ComboFix 07-08-07.6 - "Administrator" 2007-08-08 14:06:20.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.152 [GMT 1:00]
Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt
* Created a new restore point
((((((((((((((((((((((((( Files Created from 2007-07-08 to 2007-08-08 )))))))))))))))))))))))))))))))
2007-08-07 17:22 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-08-07 16:09 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-08-07 13:30 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2007-08-06 23:03 <DIR> d-------- C:\Program Files\worldTVRT
2007-08-06 18:35 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-05 21:18 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt
2007-08-05 17:06 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-02 22:50 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-08-02 22:50 <DIR> d-------- C:\DOCUME~1\ADMINI~1\.housecall6.6
2007-08-01 21:11 <DIR> d-------- C:\Program Files\SAGEM
2007-07-29 15:55 <DIR> d-------- C:\Program Files\Adobe(2)
2007-07-26 20:14 643,072 --a------ C:\DOCUME~1\LOCALS~1\ntuser.dat
2007-07-26 20:14 6,029,312 --a------ C:\DOCUME~1\ADMINI~1\ntuser.dat
2007-07-25 16:48 94,000 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys
2007-07-25 16:48 8,336 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys
2007-07-25 16:48 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys
2007-07-25 16:48 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys
2007-07-25 16:48 58,320 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys
2007-07-25 16:48 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys
2007-07-25 16:48 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys
2007-07-18 18:37 774,144 --a------ C:\Program Files\RngInterstitial.dll
2007-07-18 18:37 <DIR> d-------- C:\Program Files\Common Files\Real
2007-07-09 20:07 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-09 20:07 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-08 13:54 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-08-08 00:43 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\uTorrent
2007-08-07 18:26 --------- d-------- C:\Program Files\Windows Live Toolbar
2007-08-07 18:26 --------- d-------- C:\Program Files\TuneUp Utilities 2007
2007-08-07 18:22 --------- d-------- C:\Program Files\MSN Messenger
2007-08-07 18:21 --------- d-------- C:\Program Files\Messenger
2007-08-07 18:18 --------- d-------- C:\Program Files\Google
2007-08-07 16:02 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Samsung
2007-08-06 00:39 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso
2007-07-25 16:56 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-25 16:48 --------- d-------- C:\Program Files\Samsung
2007-07-20 14:23 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Temporary
2007-07-17 00:46 3085 --a------ C:\WINDOWS\mozver.dat
2007-07-01 03:08 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
2007-06-30 19:03 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Microgaming
2007-06-28 20:38 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org2
2007-06-22 18:47 --------- d-------- C:\Program Files\Yahoo!
2007-06-15 21:12 --------- d-------- C:\Program Files\Joost
2007-06-08 16:07 --------- d-------- C:\Program Files\PotUK Radio
2007-05-16 16:32 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 16:32 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 16:32 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 16:32 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 16:32 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 16:32 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2007-05-16 09:42 972336 --a------ C:\WINDOWS\UNNeroMediaHome.exe
2007-05-15 09:45 972336 --a------ C:\WINDOWS\UNNeroVision.exe
2007-05-08 10:24 3583488 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-04-06 20:00 87608 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\ezpinst.exe
