Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I safe?


  • This topic is locked This topic is locked
4 replies to this topic

#1 markosmevorah

markosmevorah

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:51 PM

Posted 08 December 2008 - 08:31 PM

Here are my logs from the RSIT tool. Please can you tell me if I am ok?

Logfile of random's system information tool 1.04 (written by random/random)
Run by Simple at 2008-12-09 03:23:48
Microsoft® Windows Vista™ Business Service Pack 1
System drive C: has 16 GB (39%) free of 40 GB
Total RAM: 1022 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:24:09, on 09.12.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Simple\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Simple\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Simple.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Simple\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Lataa FlashGetillä
- C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Lataa kaikki FlashGetillä
- C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} - http://h30155.www3.hp.com/ediags/dd/instal...osticsVista.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: SunJavaSystemAppserver9PE (AppServer9PE) - Unknown owner - C:\Sun\AppServer\lib\appservService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Windows Tribute Service - Unknown owner - C:\Windows\system32\kdlqs.exe (file missing)

--
End of file - 6688 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-09-11 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-03 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Liven kirjautumisapuohjelma - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-03 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-09-11 163840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-19 868352]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2007-08-31 988584]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-07-16 61440]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-03 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"BitTorrent DNA"=C:\Users\Simple\Program Files\DNA\btdna.exe [2008-11-12 342336]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\Users\Simple\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2008-12-09 03:23:48 ----D---- C:\rsit
2008-12-09 01:06:51 ----D---- C:\Windows\Sun
2008-12-09 00:19:11 ----D---- C:\Program Files\Trend Micro
2008-12-08 09:37:42 ----D---- C:\Program Files\MagicDraw UML Community Edition
2008-12-08 09:36:51 ----HD---- C:\Program Files\Zero G Registry
2008-12-04 20:51:23 ----D---- C:\Users\Simple\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-12-03 19:16:33 ----D---- C:\Users\Simple\AppData\Roaming\WinBatch
2008-12-03 12:29:17 ----D---- C:\Sun
2008-12-03 12:05:07 ----A---- C:\Windows\system32\javaws.exe
2008-12-03 12:05:07 ----A---- C:\Windows\system32\javaw.exe
2008-12-03 12:05:07 ----A---- C:\Windows\system32\java.exe
2008-12-03 11:59:58 ----D---- C:\Program Files\Java
2008-12-03 11:37:03 ----D---- C:\Users\Simple\AppData\Roaming\.visualvm
2008-12-01 14:06:41 ----D---- C:\ProgramData\Avira
2008-12-01 14:06:41 ----D---- C:\Program Files\Avira
2008-11-30 15:34:44 ----D---- C:\Program Files\NetBeans 6.5
2008-11-20 21:47:07 ----D---- C:\Users\Simple\AppData\Roaming\Apple Computer
2008-11-20 21:46:43 ----A---- C:\Windows\system32\GEARAspi.dll
2008-11-20 21:46:00 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-20 21:46:00 ----D---- C:\Program Files\iTunes
2008-11-20 21:46:00 ----D---- C:\Program Files\iPod
2008-11-20 21:44:56 ----D---- C:\Program Files\Bonjour
2008-11-20 15:06:36 ----RSHD---- C:\resycled
2008-11-19 12:12:50 ----A---- C:\Windows\system32\wups2.dll
2008-11-19 12:12:50 ----A---- C:\Windows\system32\wuauclt.exe
2008-11-19 12:12:49 ----A---- C:\Windows\system32\wucltux.dll
2008-11-19 12:12:49 ----A---- C:\Windows\system32\wuaueng.dll
2008-11-19 12:12:13 ----A---- C:\Windows\system32\wups.dll
2008-11-19 12:12:13 ----A---- C:\Windows\system32\wudriver.dll
2008-11-19 12:12:13 ----A---- C:\Windows\system32\wuapi.dll
2008-11-19 12:11:46 ----A---- C:\Windows\system32\wuwebv.dll
2008-11-19 12:11:46 ----A---- C:\Windows\system32\wuapp.exe
2008-11-14 19:11:45 ----D---- C:\ProgramData\Digsby
2008-11-14 19:08:53 ----D---- C:\Users\Simple\AppData\Roaming\Digsby
2008-11-12 10:45:19 ----A---- C:\Windows\system32\msxml3.dll
2008-11-12 10:39:22 ----A---- C:\Windows\system32\msxml6.dll
2008-11-11 22:02:54 ----D---- C:\Users\Simple\AppData\Roaming\uTorrent

