BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Cant log in to facebook
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Cant log in to facebook  
Forum Quick Jump
 
New Topic Post reply to : Cant log in to facebook Printable version of : Cant log in to facebook
[ << Previous Thread | Next Thread >> ]

migi99
New Member


Date Joined Jan 2010
Total Posts : 10
 
   Posted 1/8/2010 8:25 PM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
i cant log in to facebook. whenever i get to log in my account, this URL will appear (http://chips01.t35.com/01.php) and it redirects me to facebook log in.. please help me solve this problem.. pls.
Back to Top
 

Jintan
Senior Member




Date Joined Dec 2006
Total Posts : 1428
 
   Posted 1/9/2010 5:21 AM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
Good, you did start your own thread. Two actually, so be sure to only post one request in the future.

That website you are redirected to actually uses Facebook's legit login page to present to people, but has source code that suggests if someone entered their login information then, it would fail, or possibly t35.com would receive the information.

You had post some logs in other threads already, so do the following, but if you already have the tool then just use it:


To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.


Download RSIT (random's system information tool) from here to your desktop. Then click on the RSIT.exe to open the RSIT display, and click the Continue button.

If necessary allow it to locate or download a copy of HijackThis as needed.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

--------------

Also click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


Once the opening scan finishes, click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.
Back to Top
 

migi99
New Member


Date Joined Jan 2010
Total Posts : 10
 
   Posted 1/9/2010 2:07 PM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
i'm not sure how to do it.. i dont know how to disable the antivirus. u mean uninstalling it?
Back to Top
 

migi99
New Member


Date Joined Jan 2010
Total Posts : 10
 
   Posted 1/9/2010 2:49 PM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
help pls..
Back to Top
 

migi99
New Member


Date Joined Jan 2010
Total Posts : 10
 
   Posted 1/9/2010 3:03 PM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
1st LOG:

Logfile of random's system information tool 1.06 (written by random/random)
Run by kate at 2010-01-09 20:15:27
Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (67%) free of 39 GB
Total RAM: 503 MB (11% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:16:12 PM, on 1/9/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\RVHOST.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\RVHOST.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\kate\My Documents\Downloads\RSIT(2).exe
C:\Program Files\trend micro\kate.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
F2 - REG:system.ini: Shell=Explorer.exe RVHOST.exe
O1 - Hosts: 79.106.2.131 localhost
O1 - Hosts: 79.106.2.131 facebook.com
O1 - Hosts: 79.106.2.131 www.facebook.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LREC75DND7] C:\DOCUME~1\kate\LOCALS~1\Temp\c.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Yahoo Messengger] C:\WINDOWS\system32\RVHOST.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1214837377265
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 8192 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C0ECAFC6-6EE8-4AB6-A74B-D1EC26237580}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-31 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-12-31 1968920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-01 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-19 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-12-31 1968920]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
Locked

