1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Ok, I messed up big-time

Discussion in 'Malware and Virus Removal Archive' started by ktccd, 2009/10/03.

  1. 2009/10/03
    ktccd

    ktccd Inactive Thread Starter

    Joined:
    2009/10/03
    Messages:
    3
    Likes Received:
    0
    [Resolved] Ok, I messed up big-time

    I made my first mistake while browsing today. I was frustrated for various reasons and accepted a download without reading it properly.
    It was for a flashplayer or something like that (sorry, I don't know the english word perhaps, a video player in the browser at least) and it said I needed to download the latest one.

    I already had the latest one.
    But that's all just excuses.

    in before "FAIL! ":
    I am F****** in despair now, I never got this before and have no idea how to fix it.

    First I got an error saying something about rundll error (and system32, I don't remember it exactly) and I knew, "**** I just failed here" and virus scanned with AVG.
    It removed some cookies I didn't know I had, and then I thought I was fine and restarted (while scanning these errors popped up, at least six of them total).

    Now, I started playing Garrys mod, and suddenly everything minimized.
    Nothing else.
    PLayed again, and soon it minimized and opened IE to a site called Trivia.com.
    I never use IE.

    It seems to open random sites when I have not done much in a while, except playing games.

    So, AVG failed me. I downloaded spybot-S&D and I don't even know how to use it, but I'm running it's search and destroy right now.


    This is really making me nervous. I never got a virus I couldn't easily get rid of before... :eek:

    EDIT: ok, I missed the sticky and have now downloaded dds. This is newb-**** I know but: What is a script blocking tool and how do I disble it so I can post the logs?
     
    Last edited: 2009/10/04
    ktccd,
    #1
  2. 2009/10/03
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Disable Spybot and Windows Defender, if you use it and you'll be fine to run DDS.
     
    broni,
    #2


  3. to hide this advert.

  4. 2009/10/04
    ktccd

    ktccd Inactive Thread Starter

    Joined:
    2009/10/03
    Messages:
    3
    Likes Received:
    0
    DDS (Ver_09-09-29.01) - NTFSx86
    Run by Ktccd at 9:47:24,29 on 2009-10-04
    Internet Explorer: 7.0.6002.18005
    Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.46.1033.18.3066.1776 [GMT 2:00]

    SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\agrsmsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
    C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\PROGRA~1\AVG\AVG8\avgemc.exe
    C:\Program Files\AVG\AVG8\avgcsrvx.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
    C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Windows\PLFSetI.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Launch Manager\LManager.exe
    C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
    C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
    C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
    C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
    C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
    C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
    C:\Program Files\AVG\AVG8\avgtray.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Users\Ktccd\AppData\Local\Temp\RtkBtMnt.exe
    C:\Program Files\Apoint2K\HidFind.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\Steam\SteamService.exe
    C:\Users\Ktccd\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Ktccd\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\conime.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Users\Ktccd\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&s=2&o=vp32&d=0709&m=aspire_5738
    uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&s=2&o=vp32&d=0709&m=aspire_5738
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&s=2&o=vp32&d=0709&m=aspire_5738
    uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
    uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    uURLSearchHooks: H - No File
    BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
    TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
    uRun: [ProductReg] "c:\program files\acer\wr_popup\ProductReg.exe "
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe "
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTProAgent.exe" -autorun
    uRun: [Google Update] "c:\users\ktccd\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe
    uRun: [Steam] "c:\program files\steam\steam.exe" -silent
    uRun: [PopRock] c:\users\ktccd\appdata\local\temp\b.exe
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [ArcadeDeluxeAgent] "c:\program files\acer arcade deluxe\acer arcade deluxe\ArcadeDeluxeAgent.exe "
    mRun: [CLMLServer] "c:\program files\acer arcade deluxe\acer arcade deluxe\kernel\clml\CLMLSvc.exe "
    mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
    mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
    mRun: [PLFSetI] c:\windows\PLFSetI.exe
    mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
    mRun: [LManager] c:\program files\launch manager\LManager.exe
    mRun: [BackupManagerTray] "c:\program files\newtech infosystems\acer backup manager\BackupManagerTray.exe" -k
    mRun: [Acer ePower Management] c:\program files\acer\acer powersmart manager\ePowerTrayLauncher.exe
    mRun: [EgisTecLiveUpdate] "c:\program files\egistec egis software update\EgisUpdate.exe "
    mRun: [mwlDaemon] c:\program files\egistec\mywinlocker 3\x86\mwlDaemon.exe
    mRun: [PlayMovie] "c:\program files\acer arcade deluxe\playmovie\PMVService.exe "
    mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
    mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe "
    mRun: [<NO NAME>]
    mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe "
    mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
    mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    StartupFolder: c:\users\ktccd\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
    AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL,avgrsstx.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\ktccd\appdata\roaming\mozilla\firefox\profiles\hzh7vxxf.default\
    FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
    FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
    FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
    FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
    FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
    FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\ktccd\appdata\local\google\update\1.2.183.7\npGoogleOneClick8.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\all.js - pref( "browser.visited_color ", "#551A8B ");
    c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref( "browser.fixup.alternate.suffix ", ".se ");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref( "browser.videoFeeds.handler ", "ask ");

