrv.dll
2007-03-21 21:02 296,448 --a------ C:\WINDOWS\system32\wmstream.dll
2007-03-21 21:02 27,136 --a------ C:\WINDOWS\system32\ssdpapi.dll
2007-03-21 21:02 260,608 --a------ C:\WINDOWS\system32\rpcss.dll
2007-03-21 21:02 251,904 --a------ C:\WINDOWS\system32\strmdll.dll
2007-03-21 21:02 247,808 --a------ C:\WINDOWS\system32\wow32.dll
2007-03-21 21:02 24,064 --a------ C:\WINDOWS\system32\skeys.exe
2007-03-21 21:02 233,984 --a------ C:\WINDOWS\system32\tapisrv.dll
2007-03-21 21:02 231,424 --a------ C:\WINDOWS\system32\upnpui.dll
2007-03-21 21:02 226,304 --a------ C:\WINDOWS\system32\srrstr.dll
2007-03-21 21:02 22,528 --a------ C:\WINDOWS\system32\slayerxp.dll
2007-03-21 21:02 22,528 --a------ C:\WINDOWS\system32\shfolder.dll
2007-03-21 21:02 22,016 --a------ C:\WINDOWS\system32\udhisapi.dll
2007-03-21 21:02 203,264 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-03-21 21:02 200,192 --a------ C:\WINDOWS\system32\termsrv.dll
2007-03-21 21:02 20,992 --a------ C:\WINDOWS\system32\setup.exe
2007-03-21 21:02 193,536 --a------ C:\WINDOWS\system32\rasppp.dll
2007-03-21 21:02 19,456 --a------ C:\WINDOWS\system32\ssmarque.scr
2007-03-21 21:02 18,944 --a------ C:\WINDOWS\system32\ssbezier.scr
2007-03-21 21:02 174,592 --a------ C:\WINDOWS\system32\scecli.dll
2007-03-21 21:02 172,664 --a------ C:\WINDOWS\system32\xenroll.dll
2007-03-21 21:02 171,520 --a------ C:\WINDOWS\system32\winmm.dll
2007-03-21 21:02 171,008 --a------ C:\WINDOWS\system32\sccsccp.dll
2007-03-21 21:02 17,408 --a------ C:\WINDOWS\system32\wtsapi32.dll
2007-03-21 21:02 17,408 --a------ C:\WINDOWS\system32\ssmyst.scr
2007-03-21 21:02 169,984 --a------ C:\WINDOWS\system32\sccbase.dll
2007-03-21 21:02 168,448 --a------ C:\WINDOWS\system32\wldap32.dll
2007-03-21 21:02 165,376 --a------ C:\WINDOWS\system32\w32time.dll
2007-03-21 21:02 165,376 --a------ C:\WINDOWS\system32\tapi32.dll
2007-03-21 21:02 164,864 --a------ C:\WINDOWS\system32\upnphost.dll
2007-03-21 21:02 16,896 --a------ C:\WINDOWS\system32\snmpapi.dll
2007-03-21 21:02 16,384 --a------ C:\WINDOWS\system32\watchdog.sys
2007-03-21 21:02 16,384 --a------ C:\WINDOWS\system32\ups.exe
2007-03-21 21:02 159,232 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-03-21 21:02 158,720 --a------ C:\WINDOWS\system32\srsvc.dll
2007-03-21 21:02 14,848 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-03-21 21:02 135,680 --a------ C:\WINDOWS\system32\rdchost.dll
2007-03-21 21:02 133,632 --a------ C:\WINDOWS\system32\rsaenh.dll
2007-03-21 21:02 133,120 --a------ C:\WINDOWS\system32\sfc_os.dll
2007-03-21 21:02 130,560 --a------ C:\WINDOWS\system32\sti_ci.dll
2007-03-21 21:02 13,824 --a------ C:\WINDOWS\system32\rassapi.dll
2007-03-21 21:02 13,312 --a------ C:\WINDOWS\system32\wship6.dll
2007-03-21 21:02 13,312 --a------ C:\WINDOWS\system32\ssstars.scr
2007-03-21 21:02 128,512 --a------ C:\WINDOWS\system32\taskmgr.exe
2007-03-21 21:02 124,928 --a------ C:\WINDOWS\system32\webvw.dll
2007-03-21 21:02 120,320 --a------ C:\WINDOWS\system32\upnp.dll
2007-03-21 21:02 12,800 --a------ C:\WINDOWS\system32\runonce.exe
2007-03-21 21:02 12,288 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-03-21 21:02 119,808 --a------ C:\WINDOWS\system32\wiadss.dll
2007-03-21 21:02 118,784 --a------ C:\WINDOWS\system32\wmsdmoe.dll
2007-03-21 21:02 117,760 --a------ C:\WINDOWS\system32\stobject.dll
2007-03-21 21:02 11,776 --a------ C:\WINDOWS\system32\sigtab.dll
2007-03-21 21:02 107,008 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2007-03-21 21:02 10,752 --a------ C:\WINDOWS\system32\tracert.exe
2007-03-21 21:02 1,349,120 --a------ C:\WINDOWS\system32\query.dll
2007-03-21 21:02 1,157,632 --a------ C:\WINDOWS\system32\sfcfiles.dll
2007-03-21 20:56 45,056 --a------ C:\command.exe
2007-03-17 13:20 27,122 --a------ C:\WINDOWS\system32\mllmj.exe


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-03-23 22:59 -------- d-------- C:\Program Files\pokerstars
2007-03-21 21:12 -------- d-------- C:\Program Files\messenger
2007-03-21 21:04 -------- d-------- C:\Program Files\movie maker
2007-03-18 13:47 -------- d-------- C:\Program Files\google


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~2\\mimboot.exe"
"MMTray"="\"C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe\""
"SoundService"="rundll32.exe \"C:\\WINDOWS\\tutusr.dll\",setvm"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Steve.job


********************************************************************

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 07-03-24 12:55:44
C:\ComboFix ... 07-03-24 12:55
C:\ComboFix.txt3.txt ... 07-03-23 13:29
C:\ComboFix2.txt ... 07-03-23 13:28
C:\ComboFix3.txt ... 07-03-21 20:29


Deckard's System Scanner v20070318.32
Run by Steve on 2007-03-24 at 13:07:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Steve.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 1:07:34 PM, on 3/24/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Documents and Settings\Steve\My Documents\dss.exe
C:\PROGRA~1\HIJACK~1\Steve.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


