Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

combo fix help please


  • This topic is locked This topic is locked
2 replies to this topic

#1 Kumman

Kumman

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 01 November 2010 - 12:13 PM

hello my name is kumman.I am new here.I just got stuck with google redirect virus problem.So,I installed combo fix and got a log.Can anyone help me,please?
ComboFix 10-10-31.04 - Md. Rumman 11/01/2010 22:47:34.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.503.292 [GMT 6:00]
Running from: e:\documents and settings\Md. Rumman\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

e:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
e:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
e:\windows\MSVBVM60.dll
e:\windows\system32\spool\prtprocs\w32x86\CNMPP7X.DLL

----- BITS: Possible infected sites -----

hxxp://91.203.93.21
.
((((((((((((((((((((((((( Files Created from 2010-10-01 to 2010-11-01 )))))))))))))))))))))))))))))))
.

2010-11-01 16:01 . 2010-11-01 16:01 134464 ----a-w- e:\windows\system32\LnkProtect.dll
2010-11-01 15:45 . 2010-11-01 15:45 -------- d-----w- e:\program files\Hitman Pro 3.5
2010-11-01 15:43 . 2010-11-01 16:24 15944 ----a-w- e:\windows\system32\drivers\hitmanpro35.sys
2010-11-01 15:37 . 2010-11-01 15:45 -------- d-----w- e:\windows\system32\CatRoot_bak
2010-11-01 15:18 . 2010-11-01 15:43 -------- d-----w- e:\documents and settings\All Users\Application Data\Hitman Pro
2010-10-30 18:25 . 2010-10-30 18:25 -------- d-sh--w- e:\documents and settings\NetworkService\PrivacIE
2010-10-30 18:03 . 2010-10-30 18:03 -------- d-----w- e:\program files\Common Files\Wise Installation Wizard
2010-10-29 06:28 . 2010-10-29 06:28 -------- d-----w- e:\documents and settings\All Users\Application Data\Malwarebytes
2010-10-29 06:11 . 1999-12-31 11:00 166168 ----a-w- e:\program files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
2010-10-29 06:11 . 2010-10-29 06:11 -------- d-----w- e:\program files\Tracker Software
2010-10-27 14:41 . 2010-10-29 02:29 -------- d-----w- e:\program files\Crawler
2010-10-27 11:32 . 2010-10-27 11:32 -------- d-----w- e:\program files\Common Files\iS3
2010-10-27 11:32 . 2010-10-27 13:19 -------- d-----w- e:\documents and settings\All Users\Application Data\STOPzilla!
2010-10-26 20:29 . 2010-10-27 02:27 -------- d-----w- e:\documents and settings\Md. Rumman\Application Data\STOPzilla!
2010-10-25 13:15 . 2010-10-25 13:15 -------- d-sh--w- e:\documents and settings\NetworkService\IETldCache
2010-10-25 13:10 . 2010-05-06 10:41 12800 -c----w- e:\windows\system32\dllcache\xpshims.dll
2010-10-25 13:10 . 2010-05-06 10:41 599040 -c----w- e:\windows\system32\dllcache\msfeeds.dll
2010-10-25 13:10 . 2010-05-06 10:41 55296 -c----w- e:\windows\system32\dllcache\msfeedsbs.dll
2010-10-25 13:10 . 2010-05-06 10:41 247808 -c----w- e:\windows\system32\dllcache\ieproxy.dll
2010-10-25 13:10 . 2010-05-06 10:41 1985536 -c----w- e:\windows\system32\dllcache\iertutil.dll
2010-10-25 13:10 . 2010-05-06 10:41 743424 -c----w- e:\windows\system32\dllcache\iedvtool.dll
2010-10-25 13:10 . 2010-05-06 10:41 11076096 -c----w- e:\windows\system32\dllcache\ieframe.dll
2010-10-24 14:26 . 2008-06-13 13:10 272128 -c----w- e:\windows\system32\dllcache\bthport.sys
2010-10-24 14:26 . 2008-06-13 13:10 272128 ------w- e:\windows\system32\drivers\bthport.sys
2010-10-24 14:22 . 2010-10-24 14:22 -------- d-----w- E:\3d28d64765ecfdcc83ed6328fba4
2010-10-24 14:22 . 2010-10-24 14:23 -------- d-----w- E:\89bf06de246984842040
2010-10-24 11:16 . 2010-10-24 11:16 -------- d-----w- e:\documents and settings\All Users\Application Data\IObit
2010-10-24 11:16 . 2010-10-27 12:56 -------- d-----w- e:\program files\IObit
2010-10-18 18:52 . 2010-10-18 18:52 -------- d-sh--w- e:\documents and settings\LocalService\IETldCache
2010-10-18 17:50 . 2010-09-07 14:47 17744 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys
2010-10-18 17:50 . 2010-09-07 14:52 165584 ----a-w- e:\windows\system32\drivers\aswSP.sys
2010-10-18 17:50 . 2010-09-07 14:47 23376 ----a-w- e:\windows\system32\drivers\aswRdr.sys
2010-10-18 17:50 . 2010-09-07 14:52 46672 ----a-w- e:\windows\system32\drivers\aswTdi.sys
2010-10-18 17:50 . 2010-09-07 14:47 100176 ----a-w- e:\windows\system32\drivers\aswmon2.sys