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe []
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe []
"Persistence"=C:\WINDOWS\system32\igfxpers.exe []
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-31 2043160]
"VMSnap3"=C:\WINDOWS\VMSnap3.EXE [2006-08-29 49152]
"Domino"=C:\WINDOWS\Domino.EXE [2006-06-28 49152]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-01 149280]
"BigDog303"=C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) []
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-11-22 16858112]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LREC75DND7"=C:\DOCUME~1\kate\LOCALS~1\Temp\c.exe []
"Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-05-26 4351216]
"Yahoo Messengger"=C:\WINDOWS\system32\RVHOST.exe [2008-05-25 603648]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\kate\Start Menu\Programs\Startup
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-12-31 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NofolderOptions"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2010-01-10 07:44:21 ----D---- C:\Program Files\Mozilla Firefox
2010-01-10 07:25:55 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-09 20:15:27 ----D---- C:\rsit
2010-01-09 12:03:35 ----D---- C:\WINDOWS\LastGood
2010-01-09 12:03:32 ----RA---- C:\WINDOWS\VMSnap3.EXE
2010-01-09 12:03:32 ----RA---- C:\WINDOWS\VM303Cap.exe
2010-01-09 12:03:32 ----RA---- C:\WINDOWS\system32\VM303STI.dll
2010-01-09 12:03:32 ----RA---- C:\WINDOWS\system32\setupfilter.exe
2010-01-09 12:03:32 ----RA---- C:\WINDOWS\Domino.EXE
2010-01-09 12:03:32 ----R---- C:\WINDOWS\Zoom.exe
2010-01-09 12:03:32 ----R---- C:\WINDOWS\VMPipe.dll
2010-01-09 12:03:31 ----RA---- C:\WINDOWS\amcap.exe
2010-01-09 12:03:31 ----A---- C:\WINDOWS\VMInstNT.exe
2010-01-09 12:03:31 ----A---- C:\WINDOWS\VM303UninstNT.exe
2010-01-09 12:03:30 ----D---- C:\WINDOWS\EffectResources
2010-01-09 01:58:30 ----A---- C:\WINDOWS\Pool.INI
2010-01-09 01:34:21 ----D---- C:\Documents and Settings\All Users\Application Data\Oberon Media
2010-01-09 00:21:51 ----D---- C:\Program Files\trend micro
2010-01-08 23:12:41 ----RASH---- C:\WINDOWS\system32\RVHOST.exe
2010-01-08 20:29:15 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-01-08 20:29:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-08 01:47:53 ----D---- C:\Documents and Settings\kate\Application Data\funkitron
2010-01-07 00:51:59 ----D---- C:\Documents and Settings\kate\Application Data\Opera
2010-01-07 00:51:40 ----D---- C:\Program Files\Opera
2010-01-07 00:24:16 ----D---- C:\Documents and Settings\kate\Application Data\Flock
2010-01-06 22:17:58 ----D---- C:\Documents and Settings\kate\Application Data\Macromedia
2010-01-06 18:38:12 ----D---- C:\Program Files\GameHouse Games Collection
2010-01-06 18:22:16 ----RA---- C:\WINDOWS\system32\ChCfg.exe
2010-01-06 18:20:45 ----RA---- C:\WINDOWS\Alcmtr.exe
2010-01-06 18:20:41 ----A---- C:\WINDOWS\HideWin.exe
2010-01-06 07:44:24 ----A---- C:\WINDOWS\ODBC.INI
2010-01-06 07:43:38 ----D---- C:\Program Files\Microsoft ActiveSync
2010-01-06 07:43:32 ----D---- C:\Program Files\Common Files\DESIGNER
2010-01-06 07:43:04 ----D---- C:\WINDOWS\SHELLNEW
2010-01-06 07:43:04 ----D---- C:\Program Files\Microsoft.NET
2010-01-06 07:43:04 ----D---- C:\Program Files\Microsoft Office
2010-01-06 06:19:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2010-01-06 04:10:38 ----D---- C:\WINDOWS\Performance
2010-01-06 03:59:07 ----D---- C:\Program Files\Microsoft Sync Framework
2010-01-06 03:58:22 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-01-06 03:58:16 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-01-06 03:58:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954708$
2010-01-06 03:56:58 ----D---- C:\Program Files\Microsoft
2010-01-06 03:56:41 ----D---- C:\Program Files\Windows Live SkyDrive
2010-01-06 03:56:18 ----D---- C:\Program Files\Windows Live
2010-01-06 03:36:20 ----D---- C:\Program Files\Common Files\Windows Live
2010-01-06 03:35:45 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-06 03:33:03 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-01-06 03:33:03 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-01-02 22:27:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-01-02 03:07:45 ----D---- C:\WINDOWS\system32\XPSViewer
2010-01-02 03:07:39 ----D---- C:\Program Files\MSBuild
2010-01-02 03:07:28 ----D---- C:\Program Files\Reference Assemblies
2010-01-02 03:06:51 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-01-02 03:06:50 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-01-02 03:06:50 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-01-01 22:01:08 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-01 21:56:08 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-01-01 18:09:31 ----D---- C:\Documents and Settings\kate\Application Data\Mozilla
2010-01-01 18:08:58 ----D---- C:\Documents and Settings\kate\Application Data\LimeWire
2010-01-01 18:08:39 ----D---- C:\Program Files\LimeWire
2010-01-01 14:52:07 ----D---- C:\Documents and Settings\kate\Application Data\Ahead
2010-01-01 14:51:28 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2010-01-01 14:48:39 ----D---- C:\Program Files\Nero
2010-01-01 14:48:39 ----D---- C:\Program Files\Common Files\Ahead
2010-01-01 14:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2010-01-01 14:47:17 ----D---- C:\WINDOWS\RegisteredPackages
2010-01-01 14:46:54 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-01-01 14:46:48 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-01-01 12:51:20 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2010-01-01 12:05:31 ----HD---- C:\$AVG8.VAULT$
2010-01-01 11:35:01 ----RA---- C:\WINDOWS\system32\igxpun.exe
2010-01-01 11:29:06 ----A---- C:\WINDOWS\VidCap32.exe
2010-01-01 11:29:06 ----A---- C:\WINDOWS\MMVEM.EXE
2010-01-01 11:29:06 ----A---- C:\WINDOWS\JAPI2.DLL
2010-01-01 11:29:06 ----A---- C:\WINDOWS\JAPI.DLL
2010-01-01 11:27:44 ----D---- C:\VP-EYE
2010-01-01 11:26:39 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-01 11:23:43 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-01-01 11:17:18 ----D---- C:\Documents and Settings\kate\Application Data\HP
2010-01-01 09:54:12 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-01-01 05:18:49 ----D---- C:\WINDOWS\Sun
2010-01-01 05:08:18 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-01 05:08:18 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-01-01 05:08:17 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-01 05:08:17 ----A---- C:\WINDOWS\system32\java.exe
2010-01-01 05:08:08 ----D---- C:\Program Files\Java
2010-01-01 05:05:43 ----D---- C:\Documents and Settings\kate\Application Data\Sun
2010-01-01 03:54:46 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2010-01-01 03:52:54 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2010-01-01 03:52:53 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2010-01-01 03:50:09 ----D---- C:\Program Files\Common Files\HP
2010-01-01 03:22:03 ----D---- C:\WINDOWS\system32\appmgmt
2010-01-01 03:20:38 ----D---- C:\Temp
2010-01-01 03:20:34 ----A---- C:\WINDOWS\GPInstall.exe
2010-01-01 02:48:21 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-01-01 01:25:27 ----D---- C:\Documents and Settings\All Users\Application Data\UAB
2010-01-01 01:25:26 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2010-01-01 01:23:57 ----D---- C:\Program Files\PC Drivers HeadQuarters
2010-01-01 01:22:02 ----RSD---- C:\WINDOWS\assembly
2010-01-01 01:21:44 ----D---- C:\WINDOWS\Microsoft.NET
2010-01-01 01:16:14 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-01-01 01:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-01-01 01:15:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-01-01 01:12:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-01-01 01:12:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-01-01 00:59:32 ----D---- C:\Intel
2010-01-01 00:44:30 ----D---- C:\Program Files\HP
2010-01-01 00:44:22 ----HD---- C:\Config.Msi
2010-01-01 00:39:19 ----A---- C:\WINDOWS\UPGRADE.TXT
2010-01-01 00:37:38 ----D---- C:\WINDOWS\Prefetch
2010-01-01 00:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-01-01 00:35:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-01-01 00:35:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-01-01 00:35:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-01-01 00:35:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-01-01 00:35:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-01-01 00:35:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-01-01 00:35:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-01-01 00:34:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-01-01 00:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-01-01 00:34:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-01-01 00:34:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-01-01 00:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-01-01 00:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-01-01 00:34:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-01-01 00:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-01-01 00:34:01 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-01-01 00:33:55 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-01-01 00:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-01-01 00:33:40 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-01-01 00:33:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-01-01 00:33:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2010-01-01 00:33:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-01-01 00:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-01-01 00:33:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-01-01 00:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-01-01 00:32:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-01-01 00:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-01-01 00:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-01-01 00:32:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-01-01 00:32:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-01-01 00:32:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-01-01 00:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-01-01 00:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-01-01 00:32:03 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-01-01 00:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-01-01 00:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-01-01 00:31:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-01-01 00:31:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-01-01 00:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-01-01 00:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-01-01 00:31:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-01-01 00:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-01-01 00:31:08 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-01-01 00:31:01 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-01-01 00:26:24 ----D---- C:\WINDOWS\system32\scripting
2010-01-01 00:26:24 ----D---- C:\WINDOWS\l2schemas
2010-01-01 00:26:23 ----D---- C:\WINDOWS\system32\en
2010-01-01 00:26:23 ----D---- C:\WINDOWS\system32\bits
2010-01-01 00:20:12 ----D---- C:\WINDOWS\network diagnostic
2010-01-01 00:19:03 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-01-01 00:16:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-01-01 00:12:04 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-12-31 22:59:20 ----D---- C:\WINDOWS\ie8updates
2009-12-31 22:58:50 ----D---- C:\WINDOWS\WBEM
2009-12-31 22:58:05 ----HDC---- C:\WINDOWS\ie8
2009-12-31 22:58:05 ----D---- C:\WINDOWS\system32\en-US
2009-12-31 22:52:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-12-31 22:52:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2009-12-31 22:52:01 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2009-12-31 22:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-12-31 22:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2009-12-31 22:51:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2009-12-31 22:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-31 22:51:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-12-31 22:51:32 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-31 22:51:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2009-12-31 22:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2009-12-31 22:50:59 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2_0$
2009-12-31 22:50:43 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2009-12-31 22:42:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2009-12-31 22:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2009-12-31 22:42:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971557_0$
2009-12-31 22:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2009-12-31 22:42:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2009-12-31 22:42:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2009-12-31 22:41:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2009-12-31 22:41:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2009-12-31 22:41:39 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-12-31 22:41:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971633_0$
2009-12-31 22:41:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-12-31 22:41:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2009-12-31 22:41:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2009-12-31 22:41:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-12-31 22:41:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2009-12-31 22:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2009-12-31 22:40:48 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-31 22:40:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2009-12-31 22:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2009-12-31 22:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2009-12-31 22:40:24 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2009-12-31 22:40:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$
2009-12-31 22:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2009-12-31 22:40:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$
2009-12-31 22:40:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-31 22:39:56 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2009-12-31 22:39:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2009-12-31 22:39:45 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2009-12-31 22:39:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2009-12-31 22:39:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-12-31 22:39:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2009-12-31 22:39:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971486_0$
2009-12-31 22:39:11 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-31 22:39:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-12-31 22:39:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2009-12-31 22:38:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2009-12-31 22:38:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-12-31 22:36:50 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-31 22:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-12-31 22:36:34 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2009-12-31 22:36:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2009-12-31 22:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2009-12-31 22:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-12-31 22:36:14 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2009-12-31 22:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2009-12-31 22:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2009-12-31 22:35:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$
2009-12-31 22:12:52 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-12-31 22:07:16 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-12-31 22:07:15 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2009-12-31 22:01:24 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-31 21:58:06 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-12-31 21:57:51 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-12-31 21:57:51 ----D---- C:\WINDOWS\system32\PreInstall
2009-12-31 21:57:51 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-31 21:57:50 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-12-31 21:57:50 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-31 21:18:46 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-12-31 20:46:03 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-12-31 20:46:02 ----D---- C:\Documents and Settings\kate\Application Data\Yahoo!
2009-12-31 20:45:40 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-12-31 20:45:01 ----D---- C:\WINDOWS\SxsCaPendDel
2009-12-31 20:41:18 ----D---- C:\Documents and Settings\kate\Application Data\Adobe
2009-12-31 20:40:41 ----SHD---- C:\RECYCLER
2009-12-31 20:38:52 ----D---- C:\Program Files\Yahoo!
2009-12-31 20:20:24 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-12-31 20:20:17 ----D---- C:\Documents and Settings\kate\Application Data\AVGTOOLBAR
2009-12-31 20:20:10 ----D---- C:\Program Files\AVG
2009-12-31 20:20:10 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-12-31 20:17:47 ----RASH---- C:\WINDOWS\system32\setting.ini
2009-12-31 20:17:37 ----A---- C:\WINDOWS\RVHOST.exe
2009-12-31 20:13:57 ----D---- C:\WINDOWS\system32\SoftwareDistribution