-- Files created between 2007-02-24 and 2007-03-24 -----------------------------

2007-03-22 10:03:34 106539 --a------ C:\WINDOWS\tutusr.dll
2007-03-21 21:13:09 0 d-------- C:\WINDOWS\Prefetch
2007-03-21 2154 115200 --a------ C:\WINDOWS\System32\dpcdll.dll
2007-03-21 21:04:55 0 d-------- C:\WINDOWS\ServicePackFiles<SERVIC~1>
2007-03-21 21:04:55 0 d-------- C:\WINDOWS\ehome
2007-03-21 21:04:54 10752 -----n--- C:\WINDOWS\System32\spiisupd.exe
2007-03-21 21:04:54 17792 -----n--- C:\WINDOWS\System32\drivers\irbus.sys
2007-03-21 21:04:54 29696 -----n--- C:\WINDOWS\System32\asr_pfu.exe
2007-03-21 21:04:48 34735 -----n--- C:\WINDOWS\System32\drivers\atinxsxx.sys
2007-03-21 21:04:48 29455 -----n--- C:\WINDOWS\System32\drivers\atinxbxx.sys
2007-03-21 21:04:48 36463 -----n--- C:\WINDOWS\System32\drivers\atintuxx.sys
2007-03-21 21:04:48 21343 -----n--- C:\WINDOWS\System32\drivers\atinttxx.sys
2007-03-21 21:04:48 26367 -----n--- C:\WINDOWS\System32\drivers\atinsnxx.sys
2007-03-21 21:04:48 63663 -----n--- C:\WINDOWS\System32\drivers\atinrvxx.sys
2007-03-21 21:04:48 30671 -----n--- C:\WINDOWS\System32\drivers\atinraxx.sys
2007-03-21 21:04:48 12047 -----n--- C:\WINDOWS\System32\drivers\atinpdxx.sys
2007-03-21 21:04:48 11615 -----n--- C:\WINDOWS\System32\drivers\atinmdxx.sys
2007-03-21 21:04:48 56591 -----n--- C:\WINDOWS\System32\drivers\atinbtxx.sys
2007-03-21 21:04:48 450176 -----n--- C:\WINDOWS\System32\drivers\ati2mtag.sys
2007-03-21 21:04:48 327040 -----n--- C:\WINDOWS\System32\drivers\ati2mtaa.sys
2007-03-21 21:04:47 13056 -----n--- C:\WINDOWS\System32\drivers\wacompen.sys
2007-03-21 21:04:47 19328 -----n--- C:\WINDOWS\System32\drivers\usbehci.sys
2007-03-21 21:04:47 11904 -----n--- C:\WINDOWS\System32\drivers\mutohpen.sys
2007-03-21 21:04:47 6912 -----n--- C:\WINDOWS\System32\drivers\hidir.sys
2007-03-21 21:04:47 844675 -----n--- C:\WINDOWS\System32\ati3d1ag.dll
2007-03-21 21:04:47 202496 -----n--- C:\WINDOWS\System32\ati2dvag.dll
2007-03-21 21:04:47 377984 -----n--- C:\WINDOWS\System32\ati2dvaa.dll
2007-03-21 21:04:46 110080 -----n--- C:\WINDOWS\System32\sbeio.dll
2007-03-21 21:04:46 218112 -----n--- C:\WINDOWS\System32\sbe.dll
2007-03-21 21:04:46 172032 -----n--- C:\WINDOWS\System32\mssap.dll
2007-03-21 21:04:46 5120 -----n--- C:\WINDOWS\System32\hccoin.dll
2007-03-21 21:04:46 18944 -----n--- C:\WINDOWS\System32\faxpatch.exe
2007-03-21 21:04:46 155648 -----n--- C:\WINDOWS\System32\encdec.dll
2007-03-21 21:04:46 12288 -----n--- C:\WINDOWS\System32\encapi.dll
2007-03-21 21:04:46 3584 -----n--- C:\WINDOWS\System32\dsprpres.dll
2007-03-21 21:04:46 921475 -----n--- C:\WINDOWS\System32\ati3d2ag.dll
2007-03-21 21:04:45 187904 -----n--- C:\WINDOWS\System32\xpsp1res.dll
2007-03-21 21:04:45 1677312 -----n--- C:\WINDOWS\System32\wmvcore2.dll
2007-03-21 21:04:45 310272 --a------ C:\WINDOWS\System32\winhttp.dll
2007-03-21 21:04:45 403456 -----n--- C:\WINDOWS\System32\winbrand.dll
2007-03-21 21:04:44 156544 --a------ C:\WINDOWS\System32\drivers\nwrdr.sys
2007-03-21 21:04:44 67200 --a------ C:\WINDOWS\System32\drivers\mqac.sys
2007-03-21 21:04:44 156672 --a------ C:\WINDOWS\System32\appmgmts.dll
2007-03-21 21:04:43 14848 --a------ C:\WINDOWS\System32\mqise.dll
2007-03-21 21:04:43 130048 --a------ C:\WINDOWS\System32\mqad.dll
2007-03-21 21:04:43 183296 --a------ C:\WINDOWS\System32\gptext.dll
2007-03-21 21:04:43 113152 --a------ C:\WINDOWS\System32\gpresult.exe
2007-03-21 21:04:43 67584 --a------ C:\WINDOWS\System32\fdeploy.dll
2007-03-21 21:04:43 277504 --a------ C:\WINDOWS\System32\appmgr.dll
2007-03-21 21:04:42 164352 --a------ C:\WINDOWS\System32\mqtrig.dll
2007-03-21 21:04:42 478720 --a------ C:\WINDOWS\System32\mqsnap.dll
2007-03-21 21:04:42 89088 --a------ C:\WINDOWS\System32\mqsec.dll
2007-03-21 21:04:42 164864 --a------ C:\WINDOWS\System32\mqrt.dll
2007-03-21 21:04:42 613888 --a------ C:\WINDOWS\System32\mqqm.dll
2007-03-21 21:04:41 67584 --a------ C:\WINDOWS\System32\tlntsvr.exe
2007-03-21 21:04:41 73728 --a------ C:\WINDOWS\System32\tlntsess.exe
2007-03-21 21:04:41 57856 --a------ C:\WINDOWS\System32\tlntadmn.exe
2007-03-21 21:04:41 113664 --a------ C:\WINDOWS\System32\schtasks.exe
2007-03-21 21:04:41 103936 --a------ C:\WINDOWS\System32\rsnotify.exe
2007-03-21 21:04:41 57344 --a------ C:\WINDOWS\System32\nwwks.dll
2007-03-21 21:04:41 469504 --a------ C:\WINDOWS\System32\mqutil.dll
2007-03-21 21:04:40 231936 --a------ C:\WINDOWS\System32\tracerpt.exe
2007-03-21 21:04:40 7168 --a------ C:\WINDOWS\System32\tlntsvrp.dll
2007-03-21 21:04:39 545792 --a------ C:\WINDOWS\System32\wsecedit.dll
2007-03-21 21:03:58 266752 --a------ C:\WINDOWS\winhlp32.exe