2010-10-18 17:50 . 2010-09-07 14:47 94544 ----a-w- e:\windows\system32\drivers\aswmon.sys
2010-10-18 17:49 . 2010-09-07 14:46 28880 ----a-w- e:\windows\system32\drivers\aavmker4.sys
2010-10-18 17:49 . 2010-09-07 15:12 38848 ----a-w- e:\windows\avastSS.scr
2010-10-18 17:49 . 2010-09-07 15:11 167592 ----a-w- e:\windows\system32\aswBoot.exe
2010-10-18 17:49 . 2010-10-18 17:49 -------- d-----w- e:\program files\Alwil Software
2010-10-18 17:49 . 2010-10-18 17:49 -------- d-----w- e:\documents and settings\All Users\Application Data\Alwil Software
2010-10-17 08:30 . 2010-10-17 08:32 -------- d-----w- e:\program files\The KMPlayer
2010-10-17 08:26 . 2010-10-17 08:26 -------- d-----w- e:\documents and settings\Md. Rumman\Local Settings\Application Data\RapidSolution
2010-10-17 06:42 . 2010-11-01 16:02 -------- d-----w- e:\program files\Minilyrics
2010-10-17 06:33 . 2010-10-18 18:01 -------- d-----w- e:\program files\Enigma Software Group
2010-10-17 04:46 . 2010-11-01 14:51 -------- d-----w- e:\documents and settings\Md. Rumman\Application Data\foobar2000
2010-10-17 04:46 . 2010-10-17 04:46 -------- d-----w- e:\program files\foobar2000
2010-10-16 18:54 . 2009-12-30 06:20 27064 ----a-w- e:\windows\system32\drivers\revoflt.sys
2010-10-16 18:54 . 2010-10-16 18:54 -------- d-----w- e:\program files\Revo Uninstaller Pro
2010-10-16 09:42 . 2010-10-16 09:42 -------- d-----w- e:\program files\FlashCatch
2010-10-16 09:35 . 2010-10-16 09:35 673610 ----a-w- e:\windows\unins000.exe
2010-10-16 09:16 . 2010-10-16 09:16 -------- d-----w- e:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-10-16 09:11 . 2010-10-24 13:33 -------- d-----w- e:\documents and settings\Md. Rumman\Local Settings\Application Data\Temp
2010-10-16 09:11 . 2010-10-16 09:11 -------- d-----w- e:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-10-16 09:10 . 2010-10-18 17:50 -------- d-----w- e:\program files\Google
2010-10-16 09:10 . 2010-10-16 09:10 -------- d-----w- e:\documents and settings\Md. Rumman\Local Settings\Application Data\Google
2010-10-16 08:58 . 2010-10-16 08:58 -------- d-sh--w- e:\documents and settings\Md. Rumman\PrivacIE
2010-10-16 08:52 . 2010-10-16 08:52 -------- d-sh--w- e:\documents and settings\Md. Rumman\IETldCache
2010-10-16 08:45 . 2010-10-16 08:49 -------- dc-h--w- e:\windows\ie8
2010-10-16 08:30 . 2010-10-16 08:38 -------- d-----w- E:\451fb0b0a250e639aece19e5137c
2010-10-12 07:05 . 2010-10-12 07:05 -------- d-----w- e:\documents and settings\Md. Rumman\Application Data\Tific
2010-10-12 07:05 . 2010-10-12 07:05 -------- d-----w- e:\documents and settings\Md. Rumman\Local Settings\Application Data\Symantec
2010-10-08 16:28 . 2010-10-08 16:28 -------- d-----w- e:\windows\Sun
2010-10-08 13:02 . 2010-10-16 19:18 -------- d-----w- e:\documents and settings\Md. Rumman\Local Settings\Application Data\NPE
2010-10-08 11:55 . 2010-10-08 11:55 -------- d-----w- e:\program files\Windows Sidebar
2010-10-07 20:44 . 2010-10-07 20:44 -------- d-----w- e:\program files\Kaspersky Lab
2010-10-07 20:20 . 2010-10-07 20:20 133632 --sha-r- e:\windows\system32\winbrandu.dll
2010-10-07 19:23 . 2010-10-16 18:58 -------- d-----w- e:\documents and settings\Md. Rumman\Local Settings\Application Data\BearShare
2010-10-07 19:21 . 2010-10-16 19:00 -------- d-----w- e:\program files\BearShare Applications
2010-10-07 16:33 . 2010-10-07 16:35 -------- d-----w- e:\program files\CCleaner
2010-10-07 16:32 . 2010-10-07 16:32 -------- d-----w- e:\documents and settings\Md. Rumman\Local Settings\Application Data\PackageAware
2010-10-04 18:19 . 2010-11-01 16:02 -------- d-----w- E:\Lyrics
2010-10-04 18:16 . 2010-10-04 18:16 -------- d-----w- e:\program files\DAMN NFO Viewer
2010-10-04 18:05 . 2010-10-04 18:05 -------- d-----w- e:\program files\PowerISO
2010-10-04 18:05 . 2007-12-03 08:35 340040 ----a-w- e:\windows\cswskax5.ocx
2010-10-04 18:05 . 1979-12-31 18:00 132880 ----a-w- e:\windows\msinet.ocx
2010-10-04 18:05 . 1979-12-31 18:00 40448 ----a-w- e:\windows\regobj.dll
2010-10-04 13:02 . 2009-02-24 12:42 116736 ----a-w- e:\windows\system32\drivers\mcdbus.sys
2010-10-04 13:02 . 2010-10-04 13:03 -------- d-----w- e:\program files\MagicDisc
2010-10-04 12:46 . 2010-10-04 12:46 -------- d-----w- e:\program files\uTorrent
2010-10-04 12:46 . 2010-11-01 15:35 -------- d-----w- e:\documents and settings\Md. Rumman\Application Data\uTorrent