    ============= SERVICES / DRIVERS ===============

    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-9-8 335240]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-9-8 108552]
    R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-9-8 908056]
    R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-9-8 297752]
    R2 CLHNService;CLHNService;c:\program files\acer arcade deluxe\homemedia\kernel\dmp\CLHNService.exe [2009-2-13 75048]
    R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer powersmart manager\ePowerSvc.exe [2009-7-9 703008]
    R2 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2008-10-9 19504]
    R2 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2008-10-9 16432]
    R2 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2008-10-9 59952]
    R2 MWLService;MyWinLocker Service;c:\program files\egistec\mywinlocker 3\x86\MWLService.exe [2008-10-27 306736]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\newtech infosystems\acer backup manager\IScheduleSvc.exe [2009-4-11 61184]
    R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-9-24 144632]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-10-4 1153368]
    R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2008-9-4 223232]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-5-11 64544]
    S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-21 179712]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-7-9 29472]
    S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-7-9 30192]
    S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-9-24 50424]
    S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-21 16896]

    =============== Created Last 30 ================

    2009-10-04 02:02 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
    2009-10-04 02:02 <DIR> --d----- c:\program files\Spybot - Search & Destroy
    2009-10-04 02:02 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
    2009-10-03 16:32 158,720 a------- c:\windows\msa.exe
    2009-09-18 23:41 <DIR> --d----- c:\windows\system32\eu-ES
    2009-09-18 23:41 <DIR> --d----- c:\windows\system32\ca-ES
    2009-09-18 23:41 <DIR> --d----- c:\windows\system32\vi-VN
    2009-09-18 21:15 <DIR> --d----- c:\windows\system32\EventProviders
    2009-09-17 09:43 93,696 a------- c:\windows\system32\eappgnui.dll
    2009-09-15 10:03 49,536 a------- c:\windows\system32\drivers\tiehdusb.sys
    2009-09-15 10:03 21,456 a------- c:\windows\system32\drivers\SilvrLnk.sys
    2009-09-15 10:02 <DIR> --d----- c:\program files\TI Education
    2009-09-15 10:02 <DIR> --d----- c:\program files\common files\TI Shared
    2009-09-09 20:09 <DIR> --d-h--- C:\$AVG8.VAULT$
    2009-09-08 14:48 <DIR> --d----- C:\NVIDIA
    2009-09-08 13:44 11,952 a------- c:\windows\system32\avgrsstx.dll
    2009-09-08 13:43 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
    2009-09-08 13:43 <DIR> --d----- c:\windows\system32\drivers\Avg
    2009-09-08 13:43 <DIR> --d----- c:\programdata\AVG Security Toolbar
    2009-09-08 13:43 <DIR> --d----- c:\progra~2\AVG Security Toolbar
    2009-09-08 13:43 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
    2009-09-08 13:43 <DIR> --d----- c:\program files\AVG
    2009-09-08 13:43 <DIR> --d----- c:\programdata\avg8
    2009-09-08 13:43 <DIR> --d----- c:\progra~2\avg8
    2009-09-08 13:41 <DIR> --d----- c:\users\ktccd\appdata\roaming\AVG8
    2009-09-08 09:44 <DIR> --d----- c:\programdata\Sony
    2009-09-08 09:44 <DIR> --d----- c:\program files\Sony
    2009-09-07 14:52 <DIR> --d----- c:\users\ktccd\appdata\roaming\.purple
    2009-09-07 14:46 <DIR> --d----- c:\program files\Pidgin
    2009-09-07 14:46 <DIR> --d----- c:\program files\common files\GTK