2007-03-21 21:03:58 10752 --a------ C:\WINDOWS\hh.exe
2007-03-21 21:03:58 1004032 --a------ C:\WINDOWS\explorer.exe
2007-03-21 21:03:52 139776 --a------ C:\WINDOWS\System32\adsldpc.dll
2007-03-21 21:03:52 162816 --a------ C:\WINDOWS\System32\adsldp.dll
2007-03-21 21:03:52 59392 --a------ C:\WINDOWS\System32\6to4svc.dll
2007-03-21 21:03:51 41984 --a------ C:\WINDOWS\System32\alg.exe
2007-03-21 21:03:51 91648 --a------ C:\WINDOWS\System32\ahui.exe
2007-03-21 21:03:51 239616 --a------ C:\WINDOWS\System32\adsnt.dll
2007-03-21 21:03:51 62464 --a------ C:\WINDOWS\System32\adsmsext.dll
2007-03-21 21:03:50 38912 --a------ C:\WINDOWS\System32\audiosrv.dll
2007-03-21 21:03:50 74810 --a------ C:\WINDOWS\System32\atl.dll
2007-03-21 21:03:50 22528 --a------ C:\WINDOWS\System32\at.exe
2007-03-21 21:03:50 14366 --a------ C:\WINDOWS\System32\asfsipc.dll
2007-03-21 21:03:50 115712 --a------ C:\WINDOWS\System32\apphelp.dll
2007-03-21 21:03:49 49152 --a------ C:\WINDOWS\System32\browser.dll
2007-03-21 21:03:49 62976 --a------ C:\WINDOWS\System32\browselc.dll
2007-03-21 21:03:49 6656 --a------ C:\WINDOWS\System32\batt.dll
2007-03-21 21:03:49 76288 --a------ C:\WINDOWS\System32\avifil32.dll
2007-03-21 21:03:49 8192 --a------ C:\WINDOWS\System32\autolfn.exe
2007-03-21 21:03:48 582656 --a------ C:\WINDOWS\System32\catsrvut.dll
2007-03-21 21:03:48 71680 --a------ C:\WINDOWS\System32\browsewm.dll
2007-03-21 21:03:47 54272 --a------ C:\WINDOWS\System32\clusapi.dll
2007-03-21 21:03:47 98816 --a------ C:\WINDOWS\System32\clipbrd.exe
2007-03-21 21:03:47 64512 --a------ C:\WINDOWS\System32\ciodm.dll
2007-03-21 21:03:47 32768 --a------ C:\WINDOWS\System32\cfgbkend.dll
2007-03-21 21:03:47 186880 --a------ C:\WINDOWS\System32\certcli.dll
2007-03-21 21:03:46 1172992 --a------ C:\WINDOWS\System32\comsvcs.dll
2007-03-21 21:03:46 238592 --a------ C:\WINDOWS\System32\compatui.dll
2007-03-21 21:03:46 41472 --a------ C:\WINDOWS\System32\cmdl32.exe
2007-03-21 21:03:46 324608 --a------ C:\WINDOWS\System32\cmdial32.dll
2007-03-21 21:03:45 70144 --a------ C:\WINDOWS\System32\cryptdlg.dll
2007-03-21 21:03:45 557568 --a------ C:\WINDOWS\System32\crypt32.dll
2007-03-21 21:03:45 158720 --a------ C:\WINDOWS\System32\credui.dll
2007-03-21 21:03:45 24576 --a------ C:\WINDOWS\System32\conime.exe
2007-03-21 21:03:44 13312 --a------ C:\WINDOWS\System32\ctfmon.exe
2007-03-21 21:03:44 307712 --a------ C:\WINDOWS\System32\cscui.dll
2007-03-21 21:03:44 471040 --a------ C:\WINDOWS\System32\cryptui.dll
2007-03-21 21:03:44 53248 --a------ C:\WINDOWS\System32\cryptsvc.dll
2007-03-21 21:03:43 1180672 --a------ C:\WINDOWS\System32\d3d8.dll
2007-03-21 21:03:42 263168 --a------ C:\WINDOWS\System32\devmgr.dll
2007-03-21 21:03:42 70656 --a------ C:\WINDOWS\System32\defrag.exe
2007-03-21 21:03:42 253440 --a------ C:\WINDOWS\System32\ddraw.dll
2007-03-21 21:03:42 1740 --a------ C:\WINDOWS\System32\dcache.bin
2007-03-21 21:03:42 28672 --a------ C:\WINDOWS\System32\dbnmpntw.dll
2007-03-21 21:03:42 61440 --a------ C:\WINDOWS\System32\dbnetlib.dll
2007-03-21 21:03:42 24576 --a------ C:\WINDOWS\System32\dbmsvinn.dll
2007-03-21 21:03:42 24576 --a------ C:\WINDOWS\System32\dbmsrpcn.dll
2007-03-21 21:03:42 20480 --a------ C:\WINDOWS\System32\dbmsadsn.dll
2007-03-21 21:03:41 55296 --a------ C:\WINDOWS\System32\digest.dll
2007-03-21 21:03:41 103424 --a------ C:\WINDOWS\System32\dgnet.dll
2007-03-21 21:03:41 25600 --a------ C:\WINDOWS\System32\dfsshlex.dll
2007-03-21 21:03:41 113152 --a------ C:\WINDOWS\System32\dfrgui.dll
2007-03-21 21:03:41 35328 --a------ C:\WINDOWS\System32\dfrgsnap.dll
2007-03-21 21:03:41 76288 --a------ C:\WINDOWS\System32\dfrgfat.exe
2007-03-21 21:03:40 77312 --a------ C:\WINDOWS\System32\dmscript.dll
2007-03-21 21:03:40 31744 --a------ C:\WINDOWS\System32\dmloader.dll
2007-03-21 21:03:40 172544 --a------ C:\WINDOWS\System32\dmime.dll
2007-03-21 21:03:40 57344 --a------ C:\WINDOWS\System32\dmcompos.dll
2007-03-21 21:03:40 26112 --a------ C:\WINDOWS\System32\dmband.dll
2007-03-21 21:03:40 168960 --a------ C:\WINDOWS\System32\dinput8.dll
2007-03-21 21:03:40 151552 --a------ C:\WINDOWS\System32\dinput.dll
2007-03-21 21:03:39 56320 --a------ C:\WINDOWS\System32\dpnhupnp.dll
2007-03-21 21:03:39 29696 --a------ C:\WINDOWS\System32\dpnhpast.dll
2007-03-21 21:03:39 156672 --a------ C:\WINDOWS\System32\dpnet.dll
2007-03-21 21:03:39 45568 --a------ C:\WINDOWS\System32\docprop2.dll
2007-03-21 21:03:39 94720 --a------ C:\WINDOWS\System32\dmusic.dll
2007-03-21 21:03:39 110080 --a------ C:\WINDOWS\System32\dmstyle.dll
2007-03-21 21:03:38 227840 --a------ C:\WINDOWS\System32\dsquery.dll
