ComboFix 07-06-21.3 - C:\Documents and Settings\beckham\Desktop\ComboFix.exe
"beckham" - 2007-06-21 22:12:21 - Service Pack 2 NTFS
ADS removed - svchost.exe: deleted 68 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\msxml3a.dll
C:\WINDOWS\wr.txt
((((((((((((((((((((((((( Files Created from 2007-05-21 to 2007-06-21 )))))))))))))))))))))))))))))))
2007-06-21 22:11 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-21 19:35 997,888 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2007-06-21 19:35 981,504 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2007-06-21 19:35 892,416 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2007-06-21 19:35 816,264 --a------ C:\WINDOWS\system32\wmvdmod.dll
2007-06-21 19:35 81,408 --a------ C:\WINDOWS\system32\logagent.exe
2007-06-21 19:35 760,968 --a------ C:\WINDOWS\system32\wmsdmod.dll
2007-06-21 19:35 670,208 --a------ C:\WINDOWS\system32\wmadmoe.dll
2007-06-21 19:35 6,656 --a------ C:\WINDOWS\system32\laprxy.dll
2007-06-21 19:35 486,536 --a------ C:\WINDOWS\system32\wmspdmod.dll
2007-06-21 19:35 384,512 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2007-06-21 19:35 316,040 --a------ C:\WINDOWS\system32\mp43dmod.dll
2007-06-21 19:35 241,664 --a------ C:\WINDOWS\system32\qasf.dll
2007-06-21 19:35 241,664 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2007-06-21 19:35 143,360 --a------ C:\WINDOWS\system32\wmidx.dll
2007-06-21 19:35 1,111,040 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2007-06-21 19:35 <DIR> d-------- C:\Program Files\Common Files\Nero
2007-06-21 19:34 82,432 --a------ C:\WINDOWS\system32\drmstor.dll
2007-06-21 19:34 678,912 --a------ C:\WINDOWS\system32\drmv2clt.dll
2007-06-21 19:34 301,712 --a------ C:\WINDOWS\system32\drmclien.dll
2007-06-21 19:34 253,952 --a------ C:\WINDOWS\system32\msnetobj.dll
2007-06-21 19:34 232,960 --a------ C:\WINDOWS\system32\blackbox.dll
2007-06-21 19:33 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2007-06-21 19:33 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2007-06-21 19:33 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2007-06-21 19:33 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2007-06-21 19:33 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-06-21 19:33 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2007-06-21 19:33 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-06-21 19:33 <DIR> d-------- C:\Program Files\Ahead
2007-06-21 16:07 2,829 --a------ C:\WINDOWS\War3Unin.pif
2007-06-21 16:07 14,949 --a------ C:\WINDOWS\War3Unin.dat
2007-06-21 16:07 126,976 --a------ C:\WINDOWS\War3Unin.exe
2007-06-21 11:45 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-06-20 21:31 <DIR> d-------- C:\Panda AV report
2007-06-20 20:25 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-06-20 19:19 <DIR> d-------- C:\DOCUME~1\sally\APPLIC~1\Lavasoft
2007-06-20 00:22 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-06-20 00:20 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-06-20 00:20 33,624 --a------ C:\WINDOWS\system32\wups.dll
2007-06-20 00:20 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-06-20 00:20 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-06-20 00:20 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-06-20 00:20 167,704 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-06-20 00:20 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-06-19 22:07 75,512 --a------ C:\WINDOWS\zllsputility.exe
2007-06-19 22:07 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-06-19 22:07 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-06-19 22:07 1,087,216 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-06-19 22:07 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-06-19 22:06 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-06-19 21:34 <DIR> d-------- C:\Download
2007-06-19 21:33 <DIR> d-------- C:\Program Files\Star Downloader
2007-06-19 21:28 <DIR> d-------- C:\Program Files\LeechGet 2007
2007-06-19 19:31 <DIR> d-------- C:\DOCUME~1\sally\Contacts
2007-06-19 19:30 786,432 --ah----- C:\DOCUME~1\sally\NTUSER.DAT
2007-06-19 19:30 <DIR> d-------- C:\DOCUME~1\sally\APPLIC~1\Webroot