    ==================== Find3M ====================

    2009-10-04 09:40 93,883 a------- c:\programdata\nvModes.dat
    2009-10-04 09:40 93,883 a------- c:\progra~2\nvModes.dat
    2009-09-18 23:49 143,360 a------- c:\windows\inf\infstrng.dat
    2009-09-18 23:49 86,016 a------- c:\windows\inf\infstor.dat
    2009-09-18 23:49 51,200 a------- c:\windows\inf\infpub.dat
    2009-09-18 23:41 665,600 a------- c:\windows\inf\drvindex.dat
    2009-08-29 04:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
    2009-08-29 04:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
    2009-08-29 04:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
    2009-08-29 04:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
    2009-08-29 02:27 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
    2009-08-29 02:14 28,672 a------- c:\windows\system32\Apphlpdm.dll
    2009-08-21 13:17 485,920 a------- c:\windows\system32\nvuninst.exe
    2009-08-19 13:35 10,420,224 a------- c:\windows\system32\nvoglv32.dll
    2009-08-19 13:35 9,787,488 a------- c:\windows\system32\drivers\nvlddmkm.sys
    2009-08-19 13:35 7,660,544 a------- c:\windows\system32\nvd3dum.dll
    2009-08-19 13:35 3,197,952 a------- c:\windows\system32\nvwgf2um.dll
    2009-08-19 13:35 1,740,800 a------- c:\windows\system32\nvcuda.dll
    2009-08-19 13:35 1,317,408 a------- c:\windows\system32\nvcuvenc.dll
    2009-08-19 13:35 991,744 a------- c:\windows\system32\nvapi.dll
    2009-08-19 13:35 678,432 a------- c:\windows\system32\nvcuvid.dll
    2009-08-19 13:35 485,920 a------- c:\windows\system32\nvudisp.exe
    2009-08-19 13:35 155,648 a------- c:\windows\system32\nvcod163.dll
    2009-08-19 13:35 155,648 a------- c:\windows\system32\nvcod.dll
    2009-08-19 13:35 4,224 a------- c:\windows\system32\drivers\nvBridge.kmd
    2009-08-14 18:27 904,776 a------- c:\windows\system32\drivers\tcpip.sys
    2009-08-14 17:53 17,920 a------- c:\windows\system32\netevent.dll
    2009-08-14 15:49 9,728 a------- c:\windows\system32\TCPSVCS.EXE
    2009-08-14 15:49 17,920 a------- c:\windows\system32\ROUTE.EXE
    2009-08-14 15:49 11,264 a------- c:\windows\system32\MRINFO.EXE
    2009-08-14 15:49 27,136 a------- c:\windows\system32\NETSTAT.EXE
    2009-08-14 15:49 19,968 a------- c:\windows\system32\ARP.EXE
    2009-08-14 15:49 8,704 a------- c:\windows\system32\HOSTNAME.EXE
    2009-08-14 15:49 10,240 a------- c:\windows\system32\finger.exe
    2009-08-14 15:48 30,720 a------- c:\windows\system32\drivers\tcpipreg.sys
    2009-08-14 15:48 105,984 a------- c:\windows\system32\netiohlp.dll
    2009-08-08 05:45 73,312 a------- c:\windows\system32\drivers\adfs.sys
    2009-07-18 18:01 78,336 a------- c:\windows\system32\ieencode.dll
    2009-07-18 13:35 828,416 a------- c:\windows\system32\wininet.dll
    2009-07-17 15:54 71,680 a------- c:\windows\system32\atl.dll
    2009-07-15 14:40 8,147,456 a------- c:\windows\system32\wmploc.DLL
    2009-07-15 14:39 313,344 a------- c:\windows\system32\wmpdxm.dll
    2009-07-15 14:39 4,096 a------- c:\windows\system32\dxmasf.dll
    2009-07-15 14:39 7,680 a------- c:\windows\system32\spwmp.dll
    2009-07-11 21:01 513,536 a------- c:\windows\system32\wlansvc.dll
    2009-07-11 21:01 302,592 a------- c:\windows\system32\wlansec.dll
    2009-07-11 21:01 293,376 a------- c:\windows\system32\wlanmsm.dll
    2009-07-11 21:01 65,024 a------- c:\windows\system32\wlanapi.dll
    2009-07-11 19:03 127,488 a------- c:\windows\system32\L2SecHC.dll
    2009-07-09 08:27 319,456 a------- c:\windows\DIFxAPI.dll
    2008-01-21 04:43 174 a--sh--- c:\program files\desktop.ini
    2006-11-02 14:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
    2006-11-02 14:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
    2006-11-02 14:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
    2006-11-02 14:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
    2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
    2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
    2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
    2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

    ============= FINISH: 9:47:52,05 ===============


    ok, and in attach it said not to post it unless you asked for it. Do you need me to do so?
    Also, I haven't used it in quite a while so I removed bit-torrent, I read somewhere here that it could cause some problems as well.
     
    ktccd,
    #3
  5. 2009/10/04
    ktccd

    ktccd Inactive Thread Starter

    Joined:
    2009/10/03
    Messages:
    3
    Likes Received:
    0
    Hmm, I think spybot S&D got it, I haven't noticed any weird things for a while now. I'll let this be resolved for now then ^^.
     
    ktccd,
    #4
  6. 2009/10/04
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Alrighty then :)
     
    broni,
    #5

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...