2007-03-21 21:03:38 135680 --a------ C:\WINDOWS\System32\dsprop.dll
2007-03-21 21:03:38 16384 --a------ C:\WINDOWS\System32\ds32gt.dll
2007-03-21 21:03:38 49664 --a------ C:\WINDOWS\System32\dpwsockx.dll
2007-03-21 21:03:38 58368 --a------ C:\WINDOWS\System32\dpvsetup.exe
2007-03-21 21:03:38 206336 --a------ C:\WINDOWS\System32\dpvoice.dll
2007-03-21 21:03:37 180224 --a------ C:\WINDOWS\System32\dwwin.exe
2007-03-21 21:03:37 263680 --a------ C:\WINDOWS\System32\duser.dll
2007-03-21 21:03:37 9216 --a------ C:\WINDOWS\System32\dumprep.exe
2007-03-21 21:03:37 124928 --a------ C:\WINDOWS\System32\dssenh.dll
2007-03-21 21:03:36 802304 --a------ C:\WINDOWS\System32\dxmrtp.dll
2007-03-21 21:03:36 498205 --a------ C:\WINDOWS\System32\dxmasf.dll
2007-03-21 21:03:36 786432 --a------ C:\WINDOWS\System32\dxdiag.exe
2007-03-21 21:03:35 178688 --a------ C:\WINDOWS\System32\eudcedit.exe
2007-03-21 21:03:35 225280 --a------ C:\WINDOWS\System32\es.dll
2007-03-21 21:03:35 19456 --a------ C:\WINDOWS\System32\ersvc.dll
2007-03-21 21:03:35 165376 --a------ C:\WINDOWS\System32\els.dll
2007-03-21 21:03:34 8832 --a------ C:\WINDOWS\System32\framebuf.dll
2007-03-21 21:03:34 19456 --a------ C:\WINDOWS\System32\fontview.exe
2007-03-21 21:03:34 82432 --a------ C:\WINDOWS\System32\fldrclnr.dll
2007-03-21 21:03:34 66560 --a------ C:\WINDOWS\System32\faultrep.dll
2007-03-21 21:03:34 380445 --a------ C:\WINDOWS\System32\expsrv.dll
2007-03-21 21:03:34 49152 --a------ C:\WINDOWS\System32\eventlog.dll
2007-03-21 21:03:33 236032 --a------ C:\WINDOWS\System32\icm32.dll
2007-03-21 21:03:33 9216 --a------ C:\WINDOWS\System32\icaapi.dll
2007-03-21 21:03:33 240640 --a------ C:\WINDOWS\System32\hnetcfg.dll
2007-03-21 21:03:33 37888 --a------ C:\WINDOWS\System32\hhsetup.dll
2007-03-21 21:03:32 113152 --a------ C:\WINDOWS\System32\idq.dll
2007-03-21 21:03:31 30208 --a------ C:\WINDOWS\System32\imgutil.dll
2007-03-21 21:03:31 36922 --a------ C:\WINDOWS\System32\imeshare.dll
2007-03-21 21:03:31 123904 --a------ C:\WINDOWS\System32\imapi.exe
2007-03-21 21:03:31 73728 --a------ C:\WINDOWS\System32\ils.dll
2007-03-21 21:03:31 59392 --a------ C:\WINDOWS\System32\iesetup.dll
2007-03-21 21:03:30 114176 --a------ C:\WINDOWS\System32\input.dll
2007-03-21 21:03:30 587776 --a------ C:\WINDOWS\System32\inetcomm.dll
2007-03-21 21:03:30 103936 --a------ C:\WINDOWS\System32\imm32.dll
2007-03-21 21:03:29 51712 --a------ C:\WINDOWS\System32\ipconfig.exe
2007-03-21 21:03:28 143872 --a------ C:\WINDOWS\System32\itircl.dll
2007-03-21 21:03:28 134144 --a------ C:\WINDOWS\System32\ipv6mon.dll
2007-03-21 21:03:28 60928 --a------ C:\WINDOWS\System32\ipv6.exe
2007-03-21 21:03:28 155648 --a------ C:\WINDOWS\System32\ipsecsvc.dll
2007-03-21 21:03:28 318464 --a------ C:\WINDOWS\System32\ippromon.dll
2007-03-21 21:03:28 435200 --a------ C:\WINDOWS\System32\ipnathlp.dll
2007-03-21 21:03:27 272896 --a------ C:\WINDOWS\System32\kerberos.dll
2007-03-21 21:03:27 7040 --a------ C:\WINDOWS\System32\kd1394.dll
2007-03-21 21:03:27 49664 --a------ C:\WINDOWS\System32\ixsso.dll
2007-03-21 21:03:27 91648 --a------ C:\WINDOWS\System32\iuctl.dll
2007-03-21 21:03:27 122368 --a------ C:\WINDOWS\System32\itss.dll
2007-03-21 21:03:26 381440 --a------ C:\WINDOWS\System32\lmrt.dll
2007-03-21 21:03:26 57856 --a------ C:\WINDOWS\System32\licwmi.dll
2007-03-21 21:03:26 19456 --a------ C:\WINDOWS\System32\licmgr10.dll
2007-03-21 21:03:26 42537 --a------ C:\WINDOWS\System32\keyboard.sys
2007-03-21 21:03:25 163840 --a------ C:\WINDOWS\System32\mindex.dll
2007-03-21 21:03:25 504320 --a------ C:\WINDOWS\System32\logonui.exe
2007-03-21 21:03:25 219648 --a------ C:\WINDOWS\System32\logon.scr
2007-03-21 21:03:25 10240 --a------ C:\WINDOWS\System32\localui.dll
2007-03-21 21:03:24 233472 --a------ C:\WINDOWS\System32\mpg4dmod.dll
2007-03-21 21:03:24 210944 --a------ C:\WINDOWS\System32\moricons.dll
2007-03-21 21:03:24 196096 --a------ C:\WINDOWS\System32\mobsync.dll
2007-03-21 21:03:24 32256 --a------ C:\WINDOWS\System32\mnmdd.dll
2007-03-21 21:03:24 1128960 --a------ C:\WINDOWS\System32\mmcndmgr.dll
2007-03-21 21:03:23 12288 --a------ C:\WINDOWS\System32\mscpx32r.dll
2007-03-21 21:03:23 65536 --a------ C:\WINDOWS\System32\msconf.dll
2007-03-21 21:03:23 68096 --a------ C:\WINDOWS\System32\mscms.dll
2007-03-21 21:03:23 116736 --a------ C:\WINDOWS\System32\mplay32.exe
2007-03-21 21:03:22 359936 --a------ C:\WINDOWS\System32\msdtcprx.dll
2007-03-21 21:03:22 126976 --a------ C:\WINDOWS\System32\msdart.dll
2007-03-21 21:03:22 67584 --a------ C:\WINDOWS\System32\msctfp.dll
2007-03-21 21:03:22 266752 --a------ C:\WINDOWS\System32\msctf.dll
2007-03-21 21:03:21 319519 --a------ C:\WINDOWS\System32\msexcl40.dll
