ComboFix 07-09-09.4 - "richard" 2007-09-09 15:33:15.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.512 [GMT 1:00] * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368 C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\503_button_1b_def.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\503_button_1b_over.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\512_button_1b_def.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\512_button_1b_over.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\513_button_1b_def.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\513_button_1b_over.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\Button_60.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\Button_70.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\Button_80.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\FindIt.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\FindItHot.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\findithotxp.png C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\finditxp.png C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\logo.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\buttons\logoxp.bmp C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\contexts\error.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\contexts\Related.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\contexts\Travel.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\SimpleUpdate\ProductMessagingConfig.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\SimpleUpdate\ProductMessagingConfig.xml.backup C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\SimpleUpdate\SimpleUpdateConfig.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\SimpleUpdate\SimpleUpdateConfig.xml.backup C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\SimpleUpdate\TimerManagerConfig.xml C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware368\SimpleUpdate\TimerManagerConfig.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368 C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\BrowserSearch\BrowserSearch.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\BrowserSearch\BrowserSearch.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Button_6\Button_6Options.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Button_6\Button_6Options.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Button_7\Button_7Options.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Button_7\Button_7Options.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Button_8\Button_8Options.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Button_8\Button_8Options.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Configurator\Configurator.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Configurator\Configurator.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Download\DownloadOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Download\DownloadOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\ErrorSearch\ErrorSearchOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\ErrorSearch\ErrorSearchOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Layouts\ToolbarLayout.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Layouts\ToolbarLayout.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Lyrics\LyricsOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Lyrics\LyricsOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Manager\ManagerOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Manager\ManagerOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Music_Search\Music_SearchOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Music_Search\Music_SearchOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Radio_UK\Radio_UKOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Radio_UK\Radio_UKOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\RelatedSearch\RelatedSearchOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\RelatedSearch\RelatedSearchOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Toolbar\TBProductsOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\Toolbar\TBProductsOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\ToolbarLogo\ToolbarLogoOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\ToolbarLogo\ToolbarLogoOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\ToolbarSearch\ToolbarSearchOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\ToolbarSearch\ToolbarSearchOptions.xml.backup C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\TravelSearch\TravelSearchOptions.xml C:\DOCUME~1\HP_Owner\APPLIC~1\Starware368\TravelSearch\TravelSearchOptions.xml.backup C:\DOCUME~1\HP_Owner\Desktop\Error Cleaner.url C:\DOCUME~1\HP_Owner\Desktop\Privacy Protector.url C:\DOCUME~1\HP_Owner\Desktop\Spyware&Malware Protection.url C:\DOCUME~1\leanne\APPLIC~1\Starware368 C:\DOCUME~1\leanne\APPLIC~1\Starware368\BrowserSearch\BrowserSearch.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\BrowserSearch\BrowserSearch.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Button_6\Button_6Options.