======List of files/folders modified in the last 1 months======

2008-12-09 03:23:31 ----D---- C:\Windows\Temp
2008-12-09 03:22:48 ----D---- C:\Users\Simple\AppData\Roaming\DNA
2008-12-09 02:20:15 ----D---- C:\Windows
2008-12-09 02:20:13 ----SD---- C:\Windows\Downloaded Program Files
2008-12-09 01:17:54 ----SHD---- C:\System Volume Information
2008-12-09 00:44:50 ----D---- C:\Windows\system32\catroot
2008-12-09 00:44:47 ----D---- C:\Windows\winsxs
2008-12-09 00:44:40 ----D---- C:\Windows\system32\catroot2
2008-12-09 00:24:20 ----D---- C:\Windows\Prefetch
2008-12-09 00:19:11 ----RD---- C:\Program Files
2008-12-08 23:54:33 ----D---- C:\Users\Simple\AppData\Roaming\BitTorrent
2008-12-06 11:54:16 ----D---- C:\Windows\System32
2008-12-06 11:54:16 ----D---- C:\Windows\inf
2008-12-06 11:54:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-12-04 20:51:53 ----D---- C:\ProgramData\Adobe
2008-12-04 20:51:22 ----D---- C:\Users\Simple\AppData\Roaming\Adobe
2008-12-03 19:40:37 ----HD---- C:\Windows\system32\GroupPolicy
2008-12-03 19:19:53 ----SHD---- C:\Windows\Installer
2008-12-03 19:19:41 ----HD---- C:\Config.Msi
2008-12-03 12:04:33 ----A---- C:\Windows\system32\deploytk.dll
2008-12-01 14:06:43 ----D---- C:\Windows\system32\drivers
2008-12-01 14:06:41 ----HD---- C:\ProgramData
2008-11-20 21:46:42 ----DC---- C:\Windows\system32\DRVSTORE
2008-11-20 21:46:00 ----D---- C:\ProgramData\Apple Computer
2008-11-20 21:43:04 ----D---- C:\Program Files\Common Files\Apple
2008-11-20 11:09:18 ----D---- C:\Windows\rescache
2008-11-20 10:52:48 ----D---- C:\Windows\system32\en-US
2008-11-13 20:26:26 ----SD---- C:\Users\Simple\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2006-10-19 12664]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-12-09 75072]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-01-16 318464]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2008-02-24 46592]
R3 ATIAVAIW;ATI T200 Unified AVStream service; C:\Windows\system32\DRIVERS\atinavt2.sys [2008-05-14 175488]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-08 3895808]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [2008-03-13 399488]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 Nokia USB Generic;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2005-10-13 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2005-10-13 12800]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2005-10-13 124928]
S3 Nokia USB Port;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2005-10-13 12800]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-08 3895808]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 XDva098;XDva098; \??\C:\Windows\system32\XDva098.sys []
S3 XDva114;XDva114; \??\C:\Windows\system32\XDva114.sys []
S4 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-19 350720]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 AppServer9PE;SunJavaSystemAppserver9PE; C:\Sun\AppServer\lib\appservService.exe [2008-12-03 26821]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-08-08 700416]
R2 Bonjour Service;Bonjour-palvelu; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R3 AppMgmt;Application Management; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;iPod-palvelu; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S2 CscService;Offline Files; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 Windows Tribute Service;Windows Tribute Service; C:\Windows\system32\kdlqs.exe -srv []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 UmRdpService;Terminal Services UserMode Port Redirector; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 usnjsvc;Messengerin jaettavien kansioiden USN Journal -lokin lukupalvelu; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 wbengine;Block Level Backup Engine Service; C:\Windows\system32\wbengine.exe [2008-01-19 917504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.04 2008-12-09 03:24:17

======Uninstall list======

7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI AVIVO Codecs-->MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Catalyst Control Center - Branding-->MsiExec.exe /I{4893A35F-0A23-48EC-8E74-24969244D6F2}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Gmail Notifier-->"C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
InfraRecorder-->C:\Program Files\InfraRecorder\uninstall.exe
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java™ SE Development Kit 6 Update 11-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160110}
MagicDraw UML Community Edition 16.0-->"C:\Program Files\MagicDraw UML Community Edition\UninstallerData\Uninstall MagicDraw UML Community Edition.exe"
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Word Viewer 2003-->MsiExec.exe /I{90850409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
NetBeans IDE 6.5-->"C:\Program Files\NetBeans 6.5\uninstall.exe"
OpenOffice.org 3.0-->MsiExec.exe /I{92B79901-C57D-409F-8D2F-4E5337383569}
PC Probe II-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\Setup.exe" -l0x9
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SoundMAX-->C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x000b -removeonly
Sun Java System Application Server-->"C:\Sun\AppServer\uninstall.exe" -javahome "C:\Program Files\Java\jdk1.6.0_11"
Windows Live installer-->MsiExec.exe /X{5C29C5F5-A9C9-4E89-A606-13E165E7C55F}
Windows Live Messenger-->MsiExec.exe /X{A9174A72-1B46-445B-B3CF-90ED2C63D83B}
Windows Liven kirjautumisavustaja-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe

======Security center information======

AS: Avira AntiVir PersonalEdition (disabled)
AS: Windows Defender (disabled)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 10, GenuineIntel
"PROCESSOR_LEVEL"=15
"PROCESSOR_REVISION"=040a
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:51 PM

Posted 16 December 2008 - 10:38 AM

Hi,

I don't see anything strange/suspicious in your logs :thumbsup:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 markosmevorah

markosmevorah
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:51 PM

Posted 17 December 2008 - 12:07 PM

How about this line:

O1 - Hosts: ::1 localhost


???

#4 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:51 PM

Posted 17 December 2008 - 12:33 PM

What's wrong with it? This should be present in your log since you are running Vista.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:11:51 PM

Posted 07 January 2009 - 06:48 AM

Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users