2007-03-21 21:03:21 512031 --a------ C:\WINDOWS\System32\msexch40.dll
2007-03-21 21:03:21 4126 --a------ C:\WINDOWS\System32\msdxmlc.dll
2007-03-21 21:03:19 229888 --a------ C:\WINDOWS\System32\msieftp.dll
2007-03-21 21:03:19 56320 --a------ C:\WINDOWS\System32\mshtmler.dll
2007-03-21 21:03:18 368710 --a------ C:\WINDOWS\System32\msisam11.dll
2007-03-21 21:03:18 143872 --a------ C:\WINDOWS\System32\msimtf.dll
2007-03-21 21:03:18 4608 --a------ C:\WINDOWS\System32\msimg32.dll
2007-03-21 21:03:17 213023 --a------ C:\WINDOWS\System32\msltus40.dll
2007-03-21 21:03:17 22528 --a------ C:\WINDOWS\System32\mslbui.dll
2007-03-21 21:03:17 241695 --a------ C:\WINDOWS\System32\msjtes40.dll
2007-03-21 21:03:17 348195 --a------ C:\WINDOWS\System32\msjetoledb40.dll<MSJETO~1.DLL>
2007-03-21 21:03:17 1503262 --a------ C:\WINDOWS\System32\msjet40.dll
2007-03-21 21:03:16 339968 --a------ C:\WINDOWS\System32\mspaint.exe
2007-03-21 21:03:16 131072 --a------ C:\WINDOWS\System32\msorcl32.dll
2007-03-21 21:03:16 81408 --a------ C:\WINDOWS\System32\msoert2.dll
2007-03-21 21:03:16 228864 --a------ C:\WINDOWS\System32\msoeacct.dll
2007-03-21 21:03:16 319760 --a------ C:\WINDOWS\System32\msnsspc.dll
2007-03-21 21:03:15 10240 --a------ C:\WINDOWS\System32\msrle32.dll
2007-03-21 21:03:15 552991 --a------ C:\WINDOWS\System32\msrepl40.dll
2007-03-21 21:03:15 421919 --a------ C:\WINDOWS\System32\msrd2x40.dll
2007-03-21 21:03:15 348191 --a------ C:\WINDOWS\System32\mspbde40.dll
2007-03-21 21:03:14 388608 --a------ C:\WINDOWS\System32\mstsc.exe
2007-03-21 21:03:14 9728 --a------ C:\WINDOWS\System32\mstinit.exe
2007-03-21 21:03:14 253983 --a------ C:\WINDOWS\System32\mstext40.dll
2007-03-21 21:03:14 250368 --a------ C:\WINDOWS\System32\mstask.dll
2007-03-21 21:03:13 401462 --a------ C:\WINDOWS\System32\msvcp60.dll
2007-03-21 21:03:13 182784 --a------ C:\WINDOWS\System32\msutb.dll
2007-03-21 21:03:13 241725 --a------ C:\WINDOWS\System32\msuni11.dll
2007-03-21 21:03:13 598016 --a------ C:\WINDOWS\System32\mstscax.dll
2007-03-21 21:03:12 1220608 --a------ C:\WINDOWS\System32\msvidctl.dll
2007-03-21 21:03:12 113664 --a------ C:\WINDOWS\System32\msvfw32.dll
2007-03-21 21:03:12 323072 --a------ C:\WINDOWS\System32\msvcrt.dll
2007-03-21 21:03:11 1122304 --a------ C:\WINDOWS\System32\msxml3.dll
2007-03-21 21:03:11 699392 --a------ C:\WINDOWS\System32\msxml2.dll
2007-03-21 21:03:11 344095 --a------ C:\WINDOWS\System32\msxbde40.dll
2007-03-21 21:03:11 192512 --a------ C:\WINDOWS\System32\mswebdvd.dll
2007-03-21 21:03:10 115200 --a------ C:\WINDOWS\System32\net1.exe
2007-03-21 21:03:10 39424 --a------ C:\WINDOWS\System32\net.exe
2007-03-21 21:03:10 16384 --a------ C:\WINDOWS\System32\nddenb32.dll
2007-03-21 21:03:10 42496 --a------ C:\WINDOWS\System32\ncobjapi.dll
2007-03-21 21:03:09 154112 --a------ C:\WINDOWS\System32\netman.dll
2007-03-21 21:03:09 399360 --a------ C:\WINDOWS\System32\netlogon.dll
2007-03-21 21:03:09 105984 --a------ C:\WINDOWS\System32\netdde.exe
2007-03-21 21:03:09 584192 --a------ C:\WINDOWS\System32\netcfgx.dll
2007-03-21 21:03:08 1622528 --a------ C:\WINDOWS\System32\netshell.dll
2007-03-21 21:03:08 857600 --a------ C:\WINDOWS\System32\netplwiz.dll
2007-03-21 21:03:07 38400 --a------ C:\WINDOWS\System32\ntlanman.dll
2007-03-21 21:03:07 33808 --a------ C:\WINDOWS\System32\ntio.sys
2007-03-21 21:03:07 49152 --a------ C:\WINDOWS\System32\npptools.dll
2007-03-21 21:03:07 24576 --a------ C:\WINDOWS\System32\nmmkcert.dll
2007-03-21 21:03:07 95744 --a------ C:\WINDOWS\System32\nlhtml.dll
2007-03-21 21:03:07 238080 --a------ C:\WINDOWS\System32\newdev.dll
2007-03-21 21:03:06 328704 --a------ C:\WINDOWS\System32\oakley.dll
2007-03-21 21:03:06 137216 --a------ C:\WINDOWS\System32\ntshrui.dll
2007-03-21 21:03:06 392704 --a------ C:\WINDOWS\System32\ntmssvc.dll
2007-03-21 21:03:06 165888 --a------ C:\WINDOWS\System32\ntmsdba.dll
2007-03-21 21:03:06 38400 --a------ C:\WINDOWS\System32\ntmsapi.dll
2007-03-21 21:03:06 112128 --a------ C:\WINDOWS\System32\ntmarta.dll
2007-03-21 21:03:05 53248 --a------ C:\WINDOWS\System32\odbcconf.exe
2007-03-21 21:03:05 122880 --a------ C:\WINDOWS\System32\odbcconf.dll
2007-03-21 21:03:05 24576 --a------ C:\WINDOWS\System32\odbcbcp.dll
2007-03-21 21:03:05 32768 --a------ C:\WINDOWS\System32\odbcad32.exe
2007-03-21 21:03:05 16384 --a------ C:\WINDOWS\System32\odbc32gt.dll
2007-03-21 21:03:05 200704 --a------ C:\WINDOWS\System32\odbc32.dll
2007-03-21 21:03:04 109568 --a------ C:\WINDOWS\System32\offfilt.dll
2007-03-21 21:03:04 147456 --a------ C:\WINDOWS\System32\odbctrac.dll
2007-03-21 21:03:04 12288 --a------ C:\WINDOWS\System32\odbcp32r.dll