======List of files/folders modified in the last 1 months======

2010-01-10 07:16:09 ----SHD---- C:\WINDOWS\Installer
2010-01-10 06:46:50 ----A---- C:\WINDOWS\system.ini
2010-01-10 05:33:10 ----D---- C:\WINDOWS\Help
2010-01-09 20:16:14 ----D---- C:\WINDOWS\Temp
2010-01-09 18:53:19 ----D---- C:\WINDOWS\system32
2010-01-09 17:22:19 ----A---- C:\WINDOWS\win.ini
2010-01-09 16:38:40 ----SD---- C:\Documents and Settings\kate\Application Data\Microsoft
2010-01-09 13:27:49 ----D---- C:\WINDOWS
2010-01-09 13:23:18 ----RD---- C:\Program Files
2010-01-09 12:04:30 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-01-09 12:03:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-09 12:03:40 ----D---- C:\WINDOWS\system32\drivers
2010-01-09 12:03:36 ----HD---- C:\WINDOWS\inf
2010-01-09 12:03:36 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-09 12:03:32 ----D---- C:\WINDOWS\twain_32
2010-01-09 12:00:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-09 11:59:47 ----SD---- C:\WINDOWS\Tasks
2010-01-09 11:58:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-09 11:45:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-06 20:37:14 ----RSD---- C:\WINDOWS\Fonts
2010-01-06 18:50:17 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-06 18:22:16 ----D---- C:\WINDOWS\system32\RTCOM
2010-01-06 07:43:32 ----D---- C:\Program Files\Common Files
2010-01-06 07:43:07 ----D---- C:\Program Files\Common Files\System
2010-01-06 07:42:44 ----D---- C:\WINDOWS\system
2010-01-06 04:39:34 ----D---- C:\WINDOWS\WinSxS
2010-01-06 03:59:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-06 03:58:23 ----D---- C:\WINDOWS\system32\DirectX
2010-01-06 03:58:10 ----A---- C:\WINDOWS\imsins.BAK
2010-01-02 03:07:07 ----D---- C:\WINDOWS\system32\spool
2010-01-02 03:04:08 ----D---- C:\Program Files\Internet Explorer
2010-01-01 14:48:12 ----D---- C:\Program Files\Windows Media Player
2010-01-01 14:48:10 ----D---- C:\WINDOWS\security
2010-01-01 00:55:08 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-01 00:37:58 ----A---- C:\WINDOWS\OEWABLog.txt
2010-01-01 00:37:41 ----A---- C:\WINDOWS\setuplog.txt
2010-01-01 00:37:25 ----D---- C:\WINDOWS\system32\Setup
2010-01-01 00:37:25 ----D---- C:\WINDOWS\AppPatch
2010-01-01 00:34:44 ----D---- C:\Program Files\Outlook Express
2010-01-01 00:31:10 ----D---- C:\Program Files\Messenger
2010-01-01 00:26:41 ----D---- C:\WINDOWS\system32\inetsrv
2010-01-01 00:26:40 ----D---- C:\WINDOWS\ime
2010-01-01 00:26:25 ----D---- C:\WINDOWS\system32\usmt
2010-01-01 00:26:23 ----D---- C:\WINDOWS\PeerNet
2010-01-01 00:26:23 ----D---- C:\Program Files\Movie Maker
2010-01-01 00:22:04 ----D---- C:\WINDOWS\system32\npp
2010-01-01 00:22:04 ----D---- C:\WINDOWS\mui
2010-01-01 00:22:03 ----D---- C:\WINDOWS\msagent
2010-01-01 00:22:02 ----D---- C:\WINDOWS\srchasst
2010-01-01 00:22:02 ----D---- C:\Program Files\NetMeeting
2010-01-01 00:22:00 ----D---- C:\WINDOWS\system32\Com
2010-01-01 00:21:58 ----D---- C:\Program Files\Windows NT
2010-01-01 00:21:37 ----D---- C:\WINDOWS\system32\oobe
2010-01-01 00:16:13 ----D---- C:\WINDOWS\ehome
2009-12-31 22:58:45 ----D---- C:\WINDOWS\Media
2009-12-31 22:17:29 ----D---- C:\WINDOWS\Debug
2009-12-25 17:50:20 ----A---- C:\WINDOWS\vncutil.exe
2009-12-25 17:50:08 ----A---- C:\WINDOWS\RtkAudioService.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-12-31 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-12-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-12-31 108552]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-27 4630016]
R3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-10-23 103296]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vmfilter303;vmfilter303; C:\WINDOWS\system32\drivers\vmfilter303.sys [2006-04-24 428160]
R3 ZSMC303;A4 TECH PC Camera H; C:\WINDOWS\System32\Drivers\usbVM303.sys [2006-11-30 392122]
S3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-12-31 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-12-31 297752]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-01 153376]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Back to Top
 