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 06:25 . 2010-09-18 06:25 73728 ----a-w- e:\windows\system32\javacpl.cpl
2010-09-18 06:25 . 2010-09-18 06:25 423656 ----a-w- e:\windows\system32\deployJava1.dll
2010-08-18 05:58 . 2010-08-18 05:58 499712 ----a-w- e:\windows\system32\msvcp71.dll
2010-08-18 05:58 . 2010-08-18 05:58 348160 ----a-w- e:\windows\system32\msvcr71.dll
.

------- Sigcheck -------

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . e:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . e:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . e:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\asyncmac.sys
[-] 2004-08-04 03:05 . F6F211EF1B418C8A1FFC9C0C09C1375D . 14336 . . [------] . . e:\windows\system32\drivers\asyncmac.sys

[-] 2004-08-07 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . e:\windows\system32\dllcache\beep.sys
[-] 2004-08-07 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . e:\windows\system32\drivers\beep.sys

[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\kbdclass.sys
[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . e:\windows\system32\drivers\kbdclass.sys

[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . e:\windows\system32\drivers\ndis.sys

[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . e:\windows\system32\drivers\ntfs.sys

[-] 2004-08-07 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . e:\windows\system32\dllcache\null.sys
[-] 2004-08-07 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . e:\windows\system32\drivers\null.sys

[-] 2010-09-18 . C81D6A930A7805F6DAA0C7902B99037E . 359040 . . [5.1.2600.2180] . . e:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . e:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . e:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . e:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . e:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . e:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys

[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\browser.dll
[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . e:\windows\system32\browser.dll
[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\browser.dll

[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\lsass.exe
[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . e:\windows\system32\lsass.exe
[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\lsass.exe

[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\netman.dll
[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . e:\windows\system32\netman.dll
[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\netman.dll