2007-03-21 21:03:04 61440 --a------ C:\WINDOWS\System32\odbccu32.dll
2007-03-21 21:03:04 61440 --a------ C:\WINDOWS\System32\odbccr32.dll
2007-03-21 21:03:04 94208 --a------ C:\WINDOWS\System32\odbccp32.dll
2007-03-21 21:03:03 53248 --a------ C:\WINDOWS\System32\packager.exe
2007-03-21 21:03:03 212480 --a------ C:\WINDOWS\System32\osk.exe
2007-03-21 21:03:03 686080 --a------ C:\WINDOWS\System32\opengl32.dll
2007-03-21 21:03:03 98304 --a------ C:\WINDOWS\System32\oleprn.dll
2007-03-21 21:03:03 1169920 --a------ C:\WINDOWS\System32\ole32.dll
2007-03-21 21:03:02 16384 --a------ C:\WINDOWS\System32\ping.exe
2007-03-21 21:03:02 254976 --a------ C:\WINDOWS\System32\pdh.dll
2007-03-21 21:03:02 58880 --a------ C:\WINDOWS\System32\pautoenr.dll
2007-03-21 21:03:01 357376 --a------ C:\WINDOWS\System32\qdvd.dll
2007-03-21 21:03:01 184832 --a------ C:\WINDOWS\System32\qcap.dll
2007-03-21 21:03:01 82944 --a------ C:\WINDOWS\System32\psbase.dll
2007-03-21 21:03:01 17408 --a------ C:\WINDOWS\System32\psapi.dll
2007-03-21 21:03:00 1142784 --a------ C:\WINDOWS\System32\quartz.dll
2007-03-21 21:03:00 17408 --a------ C:\WINDOWS\System32\qmgrprxy.dll
2007-03-21 21:03:00 221696 --a------ C:\WINDOWS\System32\qmgr.dll
2007-03-21 21:03:00 511488 --a------ C:\WINDOWS\System32\qedit.dll
2007-03-21 21:02:59 13824 --a------ C:\WINDOWS\System32\rassapi.dll
2007-03-21 21:02:59 193536 --a------ C:\WINDOWS\System32\rasppp.dll
2007-03-21 21:02:59 57856 --a------ C:\WINDOWS\System32\raschap.dll
2007-03-21 21:02:59 1349120 --a------ C:\WINDOWS\System32\query.dll
2007-03-21 21:02:58 14848 --a------ C:\WINDOWS\System32\rdpsnd.dll
2007-03-21 21:02:58 87304 --a------ C:\WINDOWS\System32\rdpdd.dll
2007-03-21 21:02:58 44032 --a------ C:\WINDOWS\System32\rdpclip.exe
2007-03-21 21:02:58 135680 --a------ C:\WINDOWS\System32\rdchost.dll
2007-03-21 21:02:58 34304 --a------ C:\WINDOWS\System32\rcimlby.exe
2007-03-21 21:02:58 91136 --a------ C:\WINDOWS\System32\rastls.dll
2007-03-21 21:02:57 48128 --a------ C:\WINDOWS\System32\reg.exe
2007-03-21 21:02:57 3338 --a------ C:\WINDOWS\System32\redir.exe
2007-03-21 21:02:57 12288 --a------ C:\WINDOWS\System32\rdsaddin.exe
2007-03-21 21:02:57 75912 --a------ C:\WINDOWS\System32\rdpwsx.dll
2007-03-21 21:02:56 530432 --a------ C:\WINDOWS\System32\rpcrt4.dll
2007-03-21 21:02:56 56320 --a------ C:\WINDOWS\System32\remotepg.dll
2007-03-21 21:02:56 44032 --a------ C:\WINDOWS\System32\regapi.dll
2007-03-21 21:02:55 74240 --a------ C:\WINDOWS\System32\rtcshare.exe
2007-03-21 21:02:55 548864 --a------ C:\WINDOWS\System32\rtcdll.dll
2007-03-21 21:02:55 133632 --a------ C:\WINDOWS\System32\rsaenh.dll
2007-03-21 21:02:55 260608 --a------ C:\WINDOWS\System32\rpcss.dll
2007-03-21 21:02:54 297984 --a------ C:\WINDOWS\System32\scesrv.dll
2007-03-21 21:02:54 174592 --a------ C:\WINDOWS\System32\scecli.dll
2007-03-21 21:02:54 171008 --a------ C:\WINDOWS\System32\sccsccp.dll
2007-03-21 21:02:54 169984 --a------ C:\WINDOWS\System32\sccbase.dll
2007-03-21 21:02:54 12800 --a------ C:\WINDOWS\System32\runonce.exe
2007-03-21 21:02:53 52224 --a------ C:\WINDOWS\System32\secur32.dll
2007-03-21 21:02:53 71168 --a------ C:\WINDOWS\System32\sdbinst.exe
2007-03-21 21:02:53 8192 --a------ C:\WINDOWS\System32\scrnsave.scr
2007-03-21 21:02:53 159232 --a------ C:\WINDOWS\System32\schedsvc.dll
2007-03-21 21:02:52 1157632 --a------ C:\WINDOWS\System32\sfcfiles.dll
2007-03-21 21:02:52 133120 --a------ C:\WINDOWS\System32\sfc_os.dll
2007-03-21 21:02:52 20992 --a------ C:\WINDOWS\System32\setup.exe
2007-03-21 21:02:52 6144 --a------ C:\WINDOWS\System32\sensapi.dll
2007-03-21 21:02:52 36352 --a------ C:\WINDOWS\System32\sens.dll
2007-03-21 21:02:49 62976 --a------ C:\WINDOWS\System32\shgina.dll
2007-03-21 21:02:49 22528 --a------ C:\WINDOWS\System32\shfolder.dll
2007-03-21 21:02:48 33280 --a------ C:\WINDOWS\System32\shmgrate.exe
2007-03-21 21:02:48 420864 --a------ C:\WINDOWS\System32\shimgvw.dll
2007-03-21 21:02:48 60416 --a------ C:\WINDOWS\System32\shimeng.dll
2007-03-21 21:02:47 82944 --a------ C:\WINDOWS\System32\smlogsvc.exe
2007-03-21 21:02:47 334848 --a------ C:\WINDOWS\System32\smlogcfg.dll
2007-03-21 21:02:47 22528 --a------ C:\WINDOWS\System32\slayerxp.dll
2007-03-21 21:02:47 24064 --a------ C:\WINDOWS\System32\skeys.exe
2007-03-21 21:02:47 66048 --a------ C:\WINDOWS\System32\sigverif.exe
2007-03-21 21:02:47 11776 --a------ C:\WINDOWS\System32\sigtab.dll
2007-03-21 21:02:46 63488 --a------ C:\WINDOWS\System32\srclient.dll
2007-03-21 21:02:46 385024 --a------ C:\WINDOWS\System32\sqlsrv32.dll
2007-03-21 21:02:46 66560 --a------ C:\WINDOWS\System32\spoolss.dll
