"legolas" - 2007-06-30 22:56:25 - ComboFix 07-06-27.7 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files\myglobalsearch C:\Program Files\myglobalsearch\bar\History\search ((((((((((((((((((((((((( Files Created from 2007-05-28 to 2007-06-30 ))))))))))))))))))))))))))))))) 2007-06-30 22:54 49,152 --a------ C:\WINDOWS\nircmd.exe 2007-06-28 19:54 118,842 -r------- C:\WINDOWS\bwUnin-6.3.2.116-4476822L.exe 2007-06-28 12:19 d-------- C:\DOCUME~1\legolas\DANEAP~1\Talkback 2007-06-27 16:07 d-------- C:\Program Files\BearShare 2007-06-10 23:17 d-------- C:\Program Files\BitComet 2007-06-03 14:28 d-------- C:\Program Files\Skype 2007-06-03 14:28 d-------- C:\Program Files\Common Files\Skype 2007-06-03 14:28 d-------- C:\DOCUME~1\legolas\DANEAP~1\Skype 2007-06-03 14:27 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Skype 2007-05-23 23:26 d-------- C:\Program Files\CachemanXP 2007-05-19 16:26 d-------- C:\Program Files\Real Alternative 2007-05-19 16:26 d-------- C:\Program Files\Media Player Classic 2007-05-19 16:26 d-------- C:\DOCUME~1\ALLUSE~1\DANEAP~1\Real 2007-05-16 22:10 d-------- C:\WINDOWS\system32\SoftwareDistribution 2007-05-16 22:08 466,200 --a------ C:\WINDOWS\system32\wuapi.dll 2007-05-16 22:08 41,240 --a------ C:\WINDOWS\system32\wups.dll 2007-05-16 22:08 195,352 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-05-16 22:08 175,384 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-05-16 22:08 173,536 --a------ C:\WINDOWS\system32\wuweb.dll 2007-05-16 22:08 128,280 --a------ C:\WINDOWS\system32\wucltui.dll 2007-05-16 22:08 d-------- C:\WINDOWS\SoftwareDistribution 2007-05-16 21:20 198,424 --a------ C:\WINDOWS\system32\iuengine.dll 2007-05-16 20:24 310,272 --a------ C:\WINDOWS\system32\winhttp.dll (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-30 20:36:18 -------- d-----w C:\Program Files\neostrada tp 2007-06-29 18:05:19 76,802 ----a-w C:\WINDOWS\system32\perfc015.dat 2007-06-29 18:05:19 454,226 ----a-w C:\WINDOWS\system32\perfh015.dat 2007-06-28 10:30:02 -------- d-----w C:\Program Files\FlashGet 2007-05-19 15:22:56 -------- d-----w C:\Program Files\SubEdit-Player 2007-05-16 20:08:51 -------- d--h--w C:\Program Files\WindowsUpdate 2007-05-12 19:47:49 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-04-26 19:13:31 4,096 ----a-w C:\WINDOWS\d3dx.dat ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 01:17] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7}=C:\PROGRA~1\FlashGet\jccatch.dll [2006-05-16 16:19] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15 04:23] {F156768E-81EF-470C-9057-481BA8380DBA}=C:\PROGRA~1\FlashGet\getflash.dll [2006-09-12 11:50] {FFFFFEF0-5B30-21D4-945D-000000000000}=C:\PROGRA~1\STARDO~1\SDIEInt.dll [2006-02-26 15:44] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"="cmicnfg.cpl" [] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 07:03] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 07:03] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 18:41] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 12:38] "WOOWATCH"="C:\PROGRA~1\NEOSTR~1\Watch.exe" [2004-08-23 14:49] "WOOTASKBARICON"="C:\PROGRA~1\NEOSTR~1\GestMaj.exe" [2004-10-14 16:55] "WheelMouse"="C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe" [2001-10-16 17:07] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-11-21 19:38] "F-Secure TNB"="C:\Program Files\F-Secure\TNB\TNBUtil.exe" [] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 04:23] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48] "F-Secure Manager"="C:\Program Files\F-Secure\Common\FSM32.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-10-26 19:29] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoLowDiskSpaceChecks"=1 (0x1) HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E} rundll32 iesetup.dll,IEAccessUserInst Contents of the 'Scheduled Tasks' folder 2007-06-28 14:03:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-30 22:56:47 Windows 5.1.2600 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-06-30 22:57:09 C:\ComboFix-quarantined-files.txt ... 2007-06-30 22:56 --- E O F ---