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Button_6\Button_6Options.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Button_7\Button_7Options.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Button_7\Button_7Options.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Button_8\Button_8Options.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Button_8\Button_8Options.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Configurator\Configurator.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Configurator\Configurator.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Download\DownloadOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Download\DownloadOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\ErrorSearch\ErrorSearchOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\ErrorSearch\ErrorSearchOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Layouts\ToolbarLayout.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Layouts\ToolbarLayout.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Lyrics\LyricsOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Lyrics\LyricsOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Manager\ManagerOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Manager\ManagerOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Music_Search\Music_SearchOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Music_Search\Music_SearchOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Radio_UK\Radio_UKOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Radio_UK\Radio_UKOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\RelatedSearch\RelatedSearchOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\RelatedSearch\RelatedSearchOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\Toolbar\TBProductsOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\Toolbar\TBProductsOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\ToolbarLogo\ToolbarLogoOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\ToolbarLogo\ToolbarLogoOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\ToolbarSearch\ToolbarSearchOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\ToolbarSearch\ToolbarSearchOptions.xml.backup C:\DOCUME~1\leanne\APPLIC~1\Starware368\TravelSearch\TravelSearchOptions.xml C:\DOCUME~1\leanne\APPLIC~1\Starware368\TravelSearch\TravelSearchOptions.xml.backup C:\DOCUME~1\richard\FAVORI~1\Error Cleaner.url C:\DOCUME~1\richard\FAVORI~1\Privacy Protector.url C:\DOCUME~1\richard\FAVORI~1\Spyware&Malware Protection.url C:\Program Files\VideoAccessCodec C:\Program Files\VideoAccessCodec\install.ico C:\Program Files\VideoAccessCodec\Uninstall.exe C:\WINDOWS\dat.txt C:\WINDOWS\msmdev.dll C:\WINDOWS\msmhost.dll C:\WINDOWS\rs.txt C:\WINDOWS\system32\_000003_.tmp.dll C:\WINDOWS\system32\_000006_.tmp.dll C:\WINDOWS\system32\_000007_.tmp.dll C:\WINDOWS\system32\_000008_.tmp.dll C:\WINDOWS\system32\_000011_.tmp.dll C:\WINDOWS\system32\_000012_.tmp.dll C:\WINDOWS\system32\_000013_.tmp.dll C:\WINDOWS\system32\_000014_.tmp.dll D:\Autorun.inf ((((((((((((((((((((((((( Files Created from 2007-08-09 to 2007-09-09 ))))))))))))))))))))))))))))))) . 2007-09-09 15:32 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-08 19:38 d-------- C:\Program Files\Lavasoft 2007-09-08 19:38 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft 2007-09-08 19:36 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-09-08 17:29 95,608 --a------ C:\WINDOWS\system32\AVASTSS.scr 2007-09-08 17:29 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-09-08 17:29 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-09-08 17:29 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-09-08 17:29 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-09-08 17:29 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-09-08 17:29 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-09-08 17:29 d-------- C:\Program Files\Alwil Software 2007-09-08 15:28 d-------- C:\DOCUME~1\mine\APPLIC~1\Google 2007-09-08 15:13 70,688 --a------ C:\WINDOWS\system32\drivers\alcaudsl.sys 2007-09-08 15:13 53,600 --a------ C:\WINDOWS\system32\drivers\alcan5wn.sys 2007-09-08 15:13 5,606 --a------ C:\WINDOWS\system32\stci.dll 2007-09-08 15:13 5,280 --a------ C:\WINDOWS\system32\drivers\alcawh.sys 2007-09-08 15:13 3,968 --a------ C:\WINDOWS\system32\drivers\alcacr.sys 2007-09-08 15:13 d-------- C:\Program Files\Thomson 2007-09-08 15:02 d-------- C:\Program Files\XoftSpySE 2007-09-08 14:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll 2007-09-08 14:50 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2007-09-08 14:50 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll 2007-09-08 14:50 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll 2007-09-08 14:50 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2007-09-08 14:43 d-------- C:\Program Files\Trend Micro 2007-09-07 22:11 d-------- C:\DOCUME~1\mine\APPLIC~1\Yahoo! 