2007-03-21 21:02:46 534016 --a------ C:\WINDOWS\System32\spider.exe
2007-03-21 21:02:46 16896 --a------ C:\WINDOWS\System32\snmpapi.dll
2007-03-21 21:02:45 27136 --a------ C:\WINDOWS\System32\ssdpapi.dll
2007-03-21 21:02:45 18944 --a------ C:\WINDOWS\System32\ssbezier.scr
2007-03-21 21:02:45 667648 --a------ C:\WINDOWS\System32\ss3dfo.scr
2007-03-21 21:02:45 158720 --a------ C:\WINDOWS\System32\srsvc.dll
2007-03-21 21:02:45 226304 --a------ C:\WINDOWS\System32\srrstr.dll
2007-03-21 21:02:44 19456 --a------ C:\WINDOWS\System32\ssmarque.scr
2007-03-21 21:02:44 364544 --a------ C:\WINDOWS\System32\ssflwbox.scr
2007-03-21 21:02:44 43008 --a------ C:\WINDOWS\System32\ssdpsrv.dll
2007-03-21 21:02:43 61952 --a------ C:\WINDOWS\System32\sti.dll
2007-03-21 21:02:43 638976 --a------ C:\WINDOWS\System32\sstext3d.scr
2007-03-21 21:02:43 13312 --a------ C:\WINDOWS\System32\ssstars.scr
2007-03-21 21:02:43 569344 --a------ C:\WINDOWS\System32\sspipes.scr
2007-03-21 21:02:43 17408 --a------ C:\WINDOWS\System32\ssmyst.scr
2007-03-21 21:02:42 251904 --a------ C:\WINDOWS\System32\strmdll.dll
2007-03-21 21:02:42 117760 --a------ C:\WINDOWS\System32\stobject.dll
2007-03-21 21:02:42 130560 --a------ C:\WINDOWS\System32\sti_ci.dll
2007-03-21 21:02:41 233984 --a------ C:\WINDOWS\System32\tapisrv.dll
2007-03-21 21:02:41 165376 --a------ C:\WINDOWS\System32\tapi32.dll
2007-03-21 21:02:41 674816 --a------ C:\WINDOWS\System32\sxs.dll
2007-03-21 21:02:40 384000 --a------ C:\WINDOWS\System32\themeui.dll
2007-03-21 21:02:40 200192 --a------ C:\WINDOWS\System32\termsrv.dll
2007-03-21 21:02:40 128512 --a------ C:\WINDOWS\System32\taskmgr.exe
2007-03-21 21:02:39 107008 --a------ C:\WINDOWS\System32\umpnpmgr.dll
2007-03-21 21:02:39 32256 --a------ C:\WINDOWS\System32\umandlg.dll
2007-03-21 21:02:39 22016 --a------ C:\WINDOWS\System32\udhisapi.dll
2007-03-21 21:02:39 40960 --a------ C:\WINDOWS\System32\tscupgrd.exe
2007-03-21 21:02:39 88064 --a------ C:\WINDOWS\System32\tscfgwmi.dll
2007-03-21 21:02:39 81920 --a------ C:\WINDOWS\System32\trkwks.dll
2007-03-21 21:02:39 10752 --a------ C:\WINDOWS\System32\tracert.exe
2007-03-21 21:02:38 16384 --a------ C:\WINDOWS\System32\ups.exe
2007-03-21 21:02:38 231424 --a------ C:\WINDOWS\System32\upnpui.dll
2007-03-21 21:02:38 164864 --a------ C:\WINDOWS\System32\upnphost.dll
2007-03-21 21:02:38 120320 --a------ C:\WINDOWS\System32\upnp.dll
2007-03-21 21:02:37 203264 --a------ C:\WINDOWS\System32\uxtheme.dll
2007-03-21 21:02:37 47616 --a------ C:\WINDOWS\System32\utilman.exe
2007-03-21 21:02:37 339456 --a------ C:\WINDOWS\System32\usp10.dll
2007-03-21 21:02:36 165376 --a------ C:\WINDOWS\System32\w32time.dll
2007-03-21 21:02:36 409088 --a------ C:\WINDOWS\System32\vssapi.dll
2007-03-21 21:02:36 48640 --a------ C:\WINDOWS\System32\vdmredir.dll
2007-03-21 21:02:36 479261 --a------ C:\WINDOWS\System32\vbscript.dll
2007-03-21 21:02:35 61952 --a------ C:\WINDOWS\System32\webclnt.dll
2007-03-21 21:02:35 16384 --a------ C:\WINDOWS\System32\watchdog.sys
2007-03-21 21:02:34 119808 --a------ C:\WINDOWS\System32\wiadss.dll
2007-03-21 21:02:34 60416 --a------ C:\WINDOWS\System32\wextract.exe
2007-03-21 21:02:34 124928 --a------ C:\WINDOWS\System32\webvw.dll
2007-03-21 21:02:33 168448 --a------ C:\WINDOWS\System32\wldap32.dll
2007-03-21 21:02:33 48128 --a------ C:\WINDOWS\System32\winsta.dll
2007-03-21 21:02:33 171520 --a------ C:\WINDOWS\System32\winmm.dll
2007-03-21 21:02:32 296448 --a------ C:\WINDOWS\System32\wmstream.dll
2007-03-21 21:02:32 118784 --a------ C:\WINDOWS\System32\wmsdmoe.dll
2007-03-21 21:02:32 77824 --a------ C:\WINDOWS\System32\wmpstub.exe
2007-03-21 21:02:32 51200 --a------ C:\WINDOWS\System32\wmerrenu.dll
2007-03-21 21:02:32 86528 --a------ C:\WINDOWS\System32\wlnotify.dll
2007-03-21 21:02:31 446464 --a------ C:\WINDOWS\System32\wmvdmoe.dll
2007-03-21 21:02:31 311327 --a------ C:\WINDOWS\System32\wmv8dmod.dll
2007-03-21 21:02:30 56832 --a------ C:\WINDOWS\System32\wzcdlg.dll
2007-03-21 21:02:30 9216 --a------ C:\WINDOWS\System32\wuauserv.dll
2007-03-21 21:02:30 17408 --a------ C:\WINDOWS\System32\wtsapi32.dll
2007-03-21 21:02:30 38912 --a------ C:\WINDOWS\System32\wsnmp32.dll
2007-03-21 21:02:30 13312 --a------ C:\WINDOWS\System32\wship6.dll
2007-03-21 21:02:30 247808 --a------ C:\WINDOWS\System32\wow32.dll
2007-03-21 21:02:29 316416 --a------ C:\WINDOWS\System32\zipfldr.dll
2007-03-21 21:02:29 172664 --a------ C:\WINDOWS\System32\xenroll.dll
2007-03-21 21:02:29 86016 --a------ C:\WINDOWS\System32\xactsrv.dll
2007-03-21 20:56:51 45056 --a------ C:\command.exe
2007-03-17 13:20:58 27122 --a------ C:\WINDOWS\System32\mllmj.exe