[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\qmgr.dll
[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . e:\windows\system32\qmgr.dll
[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . e:\windows\system32\dllcache\qmgr.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . e:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . e:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 01095FEBF33BEEA00C2A0730B9B3EC28 . 399360 . . [5.1.2600.3520] . . e:\windows\system32\rpcss.dll
[-] 2009-02-09 . 01095FEBF33BEEA00C2A0730B9B3EC28 . 399360 . . [5.1.2600.3520] . . e:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 24B5D53B9ACCC1E2EDCF0A878D6659D4 . 401408 . . [5.1.2600.3520] . . e:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2004-08-04 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . e:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2004-08-04 . 5C83A4408604F737717AB96371201680 . 395776 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\rpcss.dll

[-] 2009-02-06 . 37561F8D4160D62DA86D24AE41FAE8DE . 110592 . . [5.1.2600.3520] . . e:\windows\system32\services.exe
[-] 2009-02-06 . 37561F8D4160D62DA86D24AE41FAE8DE . 110592 . . [5.1.2600.3520] . . e:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . e:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . e:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-06 . 4712531AB7A01B7EE059853CA17D39BD . 110592 . . [5.1.2600.3520] . . e:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . e:\windows\$NtUninstallKB956572$\services.exe
[-] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\services.exe

[-] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\spoolsv.exe
[-] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . e:\windows\system32\spoolsv.exe
[-] 2004-08-04 . 7435B108B935E42EA92CA94F59C8E717 . 57856 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\spoolsv.exe

[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\winlogon.exe
[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . e:\windows\system32\winlogon.exe
[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\winlogon.exe

[-] 2004-08-07 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . e:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . e:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\comctl32.dll
[-] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . e:\windows\system32\comctl32.dll
[-] 2004-08-04 . A77DFB85FAEE49D66C74DA6024EBC69B . 611328 . . [5.82] . . e:\windows\system32\dllcache\comctl32.dll

[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\cryptsvc.dll
[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . e:\windows\system32\cryptsvc.dll
[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\cryptsvc.dll

[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . e:\windows\system32\es.dll
[-] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . e:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . e:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . e:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . e:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2004-08-04 04:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . e:\windows\$NtUninstallKB950974$\es.dll
[-] 2004-08-04 04:56 . ACD36A2DD7D1E9D8A060AA651DC07E63 . 243200 . . [2001.12.4414.258] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\es.dll

[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\imm32.dll
[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . e:\windows\system32\imm32.dll
[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\imm32.dll

[-] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . e:\windows\system32\kernel32.dll
[-] 2009-03-21 . B6ACAED7588295129791E0E6A2B0FADE . 986112 . . [5.1.2600.3541] . . e:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . e:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . 80202858D245FF07DAA1739C57A3E19B . 989184 . . [5.1.2600.3541] . . e:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . e:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . e:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\kernel32.dll

[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\linkinfo.dll
[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . e:\windows\system32\linkinfo.dll
[-] 2004-08-04 . C2BBD044C741EA4292016C36F718D2E4 . 18944 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\linkinfo.dll

[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\lpk.dll
[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . e:\windows\system32\lpk.dll
[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\lpk.dll

[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . e:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . e:\windows\system32\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . e:\windows\system32\dllcache\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . e:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . e:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\mshtml.dll
[-] 2010-04-16 . 6B930309A4A246D133A49EADE11E5773 . 3073024 . . [6.00.2900.5969] . . e:\windows\$hf_mig$\KB982381\SP3GDR\mshtml.dll
[-] 2010-04-16 . 44A6BB3DE8FF814209A1CDFEC4BB51BD . 3065344 . . [6.00.2900.3698] . . e:\windows\ie8\mshtml.dll
[-] 2010-04-16 . 9574D5B0C784DA0FD8F6A9BB37936A52 . 3073536 . . [6.00.2900.5969] . . e:\windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll
[-] 2010-04-16 . 149F37C9702F24A50741E56FBC7AE56B . 3073024 . . [6.00.2900.3698] . . e:\windows\$hf_mig$\KB982381\SP2QFE\mshtml.dll
[-] 2009-03-07 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . e:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2004-08-04 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . e:\windows\$NtUninstallKB982381$\mshtml.dll
[-] 2004-08-04 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\mshtml.dll