2007-04-06 20:00 47360 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\pcouffin.sys
2005-12-15 13:03 12288 --a------ C:\WINDOWS\Fonts.\RandFont.dll
2006-11-20 13:38:22 8 --sh--r C:\WINDOWS\system32\3D81D020C5.sys
2006-11-20 13:38:22 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
---- Directory of C:\WINDOWS\system32\GroupPolicy ----
2007-08-07 13:30 38 --a------ C:\WINDOWS\system32\GroupPolicy\gpt.ini
---- Directory of C:\Program Files\worldTVRT ----
2007-08-06 23:03 53 --a------ C:\Program Files\worldTVRT\world TV and Radio Tuner.url
2007-08-06 23:03 46665 --a------ C:\Program Files\worldTVRT\uninst.exe
2007-06-24 23:48 892928 --a------ C:\Program Files\worldTVRT\worldTVRT.exe
2007-05-23 00:13 1652 --a------ C:\Program Files\worldTVRT\pausepor.htm
2007-05-23 00:13 1651 --a------ C:\Program Files\worldTVRT\welcomepor.htm
2007-05-23 00:13 1647 --a------ C:\Program Files\worldTVRT\unavailable.htm
2007-05-23 00:13 1642 --a------ C:\Program Files\worldTVRT\pauseita.htm
2007-05-23 00:13 1640 --a------ C:\Program Files\worldTVRT\welcomeita.htm
2007-05-23 00:13 1633 --a------ C:\Program Files\worldTVRT\welcomeesp.htm
2007-05-23 00:13 1633 --a------ C:\Program Files\worldTVRT\pauseesp.htm
2007-05-23 00:13 1630 --a------ C:\Program Files\worldTVRT\welcomefra.htm
2007-05-23 00:13 1626 --a------ C:\Program Files\worldTVRT\pausefra.htm
2007-05-23 00:13 1625 --a------ C:\Program Files\worldTVRT\welcomedeu.htm
2007-05-23 00:13 1624 --a------ C:\Program Files\worldTVRT\pausedeu.htm
2007-05-23 00:13 1611 --a------ C:\Program Files\worldTVRT\pauseeng.htm
2007-05-23 00:13 1609 --a------ C:\Program Files\worldTVRT\welcomeeng.htm
2006-05-17 02:26 58588 --a------ C:\Program Files\worldTVRT\1.gif
2004-02-24 18:40 32502 --a------ C:\Program Files\worldTVRT\skins\Crimson.bmp
2004-02-17 18:07 32502 --a------ C:\Program Files\worldTVRT\skins\Aisi420.bmp
2004-02-08 04:57 32502 --a------ C:\Program Files\worldTVRT\skins\Electro Blue.bmp
2004-01-29 21:03 32502 --a------ C:\Program Files\worldTVRT\skins\All Green.bmp
2003-12-08 22:48 32502 --a------ C:\Program Files\worldTVRT\skins\Zinc 2.bmp
2003-11-21 20:57 32502 --a------ C:\Program Files\worldTVRT\skins\All Blue 2.bmp
2003-11-12 21:37 32502 --a------ C:\Program Files\worldTVRT\skins\Patriot 2 (US).bmp
2003-11-10 03:26 32502 --a------ C:\Program Files\worldTVRT\skins\Zinc.bmp
2003-11-08 11:08 32502 --a------ C:\Program Files\worldTVRT\skins\Wire Frame.bmp
2003-10-20 17:53 32502 --a------ C:\Program Files\worldTVRT\skins\BlueSteel.bmp
2003-10-16 23:44 32502 --a------ C:\Program Files\worldTVRT\skins\Titanium.bmp
2003-09-04 14:26 32502 --a------ C:\Program Files\worldTVRT\skins\Wood.bmp
2003-09-04 14:25 32502 --a------ C:\Program Files\worldTVRT\skins\Lilac.bmp
2003-09-04 14:24 32502 --a------ C:\Program Files\worldTVRT\skins\Limpid sky.bmp
2003-09-04 14:23 32502 --a------ C:\Program Files\worldTVRT\skins\Ghost in Violet.bmp
2003-09-04 14:22 32502 --a------ C:\Program Files\worldTVRT\skins\Ghost in Purple.bmp
2003-09-04 14:21 32502 --a------ C:\Program Files\worldTVRT\skins\Ghost in Navy Blue.bmp
2003-09-04 14:20 32502 --a------ C:\Program Files\worldTVRT\skins\Ghost in Blue.bmp
2003-09-04 14:18 32502 --a------ C:\Program Files\worldTVRT\skins\Gemini in Light Blue.bmp
2003-09-04 14:18 32502 --a------ C:\Program Files\worldTVRT\skins\DOS.bmp
2003-09-04 14:17 32502 --a------ C:\Program Files\worldTVRT\skins\Digital in Light Blue.bmp
2003-06-05 01:22 32502 --a------ C:\Program Files\worldTVRT\skins\Red.bmp
2003-05-17 17:11 32502 --a------ C:\Program Files\worldTVRT\skins\Green Neon.bmp
2003-05-17 17:07 32502 --a------ C:\Program Files\worldTVRT\skins\Purple Neon.bmp
2003-05-17 17:06 32502 --a------ C:\Program Files\worldTVRT\skins\Blue Neon.bmp
2003-03-20 01:38 32502 --a------ C:\Program Files\worldTVRT\skins\Rose.bmp
2003-03-20 01:38 32502 --a------ C:\Program Files\worldTVRT\skins\Periwinkle.bmp
2003-01-29 19:30 32502 --a------ C:\Program Files\worldTVRT\skins\Bronze.bmp