migi99
New Member


Date Joined Jan 2010
Total Posts : 10
 
   Posted 1/9/2010 3:04 PM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
2nd LOG.. info txt..


info.txt logfile of random's system information tool 1.06 2010-01-09 20:16:22

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
A4 TECH PC Camera H-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{362483B1-91EB-4CB4-B9BB-3B4B4C644404}\setup.exe" -l0x9 -removeonly
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Driver Detective-->MsiExec.exe /X{4640FDE1-B83A-4376-84ED-86F86BEE2D41}
GameHouse Games Collection: Academy of Magic-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ACADEM~1\Install.log
GameHouse Games Collection: Adventure Inlay - Safari Edition-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ADVENT~2\Install.log
GameHouse Games Collection: Adventure Inlay-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ADVENT~1\Install.log
GameHouse Games Collection: Air Strike 3D-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\AIRSTR~1\Install.log
GameHouse Games Collection: Alien Sky-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ALIENS~1\Install.log
GameHouse Games Collection: Aloha Solitaire-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ALOHAS~1\Install.log
GameHouse Games Collection: Aloha TriPeaks-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ALOHAT~1\Install.log
GameHouse Games Collection: Ancient Tri-Jong-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ANCIEN~1\Install.log
GameHouse Games Collection: Ancient Tripeaks-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ANCIEN~2\Install.log
GameHouse Games Collection: Astrobatics-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ASTROB~1\Install.log
GameHouse Games Collection: Atlantis-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\Atlantis\Install.log
GameHouse Games Collection: Atomaders-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ATOMAD~1\Install.log
GameHouse Games Collection: Be!!!eled 2-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BE!!!E~1\Install.log
GameHouse Games Collection: Bewitched-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BEWITC~1\Install.log
GameHouse Games Collection: Big Kahuna Reef-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BIGKAH~1\Install.log
GameHouse Games Collection: Boggle Supreme-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BOGGLE~1\Install.log
GameHouse Games Collection: Bounce Out Blitz-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\BOUNCE~1\Install.log
GameHouse Games Collection: Digby's Donuts-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\DIGBY'~1\Install.log
GameHouse Games Collection: Diner Dash-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\DINERD~1\Install.log
GameHouse Games Collection: Feeding Frenzy-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\FEEDIN~1\Install.log
GameHouse Games Collection: Flip Words-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\FLIPWO~1\Install.log
GameHouse Games Collection: GameHouse Sudoku-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\GAMEHO~1\Install.log
GameHouse Games Collection: Inspector Parker-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\INSPEC~1\Install.log
GameHouse Games Collection: Pin High Country Club Golf-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\PINHIG~1\Install.log
GameHouse Games Collection: Pizza Frenzy-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\PIZZAF~1\Install.log
GameHouse Games Collection: Poker Superstars-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\POKERS~1\Install.log
GameHouse Games Collection: Reader's Digest Super Word Power-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\READER~1\Install.log
GameHouse Games Collection: SCRABBLE-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\SCRABBLE\Install.log
GameHouse Games Collection: Super Pool-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\SUPERP~1\Install.log
GameHouse Games Collection: Super TextTwist-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\SUPERT~1\Install.log
GameHouse Games Collection: Super WHATword-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\SUPERW~1\Install.log
GameHouse Games Collection: Ten Pin Championship Bowling Pro-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\TENPIN~1\Install.log
GameHouse Games Collection: Tennis Titans-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\TENNIS~1\Install.log
GameHouse Games Collection: Varmintz Deluxe-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\VARMIN~1\Install.log
GameHouse Games Collection: Word Jolt-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\WORDJO~1\Install.log
GameHouse Games Collection: Word Slinger-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\WORDSL~1\Install.log
GameHouse Games Collection: Zuma Deluxe-->C:\PROGRA~1\GAMEHO~1\unwise.exe /U C:\PROGRA~1\GAMEHO~1\ZUMADE~1\Install.log
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet Printer Driver Software 9.0-->C:\Program Files\HP\Digital Imaging\{03E66394-42F0-4745-85F7-0A2F8F35C09F}\setup\hpzscr01.exe -datfile hphscr15.dat -showdisconnect -forcereboot
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
LimeWire 5.4.6-->"C:\Program Files\LimeWire\uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Nero 7 Essentials-->MsiExec.exe /X{9F5AFBD2-AF6D-41E9-AFE8-F67AD7AF1033}
Office Animation Runtime-->MsiExec.exe /X{AEEB3643-71DE-414d-9E3F-1159177FE211}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VP-EYE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC17B2BE-BA6F-4696-8E5D-ED2A62981CDA}\setup.exe" -l0x9
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
Windows Live Family Safety-->MsiExec.exe /X{139E303E-1050-497F-98B1-9AE87B15C463}
Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87}
Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}
Windows Live Photo Gallery-->MsiExec.exe /X{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}
Windows Live Toolbar-->MsiExec.exe /X{995F1E2E-F542-4310-8E1D-9926F5A279B3}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Hosts File======