[-] 2004-08-07 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . e:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . e:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . e:\windows\system32\msvcrt.dll
[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . e:\windows\system32\dllcache\msvcrt.dll

[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . e:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . e:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . e:\windows\system32\mswsock.dll
[-] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . e:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . e:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2004-08-04 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . e:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2004-08-04 . 4E74AF063C3271FBEA20DD940CFD1184 . 245248 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\mswsock.dll

[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . e:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . 6C476D33D82F1054849790181E8F7772 . 408064 . . [5.1.2600.3520] . . e:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\netlogon.dll
[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . e:\windows\system32\netlogon.dll
[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\netlogon.dll

[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . e:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 . 97E2BF68857818A4D142B872404DC41B . 2186880 . . [5.1.2600.3670] . . e:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . e:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . e:\windows\system32\ntoskrnl.exe
[-] 2010-02-16 . EBB75B113E74E90074382347B74D652B . 2181376 . . [5.1.2600.3670] . . e:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . e:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . e:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . e:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-06 . 6A936E9D7BADAF3CAAEED1E1966EC1B0 . 2186112 . . [5.1.2600.3520] . . e:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2004-08-04 . CE218BC7088681FAA06633E218596CA7 . 2180992 . . [5.1.2600.2180] . . e:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2004-08-04 . CE218BC7088681FAA06633E218596CA7 . 2180992 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ntoskrnl.exe

[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\powrprof.dll
[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . e:\windows\system32\powrprof.dll
[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . e:\windows\system32\dllcache\powrprof.dll

[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\scecli.dll
[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . e:\windows\system32\scecli.dll
[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\scecli.dll

[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\sfc.dll
[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . e:\windows\system32\sfc.dll
[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\sfc.dll

[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\svchost.exe
[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . e:\windows\system32\svchost.exe
[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\svchost.exe

[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\tapisrv.dll
[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . e:\windows\system32\tapisrv.dll
[-] 2004-08-04 . EB4A4187D74A8EFDCBEA3EA2CB1BDFBD . 246272 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\tapisrv.dll

[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\user32.dll
[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . e:\windows\system32\user32.dll
[-] 2004-08-04 . C72661F8552ACE7C5C85E16A3CF505C4 . 577024 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\user32.dll

[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\userinit.exe
[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . e:\windows\system32\userinit.exe
[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\userinit.exe

[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . e:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . e:\windows\system32\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . e:\windows\system32\dllcache\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . e:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . e:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\wininet.dll
[-] 2010-04-16 . B43B18FB0EB577856883E5A0708AB9EF . 667136 . . [6.00.2900.5969] . . e:\windows\$hf_mig$\KB982381\SP3GDR\wininet.dll
[-] 2010-04-16 . C3052A99A24F462B418632A05328BB38 . 668672 . . [6.00.2900.5969] . . e:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
[-] 2010-04-16 . 602BB82E56758BC6E50B17741CD5F081 . 662016 . . [6.00.2900.3698] . . e:\windows\ie8\wininet.dll
[-] 2010-04-16 . 9CE5DEF97E55E52C23201098DB755280 . 668672 . . [6.00.2900.3698] . . e:\windows\$hf_mig$\KB982381\SP2QFE\wininet.dll
[-] 2009-03-07 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . e:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2004-08-04 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . e:\windows\$NtUninstallKB982381$\wininet.dll
[-] 2004-08-04 . C0823FC5469663BA63E7DB88F9919D70 . 656384 . . [6.00.2900.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\wininet.dll

[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ws2_32.dll
[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . e:\windows\system32\ws2_32.dll
[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\ws2_32.dll

[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ws2help.dll
[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . e:\windows\system32\ws2help.dll
[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\ws2help.dll

[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . e:\windows\explorer.exe
[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\explorer.exe
[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . e:\windows\system32\dllcache\explorer.exe

[-] 2004-08-04 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ole32.dll
[-] 2004-08-04 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . e:\windows\system32\ole32.dll
[-] 2004-08-04 . 4FE9D9FA62D020E35E0AC6D1AEEB96F0 . 1281536 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\ole32.dll

[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . e:\windows\system32\srsvc.dll
[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\srsvc.dll

[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . e:\windows\system32\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\wscntfy.exe

[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . e:\windows\system32\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\xmlprov.dll