2003-01-25 21:47 32502 --a------ C:\Program Files\worldTVRT\skins\Noir.bmp
2002-11-30 01:54 32502 --a------ C:\Program Files\worldTVRT\skins\Dark Win in Green 5.bmp
2002-11-30 01:49 32502 --a------ C:\Program Files\worldTVRT\skins\Dark Win in Orange.bmp
2002-11-26 23:01 32502 --a------ C:\Program Files\worldTVRT\skins\Dark Win in Blue 8.bmp
2002-11-25 19:01 32502 --a------ C:\Program Files\worldTVRT\skins\Ligth Win in Blue 1.bmp
2002-11-25 06:42 32502 --a------ C:\Program Files\worldTVRT\skins\Dark Win in Dwelt.bmp
2002-11-25 06:13 32502 --a------ C:\Program Files\worldTVRT\skins\Dark Win in Green 1.bmp
2002-11-23 05:55 32502 --a------ C:\Program Files\worldTVRT\skins\Pacific Night.bmp
2002-11-21 02:23 32502 --a------ C:\Program Files\worldTVRT\skins\Yellow.bmp
2002-11-21 02:06 32502 --a------ C:\Program Files\worldTVRT\skins\Dwelt.bmp
2002-11-21 01:52 32502 --a------ C:\Program Files\worldTVRT\skins\Autumn.bmp
2002-11-18 11:38 32502 --a------ C:\Program Files\worldTVRT\skins\Ligth Green.bmp
2002-11-18 11:25 32502 --a------ C:\Program Files\worldTVRT\skins\Red & Yellow.bmp
2002-11-18 10:49 32502 --a------ C:\Program Files\worldTVRT\skins\Violet & Brown.bmp
2002-11-15 21:35 32502 --a------ C:\Program Files\worldTVRT\skins\Depressed.bmp
2002-10-09 04:29 32502 --a------ C:\Program Files\worldTVRT\skins\Gray.bmp
2002-08-22 03:08 32502 --a------ C:\Program Files\worldTVRT\skins\Omega.bmp
2002-07-15 08:37 32502 --a------ C:\Program Files\worldTVRT\skins\Simile XP Red.bmp
2002-07-15 08:36 32502 --a------ C:\Program Files\worldTVRT\skins\Simile XP Green.bmp
---- Directory of C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt ----
2007-08-05 21:50 257856 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\c13ti.22372$Ac2.3070@fe33.usenetserver.com.txt
2007-08-05 21:50 257782 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\ck2ti.22221$Ac2.12459@fe33.usenetserver.com\vm2ti.22229$Ac2.20551@fe33.usenetserver.com.txt
2007-08-05 21:49 257943 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\X%2ti.22367$Ac2.14635@fe33.usenetserver.com.txt
2007-08-05 21:49 257907 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\IT2ti.22341$Ac2.5071@fe33.usenetserver.com.txt
2007-08-05 21:49 257883 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\w02ti.22155$Ac2.5154@fe33.usenetserver.com\c42ti.22167$Ac2.22011@fe33.usenetserver.com.txt
2007-08-05 21:49 257855 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\w02ti.22155$Ac2.5154@fe33.usenetserver.com\w02ti.22155$Ac2.5154@fe33.usenetserver.com.txt
2007-08-05 21:49 257838 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\aX2ti.22352$Ac2.18635@fe33.usenetserver.com.txt
2007-08-05 21:49 257818 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\ck2ti.22221$Ac2.12459@fe33.usenetserver.com\ol2ti.22225$Ac2.5430@fe33.usenetserver.com.txt
2007-08-05 21:49 257814 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\ZU2ti.22345$Ac2.5529@fe33.usenetserver.com.txt
2007-08-05 21:49 257801 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\w02ti.22155$Ac2.5154@fe33.usenetserver.com\_22ti.22163$Ac2.12331@fe33.usenetserver.com.txt
2007-08-05 21:49 257790 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\3W2ti.22348$Ac2.6174@fe33.usenetserver.com.txt
2007-08-05 21:49 257780 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\w02ti.22155$Ac2.5154@fe33.usenetserver.com\K12ti.22159$Ac2.21423@fe33.usenetserver.com.txt
2007-08-05 21:49 257767 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\ck2ti.22221$Ac2.12459@fe33.usenetserver.com\ck2ti.22221$Ac2.12459@fe33.usenetserver.com.txt
2007-08-05 21:49 257754 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\IZ2ti.22361$Ac2.2704@fe33.usenetserver.com.txt
2007-08-05 21:49 257634 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\P_2ti.22365$Ac2.14664@fe33.usenetserver.com.txt
2007-08-05 21:49 257588 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\rY2ti.22357$Ac2.19892@fe33.usenetserver.com.txt