79.106.2.131 localhost
79.106.2.131 facebook.com
79.106.2.131 www.facebook.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com

======Security center information======

AV: AVG Anti-Virus (disabled)

======System event log======

Computer Name: KATE-505C9D6E98
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 665
Source Name: Cdrom
Time Written: 20091231220543.000000-480
Event Type: error
User:

Computer Name: KATE-505C9D6E98
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 664
Source Name: Cdrom
Time Written: 20091231220540.000000-480
Event Type: error
User:

Computer Name: KATE-505C9D6E98
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 663
Source Name: Cdrom
Time Written: 20091231220536.000000-480
Event Type: error
User:

Computer Name: KATE-505C9D6E98
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 662
Source Name: Cdrom
Time Written: 20091231220531.000000-480
Event Type: error
User:

Computer Name: KATE-505C9D6E98
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 661
Source Name: Cdrom
Time Written: 20091231220526.000000-480
Event Type: error
User:

=====Application event log=====

Computer Name: KATE-505C9D6E98
Event Code: 5603
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Record Number: 18
Source Name: WinMgmt
Time Written: 20080701104143.000000-420
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KATE-505C9D6E98
Event Code: 5603
Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

Record Number: 17
Source Name: WinMgmt
Time Written: 20080701104143.000000-420
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KATE-505C9D6E98
Event Code: 63
Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 13
Source Name: WinMgmt
Time Written: 20080701103949.000000-420
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KATE-505C9D6E98
Event Code: 63
Message: A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 12
Source Name: WinMgmt
Time Written: 20080701103949.000000-420
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: KATE-505C9D6E98
Event Code: 63
Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

Record Number: 11
Source Name: WinMgmt
Time Written: 20080701103948.000000-420
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
Back to Top
 

Jintan
Senior Member




Date Joined Dec 2006
Total Posts : 1428
 
   Posted 1/10/2010 1:35 AM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
Sorry, I hadn't seen your question about disabling AVG. That log shows a malware startup, as well as some altered Hosts file settings that would redirect Facebook accesses to a different server (the wrong one, we assume).

To disable the Resident Shield, please:

* Open AVG User Interface.
* Double-click on the Resident Shield.
* Un-tick the option Resident Shield active.
* Save the changes.

------------------

To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.

Download ComboFix.exe from here to your desktop, but I would like you to rename the file as you download it (do not download it directly without renaming it - use right click "Save Target/Link As" ). For this, rename the downloading file to 456out.com, then click the renamed 456out.com to run that scan.

Be sure to install the Recovery Console if you are asked to do so. When the scan completes, a text window with your log will open. Please copy and paste that log back here.

A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Allow the scan to run. When completed a text window will appear - please copy/paste the contents back here. This log can also be found at C:\ComboFix.txt.
Back to Top
 

migi99
New Member


Date Joined Jan 2010
Total Posts : 10
 
   Posted 1/13/2010 8:17 PM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
this is the Combo fix log report:




ComboFix 10-01-12.05 - kate 06/30/2008 6:02.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.114 [GMT -7:00]
Running from: c:\documents and settings\kate\My Documents\Downloads\456out.com.exe
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\kate\LOCALS~1\Temp\jna650983625273843451.tmp
c:\documents and settings\kate\Local Settings\Temp\jna650983625273843451.tmp
c:\windows\rvhost.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\rvhost.exe
c:\windows\system32\setting.ini

Infected copy of c:\windows\system32\mqbkup.exe was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\mqbkup.exe

Infected copy of c:\windows\system32\mqsvc.exe was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\mqsvc.exe

Infected copy of c:\windows\system32\mqtgsvc.exe was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\mqtgsvc.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-30 )))))))))))))))))))))))))))))))
.