2007-09-07 22:10 d-------- C:\DOCUME~1\mine\WINDOWS 2007-09-07 22:10 d-------- C:\DOCUME~1\mine\APPLIC~1\Real 2007-09-07 21:18 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll 2007-09-07 21:17 14,956,440 --a------ C:\sdsetup.exe 2007-09-07 18:02 d-------- C:\DOCUME~1\richard\APPLIC~1\WinBatch 2007-09-07 17:07 d-------- C:\DOCUME~1\richard\APPLIC~1\HPQ 2007-09-07 16:53 d-------- C:\DOCUME~1\leanne\APPLIC~1\HPQ 2007-09-06 22:27 d-------- C:\DOCUME~1\richard\APPLIC~1\HP 2007-09-06 21:43 d-------- C:\DOCUME~1\richard\APPLIC~1\Google 2007-09-06 21:42 d-------- C:\DOCUME~1\richard\APPLIC~1\Yahoo! 2007-09-06 21:39 d-------- C:\DOCUME~1\richard\WINDOWS 2007-09-06 21:39 d-------- C:\DOCUME~1\richard\APPLIC~1\Real 2007-09-03 13:15 d-------- C:\DOCUME~1\leanne\APPLIC~1\Motive 2007-09-01 07:42 d-------- C:\temp 2007-08-26 12:46 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS 2007-08-26 12:46 7,552 --a------ C:\WINDOWS\system32\dllcache\sonypvu1.sys 2007-08-24 17:44 22,112 -ra------ C:\WINDOWS\system32\drivers\COH_Mon.sys 2007-08-23 19:04 48,776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL 2007-08-23 19:04 115,000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2007-08-23 18:57 0 --a------ C:\WINDOWS\system32\SBRC.dat 2007-08-23 18:57 0 --a------ C:\WINDOWS\system32\SBFC.dat 2007-08-22 10:34 d-------- C:\DOCUME~1\leanne\APPLIC~1\CyberLink 2007-08-11 17:21 d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\WinRAR . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-09 13:21 --------- d-------- C:\Program Files\Common Files\Symantec Shared 2007-09-08 17:18 --------- d-------- C:\Program Files\Symantec 2007-09-08 17:17 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec 2007-09-08 15:13 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-08 11:27 --------- d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2007-08-24 08:23 --------- d-------- C:\DOCUME~1\leanne\APPLIC~1\Yahoo! 2007-08-23 20:36 --------- d-------- C:\Program Files\CyberLink 2007-08-23 19:21 --------- d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\Yahoo! 2007-08-23 19:06 806 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF 2007-08-23 19:06 8014 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2007-08-23 19:02 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\yahoo! 2007-08-16 20:24 --------- d-------- C:\Program Files\CyberLink DVD Solution 2007-08-14 20:36 --------- d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\CyberLink 2007-08-08 22:35 --------- d-------- C:\Program Files\NCH Swift Sound 2007-08-07 21:22 --------- d-------- C:\Program Files\BearShare Applications 2007-08-07 20:11 --------- d-------- C:\Program Files\Philips 2007-08-07 20:11 --------- d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\InstallShield 2007-08-07 13:58 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys 2007-08-07 13:56 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys 2007-08-04 19:27 --------- d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\InterTrust 2007-08-04 18:55 --------- d-------- C:\Program Files\Common Files\Ahead 2007-08-04 18:55 --------- d-------- C:\Program Files\Ahead 2007-08-04 18:54 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink 2007-08-02 21:44 --------- d-------- C:\Program Files\iWin.com 2007-08-02 21:43 --------- d-------- C:\Program Files\Google 2007-07-31 22:34 --------- d-------- C:\Program Files\BT Auto Backup 2007-07-31 08:54 --------- d-------- C:\DOCUME~1\leanne\APPLIC~1\LimeWire 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll 2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-30 07:17 --------- d-------- C:\DOCUME~1\leanne\APPLIC~1\iWin 2007-07-29 20:52 --------- d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\iWin 2007-07-29 20:18 --------- d-------- C:\DOCUME~1\leanne\APPLIC~1\WinBatch 2007-07-28 19:34 --------- d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\NCH Swift Sound 2007-07-28 19:33 --------- d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\WinBatch 2007-07-28 19:32 --------- d-------- C:\Program Files\HP 2007-07-28 19:32 --------- d-------- C:\Program Files\Hewlett-Packard 2007-07-27 09:46 --------- d-------- C:\DOCUME~1\leanne\APPLIC~1\RecordPad 2007-07-27 09:46 --------- d-------- C:\DOCUME~1\leanne\APPLIC~1\NCH Swift Sound 2007-07-26 21:39 --------- d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\RecordPad 2007-07-26 21:39 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\NCH Swift Sound 2007-07-22 08:15 --------- d-------- C:\DOCUME~1\HP_Owner\APPLIC~1\LimeWire 2007-07-19 07:59 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll 2007-07-16 20:54 --------- d-------- C:\DOCUME~1\leanne\APPLIC~1\HP 2007-07-13 00:31 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll 2007-07-11 14:37 6272 --a------ C:\WINDOWS\system32\drivers\AWRTPD.sys 2007-06-27 15:34 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-27 15:34 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll 2007-06-27 15:34 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll 2007-06-27 15:34 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2007-06-27 15:34 