Topic: Green AV?
View Single Post
  #5  
Old September 2nd, 2009, 01:18 AM
jmterry jmterry is offline
Senior Member
  
Join Date: Jun 2004
Posts: 345
RSIT LOG (PART 2)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe:*isabled:Google Desktop"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{f2debeb3-24dd-11de-8574-0010c6f1beae}]
shell\AutoRun\command - F:\autorun.exe

======List of files/folders created in the last 1 months======
2009-09-01 19:56:09 ----D---- C:\rsit
2009-09-01 19:27:58 ----D---- C:\Documents and Settings\latitude\Application Data\Malwarebytes
2009-09-01 19:27:52 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-09-01 19:27:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-29 20:29:56 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-08-29 19:02:35 ----HDC---- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-29 19:02:06 ----D---- C:\Program Files\Lavasoft
2009-08-29 17:51:02 ----D---- C:\Documents and Settings\All Users\Application Data\gra
2009-08-26 03:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-08-23 09:02:23 ----A---- C:\WINDOWS\wininit.ini
2009-08-21 23:05:56 ----D---- C:\Program Files\Audacity 1.3 Beta (Unicode)
2009-08-15 17:05:35 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-08-14 06:30:14 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-14 06:28:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-14 06:28:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-14 06:28:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-14 06:27:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-14 06:27:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-14 06:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-14 06:26:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-13 06:13:45 ----D---- C:\0a4e28f38f8974e08d888b
2009-08-13 06:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-13 06:12:57 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-08-05 22:22:34 ----D---- C:\WINDOWS\system32\Adobe
2009-08-05 22:19:40 ----A---- C:\WINDOWS\IsUninst.exe
2009-08-02 19:54:50 ----D---- C:\Program Files\Roxio
2009-08-02 19:54:50 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-08-02 17:34:50 ----D---- C:\Program Files\QuickTime
======List of files/folders modified in the last 1 months======
2009-09-01 19:55:22 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-01 19:55:16 ----SD---- C:\WINDOWS\Tasks
2009-09-01 19:55:09 ----D---- C:\WINDOWS\Temp
2009-09-01 19:54:21 ----D---- C:\WINDOWS\system32\drivers
2009-09-01 19:54:21 ----D---- C:\WINDOWS
2009-09-01 19:53:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-01 19:27:51 ----RD---- C:\Program Files
2009-09-01 19:27:25 ----D---- C:\WINDOWS\Prefetch
2009-08-30 19:02:37 ----D---- C:\Documents and Settings\latitude\Application Data\dvdcss
2009-08-29 20:29:56 ----D---- C:\WINDOWS\system32
2009-08-29 19:16:58 ----HD---- C:\WINDOWS\inf
2009-08-29 19:16:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-08-29 19:02:35 ----SHD---- C:\WINDOWS\Installer
2009-08-29 19:01:47 ----D---- C:\WINDOWS\WinSxS
2009-08-29 18:42:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-23 09:01:52 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-08-23 09:01:47 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-23 01:09:24 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-08-23 01:08:11 ----D---- C:\Program Files\Common Files\AOL
2009-08-22 13:41:45 ----SD---- C:\Documents and Settings\latitude\Application Data\Microsoft
2009-08-20 18:07:01 ----HD---- C:\$AVG8.VAULT$
2009-08-19 15:09:04 ----RSD---- C:\WINDOWS\Fonts
2009-08-16 19:46:15 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-08-16 19:45:31 ----D---- C:\Program Files\Google
2009-08-15 17:07:57 ----D---- C:\Documents and Settings\latitude\Application Data\Google
2009-08-14 06:30:22 ----A---- C:\WINDOWS\imsins.BAK
2009-08-14 06:30:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-14 06:28:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-14 06:27:44 ----D---- C:\Program Files\Outlook Express
2009-08-09 13:35:44 ----A---- C:\WINDOWS\system.ini
2009-08-05 22:23:38 ----D---- C:\Documents and Settings\latitude\Application Data\Adobe
2009-08-05 22:22:12 ----D---- C:\Program Files\Common Files\Adobe
2009-08-05 22:21:09 ----D---- C:\Program Files\Adobe
2009-08-05 05:01:48 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-02 19:58:35 ----D---- C:\Documents and Settings\latitude\Application Data\InstallShield
2009-08-02 19:57:34 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-08-02 19:54:53 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-08-02 19:54:50 ----D---- C:\Program Files\Common Files
2009-08-02 19:41:48 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-08-02 19:40:39 ----D---- C:\Program Files\Common Files\Research In Motion
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-23 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-23 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-10 108552]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-13 604928]
R3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 GTIPCI21;GTIPCI21; C:\WINDOWS\system32\DRIVERS\gtipci21.sys [2006-04-06 88192]
R3 HidBth;Microsoft Bluetooth HID Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-13 25600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS [2005-05-03 1033728]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-05-03 208384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-09-15 1173468]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2005-03-10 273168]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-03 705408]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-07-07 1132544]
S3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-08-23 121472]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 RimUsb;BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys []
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-05 36864]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w29n51;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-23 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-23 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
Reply With Quote