2017-01-03 00:46 . 2017-01-03 00:46 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\WMTools Downloaded Files
2010-01-12 09:32 . 2006-10-27 03:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-01-12 09:32 . 2006-10-27 03:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-01-12 09:29 . 2010-01-12 09:29 -------- d-----w- c:\program files\Microsoft Works
2010-01-12 09:27 . 2010-01-12 09:27 -------- d-----w- c:\program files\Microsoft.NET
2010-01-12 09:21 . 2010-01-12 09:21 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-12 09:20 . 2010-01-12 09:20 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Microsoft Help
2010-01-12 09:20 . 2008-06-30 14:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-12 09:18 . 2010-01-12 09:18 -------- d-----r- C:\MSOCache
2010-01-12 08:02 . 2010-01-12 08:02 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2010-01-12 07:53 . 2010-01-12 07:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-12 07:53 . 2010-01-12 07:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2010-01-12 07:53 . 2007-03-30 15:11 267864 ----a-r- c:\windows\system32\hpzids01.dll
2010-01-12 07:53 . 2007-03-28 22:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll
2010-01-12 07:53 . 2007-03-28 21:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll
2010-01-10 23:32 . 2010-01-10 23:32 -------- d-sh--w- c:\windows\ftpcache
2010-01-09 09:34 . 2010-01-09 09:34 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Oberon Media
2010-01-09 09:34 . 2010-01-09 09:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Oberon Media
2010-01-09 09:33 . 2010-01-11 00:59 10 ----a-w- c:\windows\popcinfo.dat
2010-01-09 08:21 . 2010-01-10 04:15 -------- d-----w- c:\program files\trend micro
2010-01-09 04:29 . 2010-01-09 19:50 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-09 04:29 . 2010-01-09 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-08 09:47 . 2010-01-08 09:47 -------- d-----w- c:\documents and settings\kate\Application Data\funkitron
2010-01-07 08:52 . 2010-01-07 08:52 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Opera
2010-01-07 08:51 . 2010-01-07 08:57 -------- d-----w- c:\program files\Opera
2010-01-07 08:24 . 2010-01-07 08:24 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Flock
2010-01-07 08:24 . 2010-01-07 08:24 -------- d-----w- c:\documents and settings\kate\Application Data\Flock
2010-01-07 02:41 . 1999-02-16 16:02 49664 ----a-w- c:\windows\SSMaui Wowee.scr
2010-01-07 02:39 . 2004-09-21 00:00 802816 ----a-w- c:\windows\FeedingFrenzy.scr
2010-01-07 02:38 . 2005-01-07 19:39 57344 ----a-w- c:\windows\system32\Big Kahuna Reef.scr
2010-01-07 02:38 . 2005-08-03 21:48 389120 ----a-w- c:\windows\Adventure Inlay.scr
2010-01-07 02:38 . 2010-01-08 10:02 -------- d-----w- c:\program files\GameHouse Games Collection
2010-01-07 02:22 . 2006-08-01 23:02 49152 ----a-r- c:\windows\system32\ChCfg.exe
2010-01-07 02:20 . 2005-05-04 02:43 69632 ----a-r- c:\windows\Alcmtr.exe
2010-01-07 02:20 . 2010-01-07 02:20 319488 ----a-w- c:\windows\HideWin.exe
2010-01-06 15:43 . 2008-06-30 07:16 -------- d-----w- c:\windows\SHELLNEW
2010-01-06 12:10 . 2010-01-06 12:10 -------- d-----w- c:\windows\Performance
2010-01-06 12:10 . 2010-01-06 12:10 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Microsoft Corporation
2010-01-06 12:00 . 2008-06-30 13:08 -------- d-----w- c:\documents and settings\kate\Tracing
2010-01-06 11:59 . 2009-08-06 06:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2010-01-06 11:59 . 2010-01-06 11:59 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-01-06 11:58 . 2006-11-29 21:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-01-06 11:58 . 2010-01-06 11:58 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-01-06 11:56 . 2010-01-06 11:56 -------- d-----w- c:\program files\Microsoft
2010-01-06 11:56 . 2010-01-06 11:56 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-06 11:56 . 2010-01-06 11:59 -------- d-----w- c:\program files\Windows Live
2010-01-06 11:36 . 2010-01-06 11:36 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-06 11:35 . 2010-01-06 11:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-06 11:33 . 2009-08-07 03:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-01-05 07:54 . 2010-01-07 03:50 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Deployment
2010-01-02 11:07 . 2010-01-02 11:07 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-02 11:07 . 2010-01-12 09:29 -------- d-----w- c:\program files\MSBuild
2010-01-02 11:07 . 2010-01-02 11:07 -------- d-----w- c:\program files\Reference Assemblies
2010-01-02 11:07 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-02 11:06 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-01-02 11:06 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-01-02 11:06 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-01-02 11:06 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-01-02 11:06 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-01-02 11:06 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-01-02 11:06 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-01-02 11:06 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-01-02 02:08 . 2008-06-30 13:09 -------- d-----w- c:\documents and settings\kate\Application Data\LimeWire
2010-01-02 02:08 . 2010-01-02 02:08 -------- d-----w- c:\program files\LimeWire
2010-01-01 22:58 . 2010-01-01 22:58 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Ahead
2010-01-01 22:52 . 2010-01-01 22:52 -------- d-----w- c:\documents and settings\kate\Application Data\Ahead
2010-01-01 22:51 . 2010-01-01 22:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2010-01-01 22:48 . 2010-01-01 22:50 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-01 22:48 . 2010-01-01 22:48 -------- d-----w- c:\program files\Nero
2010-01-01 22:48 . 2010-01-01 22:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-01-01 21:18 . 2010-01-01 21:18 -------- d-sh--w- c:\documents and settings\kate\PrivacIE
2010-01-01 20:51 . 2009-12-26 01:50 51232 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-01-01 20:05 . 2008-06-30 09:21 -------- d-----w- C:\$AVG8.VAULT$
2010-01-01 19:35 . 2007-01-18 03:22 389120 ----a-r- c:\windows\system32\igxpun.exe
2010-01-01 19:29 . 2004-12-03 20:19 102400 ----a-w- c:\windows\MMVEM.EXE
2010-01-01 19:29 . 2002-05-28 17:52 106496 ----a-w- c:\windows\JAPI.DLL
2010-01-01 19:29 . 2001-06-25 01:32 172032 ----a-w- c:\windows\JAPI2.DLL
2010-01-01 19:29 . 1999-07-26 18:47 109840 ----a-w- c:\windows\VidCap32.exe
2010-01-01 19:26 . 2010-01-09 20:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-01 19:17 . 2010-01-01 19:17 -------- d-----w- c:\documents and settings\kate\Application Data\HP
2010-01-01 17:54 . 2008-04-14 00:12 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-01-01 13:18 . 2008-06-30 07:03 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-01 13:18 . 2010-01-01 13:18 -------- d-----w- c:\windows\Sun
2010-01-01 13:08 . 2010-01-01 13:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-01 13:08 . 2010-01-01 13:08 -------- d-----w- c:\program files\Java
2010-01-01 11:54 . 2010-01-01 11:54 -------- d-----w- c:\documents and settings\All Users\Application Data\HPSSUPPLY
2010-01-01 11:52 . 2010-01-01 11:52 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2010-01-01 11:52 . 2010-01-01 11:55 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2010-01-01 11:50 . 2010-01-01 11:50 -------- d-----w- c:\program files\Common Files\HP
2010-01-01 11:45 . 2010-01-12 08:04 137655 ----a-w- c:\windows\HPHins15.dat
2010-01-01 11:45 . 2007-08-28 06:45 2828 ------w- c:\windows\hphmdl15.dat
2010-01-01 11:20 . 2010-01-01 11:20 -------- d-----w- C:\Temp
2010-01-01 11:20 . 2004-09-07 23:54 2400256 ----a-w- c:\temp\AutoVolumeControl.msi
2010-01-01 11:20 . 2004-09-07 23:25 28672 ----a-w- c:\temp\custinfo.exe
2010-01-01 11:20 . 2010-01-01 11:20 796672 ----a-w- c:\windows\GPInstall.exe
2010-01-01 10:51 . 2010-01-01 21:18 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\Yahoo
2010-01-01 10:48 . 2008-04-14 00:12 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-01-01 10:48 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-01-01 09:25 . 2010-01-12 09:32 -------- d-----w- c:\documents and settings\All Users\Application Data\UAB
2010-01-01 09:25 . 2010-01-01 09:25 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-01-01 09:25 . 2010-01-01 09:25 -------- d-----w- c:\documents and settings\kate\Local Settings\Application Data\PC_Drivers_Headquarters
2010-01-01 09:23 . 2010-01-01 09:23 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2010-01-01 08:59 . 2010-01-01 08:59 -------- d-----w- C:\Intel
2010-01-01 08:44 . 2010-01-01 11:54 -------- d-----w- c:\program files\HP
2010-01-01 08:44 . 2008-04-13 18:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-01-01 08:44 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-01-01 08:44 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-01-01 08:44 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-01-01 08:37 . 2010-01-01 08:37 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-01-01 08:26 . 2010-01-01 08:26 -------- d-----w- c:\windows\system32\scripting
2010-01-01 08:26 . 2010-01-01 08:26 -------- d-----w- c:\windows\l2schemas
2010-01-01 08:26 . 2010-01-01 08:26 -------- d-----w- c:\windows\system32\en
2010-01-01 08:26 . 2010-01-01 08:26 -------- d-----w- c:\windows\system32\bits
2010-01-01 07:03 . 2010-01-01 07:03 -------- d-sh--w- c:\documents and settings\kate\IETldCache
2010-01-01 06:59 . 2009-10-29 07:45 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-01 06:59 . 2009-10-29 07:45 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-01 06:59 . 2009-10-29 07:45 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-01 06:59 . 2009-10-29 07:45 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-01 06:59 . 2009-10-29 07:45 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-01 06:59 . 2009-10-29 07:45 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-01-01 06:59 . 2010-01-01 06:59 -------- d-----w- c:\windows\ie8updates