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll 2007-06-27 15:34 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll 2007-06-27 15:34 44544 --a------ C:\WINDOWS\system32\dllcache\iernonce.dll 2007-06-27 15:34 384512 --a------ C:\WINDOWS\system32\dllcache\iedkcs32.dll 2007-06-27 15:34 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2007-06-27 15:34 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll 2007-06-27 15:34 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll 2007-06-27 15:34 232960 --a------ C:\WINDOWS\system32\dllcache\webcheck.dll 2007-06-27 15:34 230400 --a------ C:\WINDOWS\system32\dllcache\ieaksie.dll 2007-06-27 15:34 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll 2007-06-27 15:34 153088 --a------ C:\WINDOWS\system32\dllcache\ieakeng.dll 2007-06-27 15:34 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll 2007-06-27 15:34 124928 --a------ C:\WINDOWS\system32\dllcache\advpack.dll 2007-06-27 15:34 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll 2007-06-27 15:34 105984 --a------ C:\WINDOWS\system32\dllcache\url.dll 2007-06-27 15:34 102400 --a------ C:\WINDOWS\system32\dllcache\occache.dll 2007-06-27 09:27 63488 --a------ C:\WINDOWS\system32\dllcache\ie4uinit.exe 2007-06-27 09:27 625152 --a------ C:\WINDOWS\system32\dllcache\iexplore.exe 2007-06-27 09:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe 2007-06-27 08:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll 2007-06-26 22:10 317440 --a------ C:\WINDOWS\system32\dllcache\unregmp2.exe 2007-06-26 21:21 557056 --a------ C:\DOCUME~1\HP_Owner\GoToAssist_phone__319_en.exe 2007-06-26 07:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 07:08 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll 2007-06-25 22:02 92160 --a------ C:\WINDOWS\system32\ezUninst.exe 2007-06-25 22:02 85504 --a------ C:\WINDOWS\system32\ezShellStart.exe 2007-06-25 22:02 49152 --a------ C:\WINDOWS\system32\ezUPBHook.dll 2007-06-25 22:02 33792 --a------ C:\WINDOWS\system32\ezntsvc.exe 2007-06-25 22:02 241664 --a------ C:\WINDOWS\system32\ezSetup.exe 2007-06-25 22:02 15360 --a------ C:\WINDOWS\system32\ezMAPIHelper.exe 2007-06-24 15:45 1386496 --a------ C:\WINDOWS\system32\msvbvm60.dll 2007-06-19 14:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll 2007-06-19 14:31 282112 --a------ C:\WINDOWS\system32\dllcache\gdi32.dll 2007-06-13 11:23 1033216 --a------ C:\WINDOWS\system32\dllcache\explorer.exe 2007-06-13 11:23 1033216 --a------ C:\WINDOWS\explorer.exe 2007-06-11 23:51 10834944 --a------ C:\WINDOWS\system32\dllcache\wmp.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [2007-06-26 13:48] "YBrowser"="C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 16:19] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20] "RTHDCPL"="RTHDCPL.EXE" [2006-03-08 05:54 C:\WINDOWS\RTHDCPL.EXE] "Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-13 19:23] "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 15:14] "PCDrProfiler"="" [] "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44] "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 00:35] "HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 15:34] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-12-15 11:18] "ftutil2"="ftutil2.dll" [2004-06-07 15:05 C:\WINDOWS\system32\ftutil2.dll] "btbb_wcm_McciTrayApp"="C:\Program Files\btbb_wcm\McciTrayApp.exe" [2006-12-07 07:59] "btbb_McciTrayApp"="C:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe" [2007-05-23 12:52] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-08 15:25] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50] "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 06:59] "osCheck"="C:\PROGRA~1\Symantec\osCheck.exe" [2007-01-14 08:11] "SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-31 14:35] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-06-30 08:59] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-12 21:12] "Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-07-16 15:17] C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26] S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" *Newly Created Service* - COMHOST . Contents of the 'Scheduled Tasks' folder "2007-09-09 12:19:14 C:\WINDOWS\Tasks\MP Scheduled Scan.job" - C:\Program Files\Windows Defender\MpCmdRun.exe "2007-09-08 19:00:00 C:\WINDOWS\Tasks\Norton Security Online - Run Full System Scan - HP_Owner.job" - C:\PROGRA~1\Symantec\Norton AntiVirus\Navw32.exe "2007-09-08 15:05:22 C:\WINDOWS\Tasks\Norton Security Online - Run Full System Scan - leanne.job" "2007-09-08 13:02:43 C:\WINDOWS\Tasks\Norton Security Online - Run Full System Scan - richard.job" - C:\PROGRA~1\Symantec\Norton AntiVirus\Navw32.exe "2007-09-09 14:36:38 C:\WINDOWS\Tasks\XoftSpySE 2.job" - C:\Program Files\XoftSpySE\XoftSpy.exe "2007-09-08 14:02:54 C:\WINDOWS\Tasks\XoftSpySE.job" - C:\Program Files\XoftSpySE\XoftSpy.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-09 15:36:59 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-09-09 15:38:47 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-09 15:38 . --- E O F ---