hijack this log
- Thread starter spkenn5
- Start date
spkenn5
New Member
i did system restore and see if it helps, but no help at all..
heres the result
Adobe Photoshop 6.0
Adobe Reader 6.0.1
Athlon 64 Processor Driver
ATI Control Panel
ATI Display Driver
Belkin N1 Wireless Notebook Card
CC_ccProxyExt
ccCommon
ccPxyCore
Conexant AC-Link Audio
Customer Experience Enhancement
Easy Internet Sign-up
ESPNMotion
GemMaster Mystic
Google Toolbar for Internet Explorer
HijackThis 1.99.1
Hotfix for Windows XP (KB896256)
HP Help and Support
HP Imaging Device Functions 6.0
HP Photosmart Premier Software 6.0
HP QuickPlay 2.0
HP Software Update
HP User Guides 0026
HP User Guides--System Recovery
HP Wireless Assistant 2.00 C1
iPod for Windows 2006-06-28
iTunes
J2SE Runtime Environment 5.0 Update 6
LiveUpdate 3.0 (Symantec Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.1
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Microsoft Works
Morpheus 5.2 (remove only)
MSRedist
muvee autoProducer 4.5
Norton AntiSpam
Norton AntiVirus 2006
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2006 (Symantec Corporation)
Norton Protection Center
Norton WMI Update
Norton WMI Update
Office 2003 Trial Assistant
Otto
Quick Launch Buttons 5.20 G1
Quicken 2006
QuickTime
Retrospect 6.5
Rhapsody
Rhapsody Player Engine
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Soft Data Fax Modem with SmartCP
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic Update Manager
SonicAC3Encoder
SonicMPEGEncoder
SPBBC
Spy Sweeper
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TourSetup
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
URGE
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB884575
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885464
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB888402
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890546
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892559
Windows XP Media Center Edition 2005 KB908250
Wireless Home Network Setup
and i am thinking of rebooting the OS
heres the result
Adobe Photoshop 6.0
Adobe Reader 6.0.1
Athlon 64 Processor Driver
ATI Control Panel
ATI Display Driver
Belkin N1 Wireless Notebook Card
CC_ccProxyExt
ccCommon
ccPxyCore
Conexant AC-Link Audio
Customer Experience Enhancement
Easy Internet Sign-up
ESPNMotion
GemMaster Mystic
Google Toolbar for Internet Explorer
HijackThis 1.99.1
Hotfix for Windows XP (KB896256)
HP Help and Support
HP Imaging Device Functions 6.0
HP Photosmart Premier Software 6.0
HP QuickPlay 2.0
HP Software Update
HP User Guides 0026
HP User Guides--System Recovery
HP Wireless Assistant 2.00 C1
iPod for Windows 2006-06-28
iTunes
J2SE Runtime Environment 5.0 Update 6
LiveUpdate 3.0 (Symantec Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB887998)
Microsoft .NET Framework 1.1
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Microsoft Works
Morpheus 5.2 (remove only)
MSRedist
muvee autoProducer 4.5
Norton AntiSpam
Norton AntiVirus 2006
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security 2006 (Symantec Corporation)
Norton Protection Center
Norton WMI Update
Norton WMI Update
Office 2003 Trial Assistant
Otto
Quick Launch Buttons 5.20 G1
Quicken 2006
QuickTime
Retrospect 6.5
Rhapsody
Rhapsody Player Engine
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Soft Data Fax Modem with SmartCP
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic Update Manager
SonicAC3Encoder
SonicMPEGEncoder
SPBBC
Spy Sweeper
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TourSetup
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
URGE
Windows Installer 3.1 (KB893803)
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB884575
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885464
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB888402
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890546
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892559
Windows XP Media Center Edition 2005 KB908250
Wireless Home Network Setup
and i am thinking of rebooting the OS
Yes they are 'rubbish'.
He's already ran the Kaspersky online scan which showed the presence of a Worm which Norton Quarantined. And i see you installed Norton again which i still feel is responsible your issues.
Run these 2 scans and report anything found.
Download Ewido(AVG Antispyware) http://www.ewido.net/en/download/ then set it up this way http://rstones12.geekstogo.com/ewidosetup.htm You will need this later in safe mode
Make sure to update this program.