[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\eventlog.dll
[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . e:\windows\system32\eventlog.dll
[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\eventlog.dll

[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\sfcfiles.dll
[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . e:\windows\system32\sfcfiles.dll
[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\sfcfiles.dll

[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ctfmon.exe
[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . e:\windows\system32\ctfmon.exe
[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\ctfmon.exe

[-] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\shsvcs.dll
[-] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . e:\windows\system32\shsvcs.dll
[-] 2004-08-04 . E7518DC542D3EBDCB80EDD98462C7821 . 134656 . . [6.00.2900.2180] . . e:\windows\system32\dllcache\shsvcs.dll

[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\regsvc.dll
[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . e:\windows\system32\regsvc.dll
[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\regsvc.dll

[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\schedsvc.dll
[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . e:\windows\system32\schedsvc.dll
[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\schedsvc.dll

[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ssdpsrv.dll
[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . e:\windows\system32\ssdpsrv.dll
[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\ssdpsrv.dll

[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\termsrv.dll
[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . e:\windows\system32\termsrv.dll
[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\termsrv.dll

[-] 2004-08-04 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\appmgmts.dll
[-] 2004-08-04 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . e:\windows\system32\appmgmts.dll
[-] 2004-08-04 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\appmgmts.dll

[-] 2004-08-07 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . e:\windows\system32\drivers\acpiec.sys

[-] 2004-08-03 16:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\aec.sys
[-] 2004-08-03 16:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . e:\windows\system32\dllcache\aec.sys
[-] 2004-08-03 16:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . e:\windows\system32\drivers\aec.sys

[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . e:\windows\system32\drivers\ip6fw.sys

[-] 2004-08-07 00:17 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\mfc40u.dll
[-] 2004-08-07 00:17 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . e:\windows\system32\mfc40u.dll
[-] 2004-08-07 00:17 . DDF8D47ACF8FC3FE5F7F2B95C4D4D136 . 924432 . . [4.1.6140] . . e:\windows\system32\dllcache\mfc40u.dll

[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\msgsvc.dll
[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . e:\windows\system32\msgsvc.dll
[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\msgsvc.dll

[-] 2004-08-04 04:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\mspmsnsv.dll
[-] 2004-08-04 04:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . e:\windows\system32\mspmsnsv.dll
[-] 2004-08-04 04:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . e:\windows\system32\dllcache\mspmsnsv.dll

[-] 2010-02-17 . 1811AFC2FADB60B88947E3D08E250860 . 2063744 . . [5.1.2600.3670] . . e:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . e:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . e:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . e:\windows\system32\ntkrnlpa.exe
[-] 2010-02-16 . 1EE6B94ACA7BE115A1813BBCA65099A8 . 2058368 . . [5.1.2600.3670] . . e:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . e:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . e:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . e:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2009-02-06 . 9D832AF3FD1917DB0E1E8B2F000A2E3A . 2062976 . . [5.1.2600.3520] . . e:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2004-08-04 . 947FB1D86D14AFCFFDB54BF837EC25D0 . 2056832 . . [5.1.2600.2180] . . e:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2004-08-04 . 947FB1D86D14AFCFFDB54BF837EC25D0 . 2056832 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ntkrnlpa.exe

[-] 2004-08-04 04:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ntmssvc.dll
[-] 2004-08-04 04:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . e:\windows\system32\ntmssvc.dll
[-] 2004-08-04 04:56 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . e:\windows\system32\dllcache\ntmssvc.dll

[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\upnphost.dll
[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . e:\windows\system32\upnphost.dll
[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\upnphost.dll

[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\dsound.dll
[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . e:\windows\system32\dsound.dll
[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . e:\windows\system32\dllcache\dsound.dll

[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . e:\windows\system32\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . e:\windows\system32\dllcache\d3d9.dll

[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\ddraw.dll
[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . e:\windows\system32\ddraw.dll
[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . e:\windows\system32\dllcache\ddraw.dll

[-] 2004-08-04 04:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\olepro32.dll
[-] 2004-08-04 04:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . e:\windows\system32\olepro32.dll
[-] 2004-08-04 04:56 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\olepro32.dll

[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\perfctrs.dll
[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . e:\windows\system32\perfctrs.dll
[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\perfctrs.dll