2010-01-01 06:59 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-01-01 06:58 . 2010-01-01 06:58 -------- dc-h--w- c:\windows\ie8
2010-01-01 06:39 . 2010-01-01 08:22 -------- d-----w- c:\windows\ServicePackFiles
2010-01-01 06:32 . 2004-08-04 06:41 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-12 09:39 . 2008-06-30 12:38 -------- d-----w- c:\documents and settings\kate\Application Data\BitTorrent
2010-01-12 09:33 . 2010-01-12 09:33 54608 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\XPBurnComponent.dll
2010-01-12 09:33 . 2010-01-12 09:33 28040 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.ExceptionLogging.dll
2010-01-12 09:33 . 2010-01-12 09:33 21944 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.ExceptionLogging.XmlSerializers.dll
2010-01-12 09:33 . 2010-01-12 09:33 66968 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.ExceptionLogging.dll
2010-01-12 09:33 . 2010-01-12 09:33 100176 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.Common.dll
2010-01-12 09:33 . 2010-01-12 09:33 161200 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.Communication.XmlSerializers.dll
2010-01-12 09:33 . 2010-01-12 09:33 128400 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.Communication.dll
2010-01-12 09:33 . 2010-01-12 09:33 152944 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Common.dll
2010-01-12 09:33 . 2010-01-12 09:32 128384 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.Updater.exe
2010-01-12 09:32 . 2010-01-12 09:32 2356592 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.DriverDetective.Client.exe
2010-01-12 09:32 . 2010-01-12 09:32 745320 ----a-w- c:\documents and settings\All Users\Application Data\UAB\d2ee9d41-b445-47a9-89e4-b6a715dab900\DriversHQ.ThemePack.Default.dll
2010-01-06 13:07 . 2010-01-06 13:07 34304 ----a-r- c:\documents and settings\kate\Application Data\Microsoft\Installer\{AEEB3643-71DE-414d-9E3F-1159177FE211}\misc.exe.D0DF3458_A845_11D3_8D0A_0050046416B9.exe
2010-01-01 13:07 . 2010-01-01 13:07 152576 ----a-w- c:\documents and settings\kate\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-01 13:05 . 2010-01-01 13:05 79488 ----a-w- c:\documents and settings\kate\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-01 08:29 . 2008-07-01 17:41 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-26 01:50 . 2008-06-30 08:35 358944 ----a-w- c:\windows\vncutil.exe
2009-12-26 01:50 . 2008-06-30 08:35 129568 ----a-w- c:\windows\RtkAudioService.exe
2009-11-25 00:40 . 2008-06-30 08:35 838176 ----a-w- c:\windows\RtlExUpd.dll
2009-11-18 14:17 . 2008-06-30 08:35 1395800 ----a-w- c:\windows\system32\drivers\Monfilt.sys
2009-11-18 14:16 . 2008-06-30 08:35 1691480 ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2009-10-29 07:45 . 2004-08-03 22:56 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:38 . 2004-08-03 22:56 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2004-08-03 22:56 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2004-08-03 22:56 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2004-08-03 22:56 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2004-08-03 22:56 79872 ----a-w- c:\windows\system32\raschap.dll
2009-09-11 14:18 . 2004-08-03 22:56 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2004-08-03 22:56 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:00 . 2004-08-03 22:56 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 09:17 . 2004-08-03 22:56 354816 ----a-w- c:\windows\system32\winhttp.dll
2009-08-14 13:21 . 2004-08-03 21:17 1850624 ----a-w- c:\windows\system32\win32k.sys
2009-08-07 03:24 . 2008-07-01 17:40 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-07 03:24 . 2008-07-01 17:40 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-07 03:24 . 2008-07-01 17:40 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-07 03:24 . 2008-07-01 17:40 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-07 03:24 . 2004-08-03 22:56 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-07 03:23 . 2008-07-01 17:40 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-07 03:23 . 2008-07-01 17:40 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-03 22:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 15:13 . 2004-08-03 21:18 2145280 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2004-08-03 22:59 2023936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-07-31 18:05 . 2008-04-14 00:12 1372672 ------w- c:\windows\system32\msxml6.dll
2009-07-31 04:35 . 2004-08-03 22:56 1172480 ----a-w- c:\windows\system32\msxml3.dll
2009-07-29 04:37 . 2004-08-03 22:56 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:37 . 2001-08-23 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-17 19:01 . 2004-08-03 22:56 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22 . 2004-08-03 22:56 1435648 ----a-w- c:\windows\system32\query.dll
2009-07-12 20:21 . 2004-08-03 22:56 233472 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-25 18:36 . 2004-08-03 22:56 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:36 . 2004-08-03 22:56 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:36 . 2004-08-03 22:56 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:36 . 2004-08-03 22:56 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:36 . 2004-08-03 22:56 471552 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:36 . 2004-08-03 22:56 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:36 . 2004-08-03 22:56 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:36 . 2004-08-03 22:56 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:36 . 2004-08-03 22:56 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:36 . 2004-08-03 22:56 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:36 . 2004-08-03 22:56 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-25 18:36 . 2004-08-03 22:56 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 08:25 . 2004-08-03 22:56 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2004-08-03 22:56 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2004-08-03 22:56 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2004-08-03 22:56 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2004-08-03 22:56 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2004-08-03 20:59 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-22 11:48 . 2004-08-03 20:58 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-06-12 12:31 . 2004-08-03 22:56 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2004-08-03 22:56 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 17:19 . 2008-07-01 17:38 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 14:13 . 2004-08-03 22:56 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2004-08-03 22:56 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:09 . 2004-08-03 22:56 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-05-27 03:50 . 2010-01-10 15:47 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2009-05-07 15:32 . 2004-08-03 22:56 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-15 14:51 . 2004-08-03 22:56 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-10 09:01 . 2004-08-03 22:56 530280 ----a-w- c:\windows\system32\wmspdmod.dll
2009-03-08 12:34 . 2004-08-03 22:56 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 12:33 . 2004-08-03 22:56 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 12:33 . 2004-08-03 22:56 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-08 12:32 . 2004-08-03 22:56 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 12:32 . 2004-08-03 22:56 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 12:31 . 2004-08-03 22:56 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 12:31 . 2004-08-03 22:56 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 12:31 . 2004-08-03 22:56 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 12:22 . 2001-08-23 12:00 156160 ----a-w- c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2004-08-03 22:56 284160 ----a-w- c:\windows\system32\pdh.dll
2009-02-09 12:10 . 2008-07-01 17:38 453120 ----a-w- c:\windows\system32\wbem\wmiprvsd.dll
2009-02-09 12:10 . 2008-07-01 17:38 473600 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-02-09 12:10 . 2004-08-03 22:56 401408 ----a-w- c:\windows\system32\rpcss.dll
2009-02-09 12:10 . 2004-08-03 22:56 617472 ----a-w- c:\windows\system32\advapi32.dll
2009-02-09 12:10 . 2004-08-03 22:56 714752 ----a-w- c:\windows\system32\ntdll.dll
2009-02-06 11:11 . 2004-08-03 22:56 110592 ----a-w- c:\windows\system32\services.exe
2009-02-06 10:39 . 2001-08-23 12:00 35328 ----a-w- c:\windows\system32\sc.exe
2009-02-06 10:10 . 2008-07-01 17:38 227840 ----a-w- c:\windows\system32\wbem\wmiprvse.exe
2008-12-11 10:57 . 2004-08-03 21:14 333952 ----a-w- c:\windows\system32\drivers\srv.sys
2008-10-24 11:21 . 2004-08-03 21:15 455296 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 . 2004-08-03 22:56 286720 ----a-w- c:\windows\system32\gdi32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-11-19 1196936]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-11-19 01:40 1196936 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-11-19 1196936]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-11-19 1196936]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-27 3883856]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-01-01 2043160]
"VMSnap3"="c:\windows\VMSnap3.EXE" [2006-08-30 49152]
"Domino"="c:\windows\Domino.EXE" [2006-06-28 49152]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-01 149280]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"RTHDCPL"="RTHDCPL.EXE" [2007-11-23 16858112]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