Next, download, install and update 'A-squared' here http://www.emsisoft.com/en/software/free/
Download ATF-Cleaner to your desktop from this link
http://www.atribune.org/content/view/19/2/ You will need it later in safe mode.
Reboot into safemode.
Begin running your scans in this order.
Run AVG Antispyware - make sure of the following settings.
Select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
Under "Reports"
Select "Automatically generate report after every scan"
Un-Select "Only if threats were found"
Save this scan log.
Run A-squared and delete what it finds.
Run ATF-Cleaner from safe mode.Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use firefox also, select at top of ATF cleaner-tick Select all and run again.
Reboot into normal windows and post the safemode scan log from AVG Antispyware.
spkenn5
New Member
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 10:38:33 PM 11/13/2006
+ Scan result:
C:\System Volume Information\_restore{BFAA719B-281F-45B6-9E39-9D4BB578C2A4}\RP100\A0018982.ocx -> Downloader.IstBar : No action taken.
C:\WINDOWS\system32\actskn45.ocx -> Downloader.IstBar : No action taken.
C:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\AweSomE\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@qksrv[2].txt -> TrackingCookie.Qksrv : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
::Report end
there the report, after the restart, the loading procedure is still slow..
PS: i saved it before any actions were taken but i did what you said afterward..
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 10:38:33 PM 11/13/2006
+ Scan result:
C:\System Volume Information\_restore{BFAA719B-281F-45B6-9E39-9D4BB578C2A4}\RP100\A0018982.ocx -> Downloader.IstBar : No action taken.
C:\WINDOWS\system32\actskn45.ocx -> Downloader.IstBar : No action taken.
C:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\AweSomE\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@qksrv[2].txt -> TrackingCookie.Qksrv : No action taken.
C:\Documents and Settings\AweSomE\Cookies\awesome@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
::Report end
there the report, after the restart, the loading procedure is still slow..
PS: i saved it before any actions were taken but i did what you said afterward..
Sorry, but i'm not seeing the presence of major malware to cause the slow bootup. I feel that it is some sort of Software Conflict and still believe Norton is at least part of it. What i would do is P.M. 'Buzz' and see if he has any other suggestions. He certainly has a world more experience that I.
Buzz1927
Digaredd
When you ran AVG anti-spyware you didn't delete what it found. Run it again and be sure to choose "Delete".
I think edifier might be right in saying that the problem probably isn't malware related, but it can't hurt to check a couple of other things.
1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
I think edifier might be right in saying that the problem probably isn't malware related, but it can't hurt to check a couple of other things.
1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
spkenn5
New Member
first of all, im goin to thanks buzz for coming in and checking the problem. and thanks edifier for all the attempts.
heres the log
AweSomE - 06-11-15 10:51:33.67 Service Pack 2
ComboFix 06.11.9 - Running from: "C:\Documents and Settings\AweSomE\Desktop"
((((((((((((((((((((((((((((((( Files Created from 2006-10-15 to 2006-11-15 ))))))))))))))))))))))))))))))))))
2006-11-13 19:54 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-11 13:45 2,512 --a------ C:\WINDOWS\system32\tmp.reg
2006-11-11 01:04 4,960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-11-11 01:04 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2006-11-11 01:04 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-11-11 01:04 18,240 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys
2006-11-11 01:03 816,672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-11-11 01:03 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-10-29 20:23 41,984 --------- C:\WINDOWS\Ctregrun.exe
2006-10-29 20:20 24,576 --------- C:\WINDOWS\system32\msxml3a.dll
2006-10-29 20:10 44,032 --a------ C:\WINDOWS\system32\CTSVCCDA.EXE
2006-10-29 20:10 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2006-10-25 16:50 21,035 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2006-10-23 22:50 0 -rahs---- C:\MSDOS.SYS
2006-10-23 22:50 0 -rahs---- C:\IO.SYS
2006-10-15 19:27 178,408 --a------ C:\WINDOWS\system32\muweb.dll
2006-10-15 19:27 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-15 10:46 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\AVG7
2006-11-15 00:26 -------- d-------- C:\Program Files\MSXML 4.0
2006-11-15 00:25 -------- d-------- C:\Program Files\Internet Explorer
2006-11-13 22:38 -------- d-------- C:\Program Files\DIGStream
2006-11-13 20:02 -------- d-------- C:\Program Files\a-squared Free
2006-11-13 19:53 -------- d-------- C:\Program Files\Grisoft
2006-11-13 19:30 -------- d-------- C:\Program Files\Webroot
2006-11-13 19:30 -------- d-------- C:\Program Files\Norton Internet Security
2006-11-13 19:29 -------- d-------- C:\Program Files\CleanUp!