-- Find3M Report ---------------------------------------------------------------

2007-03-24 11:51:24 0 d-------- C:\Documents and Settings\Steve\Application Data\AVG7
2007-03-23 22:59:20 0 d-------- C:\Program Files\PokerStars<POKERS~1>
2007-03-21 21:12:43 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-03-21 21:04:32 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-03-21 21:02:26 233632 -rahs---- C:\ntldr
2007-03-18 13:47:09 0 d-------- C:\Program Files\Google
2007-03-18 03:18:04 0 d---s---- C:\Documents and Settings\Steve\Application Data\Microsoft<MICROS~1>
2007-03-09 16:23:55 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~2\\mimboot.exe"
"MMTray"="\"C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe\""


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0



-- End of Deckard's System Scanner: finished at 2007-03-24 at 13:07:51 ---------
stevied707 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 03-24-2007, 08:41 PM   #23 (permalink)
Manager, Security Center, TSF Academy; Analyst, Security Team
 
tetonbob's Avatar
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 26,734
OS: 2000 Pro; XP Pro; XP Home


Re: keep getting random webpages
Delete the following files:

C:\WINDOWS\tutusr.dll
C:\WINDOWS\System32\mllmj.exe

If they resist deletion, boot to safe mode and delete from there.

---------------------------------------------------------------------------------------------

Please go to: VirusTotal
  • Upload this file, using the same instructions as earlier:

    C:\command.exe

  • Click "Open".
  • Then click the "Send" button at the top of the VirusTotal page.
  • This will scan the file. Please be patient.
  • Once scanned, copy and paste the results in your next reply..


---------------------------------------------------------------------------------------------

In all this instructing, I've lost sight of something important.....

Your logs still show two Anti-Virus programs, AVG and Norton. One needs to be uninstalled via Add/Remove programs. Which one is up to you. Once you do that, please post a new HJT log, along with the results from VirusTotal.
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of ASAP since 2005
Proud Member of UNITE since 2006


Please do not ask for help via Private Message.
tetonbob is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 03-24-2007, 09:16 PM   #24 (permalink)
Registered User
 
Join Date: Mar 2007
Location: SF Bay Area
Posts: 23
OS: xp


Re: keep getting random webpages
Statistics of VirusTotal procesing.
Virustotal More info about Virustotal.


STATUS: FINISHEDComplete scanning result of "command.exe", received in VirusTotal at 03.25.2007, 0505 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.3.24.1 03.24.2007 no virus found
AntiVir 7.3.1.44 03.23.2007 HEUR/Malware
Authentium 4.93.8 03.24.2007 no virus found
Avast 4.7.936.0 03.23.2007 no virus found
AVG 7.5.0.447 03.24.2007 no virus found
BitDefender 7.2 03.25.2007 no virus found
CAT-QuickHeal 9.00 03.23.2007 no virus found
ClamAV devel-20070312 03.24.2007 no virus found
DrWeb 4.33 03.24.2007 no virus found
eSafe 7.0.14.0 03.22.2007 no virus found
eTrust-Vet 30.6.3506 03.23.2007 no virus found
Ewido 4.0 03.24.2007 no virus found
FileAdvisor 1 03.25.2007 no virus found
Fortinet 2.85.0.0 03.25.2007 no virus found
F-Prot 4.3.1.45 03.23.2007 no virus found
F-Secure 6.70.13030.0 03.24.2007 no virus found
Ikarus T3.1.1.3 03.24.2007 no virus found
Kaspersky 4.0.2.24 03.25.2007 no virus found
McAfee 4991 03.23.2007 no virus found
Microsoft 1.2306 03.25.2007 no virus found
NOD32v2 2143 03.25.2007 no virus found
Norman 5.80.02 03.23.2007 no virus found
Panda 9.0.0.4 03.24.2007 no virus found
Prevx1 V2 03.25.2007 Win32.Worm.Feebs.Gen
Sophos 4.15.0 03.23.2007 no virus found
Sunbelt 2.2.907.0 03.24.2007 no virus found
Symantec 10 03.25.2007 no virus found
TheHacker 6.1.6.080 03.23.2007 no virus found
UNA 1.83 03.16.2007 no virus found
VBA32 3.11.2 03.24.2007 no virus found
VirusBuster 4.3.7:9 03.24.2007 no virus found
Webwasher-Gateway 6.0.1 03.25.2007 Heuristic.Malware


Aditional Information
File size: 45056 bytes
MD5: 27d4b9cd48d1e7842caac77435087993
SHA1: 1f5661b07267df51be3df2f16e12bdb0d11f46e6
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=1fd884183726
stevied707 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Old 03-24-2007, 09:17 PM   #25 (permalink)
Registered User
 
Join Date: Mar 2007
Location: SF Bay Area
Posts: 23
OS: xp


Re: keep getting random webpages
Logfile of HijackThis v1.99.1
Scan saved at 8:16:44 PM, on 3/24/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
stevied707 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread Soup