c:\documents and settings\kate\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-12-16 503808]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-01-01 04:29 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [12/31/2009 9:20 PM 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/31/2009 9:20 PM 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12/31/2009 9:20 PM 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [12/31/2009 9:20 PM 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [12/31/2009 9:20 PM 297752]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [1/6/2010 4:59 AM 54752]
R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [1/9/2010 1:03 PM 428160]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [6/30/2008 1:35 AM 1691480]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 11:48 PM 704864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2008-06-30 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-11-19 01:40]

2008-06-30 c:\windows\Tasks\User_Feed_Synchronization-{C0ECAFC6-6EE8-4AB6-A74B-D1EC26237580}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 12:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com/?o=15446&l=dis
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\kate\Application Data\Mozilla\Firefox\Profiles\9zepu20g.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=15446&l=dis
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=BT5&o=15443&locale=en_US&q=
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
HKLM-Run-IgfxTray - c:\windows\system32\igfxtray.exe
HKLM-Run-HotKeysCmds - c:\windows\system32\hkcmd.exe
HKLM-Run-Persistence - c:\windows\system32\igfxpers.exe
HKLM-Run-BigDog303 - c:\windows\VM303_STI.EXE
HKU-Default-Run-Yahoo Messengger - c:\windows\system32\RVHOST.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-30 06:09
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
BigDog303 = c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)????????????????0?????????@??????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2580)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WgaTray.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\progra~1\AVG\AVG8\avgam.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\windows\system32\wdfmgr.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\RTHDCPL.EXE
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\Yahoo!\Messenger\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2008-06-30 06:14:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-30 13:14

Pre-Run: 24,864,075,776 bytes free
Post-Run: 25,555,894,272 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 3DF4F63F6914E0C5E1FA1B820BDF08BE
Back to Top
 

migi99
New Member


Date Joined Jan 2010
Total Posts : 10
 
   Posted 1/13/2010 8:19 PM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
thank u for helping me.. i can now log in to facebook..
Back to Top
 

Jintan
Senior Member




Date Joined Dec 2006
Total Posts : 1428
 
   Posted 1/18/2010 1:15 AM (GMT +3)    Quote: Cant log in to facebookAlert an admin about: Cant log in to facebook
Darn migi99, I am not quite sure how I missed that you had responded here. Good that ComboFix did make those corrections, but there would also still be some more malware to be removed. If you would still like to follow up now, please run and post back a new RSIT scan log and a new GMER scan log please.
Back to Top
 
New Topic Post reply to : Cant log in to facebook Printable version of : Cant log in to facebook
 
Forum Information
Currently it is Thursday, October 02, 2014 3:26 PM (GMT +3)
There are a total of 60,630 posts in 13,328 threads.
In the last 3 days there were 2 new threads and 2 reply posts. View Active Threads
Who's Online
This forum has 36455 registered members. Please welcome our newest member, empatbelass.
3 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Kitchen Shops Wakefield (0)10/2/2014 2:39:02 AM (empatbelass)
Bullguard antivirus offline (2)10/2/2014 2:07:56 AM (Sabuz Ahmed)