2006-11-13 19:28 -------- d-------- C:\Program Files\Valve
2006-11-13 19:27 -------- d-------- C:\Program Files\Windows Live Toolbar
2006-11-13 19:26 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-13 19:24 -------- d-------- C:\Program Files\Common Files\Creative
2006-11-13 19:23 -------- d-------- C:\Program Files\Belkin
2006-11-13 19:23 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\AdobeUM
2006-11-13 19:20 -------- d-------- C:\Program Files\MSN Messenger
2006-11-13 19:15 -------- d-------- C:\Program Files\Google
2006-11-11 16:55 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-11-11 16:38 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\BearShare
2006-11-11 16:27 -------- d-------- C:\Program Files\Symantec
2006-11-11 16:20 -------- d-------- C:\Program Files\Creative
2006-11-11 16:19 -------- d--h----- C:\Program Files\Creative Installation Information
2006-11-11 16:19 -------- d-------- C:\Program Files\Audible
2006-11-11 16:18 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\Creative
2006-11-11 16:14 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\Webroot
2006-11-11 01:02 -------- d---s---- C:\Documents and Settings\AweSomE\Application Data\Microsoft
2006-11-10 17:27 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\Lavasoft
2006-11-09 11:22 -------- d-------- C:\Program Files\Lavasoft
2006-10-29 20:09 -------- d-------- C:\Program Files\Common Files
2006-10-23 17:46 -------- d-------- C:\Program Files\Wizet
2006-10-15 12:52 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-13 07:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 07:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 07:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-13 05:23 163584 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2006-09-15 21:53 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\Google
2006-09-13 00:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-25 10:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 07:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 04:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-17 07:28 721920 --a------ C:\WINDOWS\system32\lsasrv.dll
2006-08-17 07:28 132096 --a------ C:\WINDOWS\system32\wkssvc.dll
2006-08-16 06:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTSyncU.exe"="\"C:\\Program Files\\Creative\\Sync Manager Unicode\\CTSyncU.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"HP Software Update"="\"C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe\""
"SynTPEnh"="\"C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe\""
"eabconfg.cpl"="\"C:\\Program Files\\HPQ\\Quick Launch Buttons\\EabServr.exe\" /Start"
"RecGuard"="C:\\Windows\\SMINST\\RecGuard.exe"
"hpWirelessAssistant"="\"C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe\""
"IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\""
"WD Button Manager"="WDBtnMgr.exe"
"F5D8011"="\"C:\\Program Files\\Belkin\\F5D8011v1\\Belkinwcui.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,20,01,00,00,00,00,00,00,80,04,00,00,66,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\Easy Internet Sign-up.job
C:\WINDOWS\tasks\Warranty Reminder 11 Months.job
Completion time: 06-11-15 10:53:06.09
C:\ComboFix.txt ... 06-11-15 10:53
heres the log
AweSomE - 06-11-15 10:51:33.67 Service Pack 2
ComboFix 06.11.9 - Running from: "C:\Documents and Settings\AweSomE\Desktop"
((((((((((((((((((((((((((((((( Files Created from 2006-10-15 to 2006-11-15 ))))))))))))))))))))))))))))))))))
2006-11-13 19:54 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-11 13:45 2,512 --a------ C:\WINDOWS\system32\tmp.reg
2006-11-11 01:04 4,960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-11-11 01:04 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2006-11-11 01:04 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-11-11 01:04 18,240 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys
2006-11-11 01:03 816,672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-11-11 01:03 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-10-29 20:23 41,984 --------- C:\WINDOWS\Ctregrun.exe
2006-10-29 20:20 24,576 --------- C:\WINDOWS\system32\msxml3a.dll
2006-10-29 20:10 44,032 --a------ C:\WINDOWS\system32\CTSVCCDA.EXE
2006-10-29 20:10 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2006-10-25 16:50 21,035 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2006-10-23 22:50 0 -rahs---- C:\MSDOS.SYS
2006-10-23 22:50 0 -rahs---- C:\IO.SYS
2006-10-15 19:27 178,408 --a------ C:\WINDOWS\system32\muweb.dll
2006-10-15 19:27 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-15 10:46 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\AVG7
2006-11-15 00:26 -------- d-------- C:\Program Files\MSXML 4.0
2006-11-15 00:25 -------- d-------- C:\Program Files\Internet Explorer
2006-11-13 22:38 -------- d-------- C:\Program Files\DIGStream
2006-11-13 20:02 -------- d-------- C:\Program Files\a-squared Free
2006-11-13 19:53 -------- d-------- C:\Program Files\Grisoft
2006-11-13 19:30 -------- d-------- C:\Program Files\Webroot
2006-11-13 19:30 -------- d-------- C:\Program Files\Norton Internet Security
2006-11-13 19:29 -------- d-------- C:\Program Files\CleanUp!