[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . e:\windows\SoftwareDistribution\Download\2d8407673ea9865ef7cd775540e3a36b\backup\version.dll
[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . e:\windows\system32\version.dll
[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . e:\windows\system32\dllcache\version.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="e:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"HitmanPro35"="e:\program files\Hitman Pro 3.5\HitmanPro35.exe" [2010-05-30 4410368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)

[HKLM\~\startupfolder\E:^Documents and Settings^Md. Rumman^Start Menu^Programs^Startup^MagicDisc.lnk]
path=e:\documents and settings\Md. Rumman\Start Menu\Programs\Startup\MagicDisc.lnk
backup=e:\windows\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
e:\windows\system32\dumprep 0 -u [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avro Keyboard]
2007-07-01 20:23 1658880 ----a-w- e:\program files\Avro Keyboard\Avro Keyboard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
2006-10-17 01:20 398944 ----a-w- e:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2007-01-13 01:47 163840 ----a-r- e:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2007-01-13 01:47 131072 ----a-r- e:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-03 19:06 1667584 ------w- e:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2007-01-13 01:46 135168 ----a-r- e:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2010-04-12 08:40 180224 ----a-w- e:\program files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-07-28 12:27 19557480 ----a-w- e:\windows\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 05:44 248552 ----a-w- e:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Video Downloader]
2008-11-24 09:45 3257616 ----a-w- e:\program files\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\eMule\\emule.exe"=
"e:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 aswSP;aswSP;e:\windows\system32\drivers\aswSP.sys [10/18/2010 11:50 PM 165584]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [10/18/2010 11:50 PM 17744]
S2 gupdate;Google Update Service (gupdate);e:\program files\Google\Update\GoogleUpdate.exe [10/18/2010 11:50 PM 136176]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [9/17/2010 8:41 PM 1691480]
S3 Revoflt;Revoflt;e:\windows\system32\drivers\revoflt.sys [10/17/2010 12:54 AM 27064]
.
Contents of the 'Scheduled Tasks' folder

2010-11-01 e:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- e:\program files\Google\Update\GoogleUpdate.exe [2010-10-18 17:50]

2010-11-01 e:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- e:\program files\Google\Update\GoogleUpdate.exe [2010-10-18 17:50]
.
.
------- Supplementary Scan -------
.
uStart Page =
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - e:\documents and settings\Md. Rumman\Application Data\Mozilla\Firefox\Profiles\akchlr5l.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - component: e:\documents and settings\Md. Rumman\Application Data\Mozilla\Firefox\Profiles\akchlr5l.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: e:\program files\FlashCatch\firefox\components\FlashCatch.dll
FF - component: e:\program files\FlashCatch\firefox\components\FlashCatch191.dll
FF - component: e:\program files\FlashCatch\firefox\components\FlashCatch192.dll
FF - plugin: e:\documents and settings\Md. Rumman\Application Data\Mozilla\plugins\np-mswmp.dll
FF - plugin: e:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: e:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: e:\program files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: e:\program files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: general.useragent.extra.prevx -
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
e:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
e:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{30F7565F-7C0C-4119-8421-CC7816CCA20E} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-01 22:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b7,b3,5f,ec,7d,26,78,47,9a,88,25,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b7,b3,5f,ec,7d,26,78,47,9a,88,25,\
.
Completion time: 2010-11-01 22:54:01
ComboFix-quarantined-files.txt 2010-11-01 16:53

Pre-Run: 4,402,290,688 bytes free
Post-Run: 4,407,795,712 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 198EB53D980182A088A7FA3C471E0C72

this is my hijack this log report.please help me with this>

HIJACK THIS
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:00:45 PM, on 11/4/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Alwil Software\Avast5\avastUI.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\explorer.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Md. Rumman\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast5] "E:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HitmanPro35] "E:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - E:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - E:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1287927956000
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1284818785078
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8F86F10-6DA8-42BF-BCF7-3063E35F7BDC}: NameServer = 116.193.170.5,116.193.170.6
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - E:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - E:\WINDOWS\System32\dmadmin.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - E:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Unknown owner - E:\WINDOWS\system32\mnmsrvc.exe

--
End of file - 4860 bytes

EDIT: Topics and posts merged ~BP

Edited by Budapest, 04 November 2010 - 04:24 PM.
Moved from Introductions ~BP


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:50 PM

Posted 08 November 2010 - 08:24 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:50 PM

Posted 14 November 2010 - 06:20 PM

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users