2007-06-19 17:39 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2007-06-18 21:52 <DIR> d-------- C:\HijackThis
2007-06-18 20:48 <DIR> d---s---- C:\DOCUME~1\beckham\UserData
2007-06-18 14:43 <DIR> d-------- C:\Program Files\Kazaa
2007-06-17 17:32 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2007-06-17 17:28 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-06-17 17:28 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-06-17 17:26 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-06-17 12:09 <DIR> d-------- C:\DOCUME~1\beckham\APPLIC~1\AdobeUM
2007-06-17 10:43 <DIR> d-------- C:\DOCUME~1\beckham\APPLIC~1\SpamTest
2007-06-17 09:51 86,016 -ra------ C:\WINDOWS\system32\nvwrszht.dll
2007-06-17 09:51 86,016 -ra------ C:\WINDOWS\system32\nvwrszhc.dll
2007-06-17 09:51 835,654 -ra------ C:\WINDOWS\system32\nview.dll
2007-06-17 09:51 69,632 -ra------ C:\WINDOWS\system32\nvsvc32.exe
2007-06-17 09:51 512,000 -ra------ C:\WINDOWS\system32\nviewimg.dll
2007-06-17 09:51 49,152 -ra------ C:\WINDOWS\system32\nvmctray.dll
2007-06-17 09:51 467,016 -ra------ C:\WINDOWS\system32\nvshell.dll
2007-06-17 09:51 4,640,768 -ra------ C:\WINDOWS\system32\nvcpl.dll
2007-06-17 09:51 323,584 -ra------ C:\WINDOWS\system32\nwiz.exe
2007-06-17 09:51 3,764,224 -ra------ C:\WINDOWS\system32\nvoglnt.dll
2007-06-17 09:51 3,403,776 -ra------ C:\WINDOWS\system32\nvrsar.dll
2007-06-17 09:51 3,391,488 -ra------ C:\WINDOWS\system32\nvrshe.dll
2007-06-17 09:51 3,387,392 -ra------ C:\WINDOWS\system32\nvrsja.dll
2007-06-17 09:51 3,383,296 -ra------ C:\WINDOWS\system32\nvrsko.dll
2007-06-17 09:51 3,180,171 -ra------ C:\WINDOWS\system32\nv4_disp.dll
2007-06-17 09:51 286,806 -ra------ C:\WINDOWS\system32\keystone.exe
2007-06-17 09:51 282,624 -ra------ C:\WINDOWS\system32\nvrsesm.dll
2007-06-17 09:51 270,336 -ra------ C:\WINDOWS\system32\nvrsit.dll
2007-06-17 09:51 266,240 -ra------ C:\WINDOWS\system32\nvrsptb.dll
2007-06-17 09:51 266,240 -ra------ C:\WINDOWS\system32\nvrsfr.dll
2007-06-17 09:51 266,240 -ra------ C:\WINDOWS\system32\nvrsde.dll
2007-06-17 09:51 262,144 -ra------ C:\WINDOWS\system32\nvrstr.dll
2007-06-17 09:51 262,144 -ra------ C:\WINDOWS\system32\nvrsru.dll
2007-06-17 09:51 262,144 -ra------ C:\WINDOWS\system32\nvrsnl.dll
2007-06-17 09:51 258,048 -ra------ C:\WINDOWS\system32\nvrssv.dll
2007-06-17 09:51 258,048 -ra------ C:\WINDOWS\system32\nvrsno.dll
2007-06-17 09:51 258,048 -ra------ C:\WINDOWS\system32\nvrses.dll
2007-06-17 09:51 258,048 -ra------ C:\WINDOWS\system32\nvrseng.dll
2007-06-17 09:51 258,048 -ra------ C:\WINDOWS\system32\nvrsda.dll
2007-06-17 09:51 253,952 -ra------ C:\WINDOWS\system32\nvrssl.dll
2007-06-17 09:51 253,952 -ra------ C:\WINDOWS\system32\nvrsel.dll
2007-06-17 09:51 249,856 -ra------ C:\WINDOWS\system32\nvrspt.dll
2007-06-17 09:51 249,856 -ra------ C:\WINDOWS\system32\nvrsfi.dll
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-04-16 14:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 14:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 20:38]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{FFFFFEF0-5B30-21D4-945D-000000000000}=C:\PROGRA~1\STARDO~1\SDIEInt.dll [2006-02-26 14:44]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2006-08-03 20:02]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-06-16 11:56]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 01:02]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 17:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 03:41]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 20:29]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\WebrootSpySweeperService]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msvccc66]
svcchosst.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
"RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
"nwiz.exe" /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\staeck122]
"C:\Documents and Settings\nancy\2.exe"
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-06-21 22:14:51
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-21 22:16:52
C:\ComboFix-quarantined-files.txt ... 2007-06-21 22:16
--- E O F ---
P/S: Other than this trouble, my pc is free from viruses/spywares/malwares ?