2006-11-13 19:28 -------- d-------- C:\Program Files\Valve
2006-11-13 19:27 -------- d-------- C:\Program Files\Windows Live Toolbar
2006-11-13 19:26 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-13 19:24 -------- d-------- C:\Program Files\Common Files\Creative
2006-11-13 19:23 -------- d-------- C:\Program Files\Belkin
2006-11-13 19:23 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\AdobeUM
2006-11-13 19:20 -------- d-------- C:\Program Files\MSN Messenger
2006-11-13 19:15 -------- d-------- C:\Program Files\Google
2006-11-11 16:55 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-11-11 16:38 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\BearShare
2006-11-11 16:27 -------- d-------- C:\Program Files\Symantec
2006-11-11 16:20 -------- d-------- C:\Program Files\Creative
2006-11-11 16:19 -------- d--h----- C:\Program Files\Creative Installation Information
2006-11-11 16:19 -------- d-------- C:\Program Files\Audible
2006-11-11 16:18 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\Creative
2006-11-11 16:14 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\Webroot
2006-11-11 01:02 -------- d---s---- C:\Documents and Settings\AweSomE\Application Data\Microsoft
2006-11-10 17:27 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\Lavasoft
2006-11-09 11:22 -------- d-------- C:\Program Files\Lavasoft
2006-10-29 20:09 -------- d-------- C:\Program Files\Common Files
2006-10-23 17:46 -------- d-------- C:\Program Files\Wizet
2006-10-15 12:52 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-13 07:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 07:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 07:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-13 05:23 163584 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2006-09-15 21:53 -------- d-------- C:\Documents and Settings\AweSomE\Application Data\Google
2006-09-13 00:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-25 10:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 07:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 04:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-17 07:28 721920 --a------ C:\WINDOWS\system32\lsasrv.dll
2006-08-17 07:28 132096 --a------ C:\WINDOWS\system32\wkssvc.dll
2006-08-16 06:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTSyncU.exe"="\"C:\\Program Files\\Creative\\Sync Manager Unicode\\CTSyncU.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"HP Software Update"="\"C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe\""
"SynTPEnh"="\"C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe\""
"eabconfg.cpl"="\"C:\\Program Files\\HPQ\\Quick Launch Buttons\\EabServr.exe\" /Start"
"RecGuard"="C:\\Windows\\SMINST\\RecGuard.exe"
"hpWirelessAssistant"="\"C:\\Program Files\\hpq\\HP Wireless Assistant\\HP Wireless Assistant.exe\""
"IntelliPoint"="\"C:\\Program Files\\Microsoft IntelliPoint\\point32.exe\""
"WD Button Manager"="WDBtnMgr.exe"
"F5D8011"="\"C:\\Program Files\\Belkin\\F5D8011v1\\Belkinwcui.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,20,01,00,00,00,00,00,00,80,04,00,00,66,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\Easy Internet Sign-up.job
C:\WINDOWS\tasks\Warranty Reminder 11 Months.job
Completion time: 06-11-15 10:53:06.09
C:\ComboFix.txt ... 06-11-15 10:53