2007-08-05 21:48 257964 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\BI2ti.22305$Ac2.10970@fe33.usenetserver.com.txt
2007-08-05 21:48 257865 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\RJ2ti.22309$Ac2.18542@fe33.usenetserver.com.txt
2007-08-05 21:48 257818 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\WP2ti.22329$Ac2.20912@fe33.usenetserver.com.txt
2007-08-05 21:48 257733 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\bR2ti.22333$Ac2.19167@fe33.usenetserver.com.txt
2007-08-05 21:48 257668 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\gM2ti.22317$Ac2.11077@fe33.usenetserver.com.txt
2007-08-05 21:48 257633 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\FO2ti.22325$Ac2.16931@fe33.usenetserver.com.txt
2007-08-05 21:48 257599 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\6L2ti.22313$Ac2.11985@fe33.usenetserver.com.txt
2007-08-05 21:48 257587 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\oN2ti.22320$Ac2.2196@fe33.usenetserver.com.txt
2007-08-05 21:48 257561 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\sS2ti.22337$Ac2.19689@fe33.usenetserver.com.txt
2007-08-05 21:47 257886 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\6G2ti.22295$Ac2.7482@fe33.usenetserver.com.txt
2007-08-05 21:47 257850 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\kH2ti.22299$Ac2.19314@fe33.usenetserver.com.txt
2007-08-05 21:47 257802 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\fB2ti.22279$Ac2.18321@fe33.usenetserver.com.txt
2007-08-05 21:47 257801 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\TE2ti.22291$Ac2.21288@fe33.usenetserver.com.txt
2007-08-05 21:47 257792 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\1z2ti.22271$Ac2.4544@fe33.usenetserver.com.txt
2007-08-05 21:47 257753 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\8A2ti.22275$Ac2.9280@fe33.usenetserver.com.txt
2007-08-05 21:47 257741 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\lC2ti.22283$Ac2.6180@fe33.usenetserver.com.txt
2007-08-05 21:47 257721 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\CD2ti.22287$Ac2.12521@fe33.usenetserver.com.txt
2007-08-05 21:46 257899 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Yt2ti.22255$Ac2.6468@fe33.usenetserver.com.txt
2007-08-05 21:46 257828 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Mx2ti.22267$Ac2.13018@fe33.usenetserver.com.txt
2007-08-05 21:46 257790 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\vw2ti.22263$Ac2.7378@fe33.usenetserver.com.txt
2007-08-05 21:46 257737 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\dv2ti.22259$Ac2.16928@fe33.usenetserver.com.txt
2007-08-05 21:46 257673 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\sq2ti.22243$Ac2.4169@fe33.usenetserver.com.txt
2007-08-05 21:46 257667 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Cr2ti.22247$Ac2.11211@fe33.usenetserver.com.txt
2007-08-05 21:46 257592 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\np2ti.22239$Ac2.15515@fe33.usenetserver.com.txt
2007-08-05 21:46 257459 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Os2ti.22251$Ac2.20547@fe33.usenetserver.com.txt
2007-08-05 21:45 257939 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\sk2ti.22222$Ac2.4759@fe33.usenetserver.com.txt
2007-08-05 21:45 257932 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Ae2ti.22200$Ac2.4262@fe33.usenetserver.com.txt
2007-08-05 21:45 257878 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Wh2ti.22213$Ac2.9109@fe33.usenetserver.com.txt
2007-08-05 21:45 257874 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Hf2ti.22204$Ac2.15804@fe33.usenetserver.com.txt
2007-08-05 21:45 257841 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Qg2ti.22209$Ac2.261@fe33.usenetserver.com.txt
2007-08-05 21:45 257828 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\bj2ti.22218$Ac2.16815@fe33.usenetserver.com.txt
2007-08-05 21:45 257777 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\go2ti.22234$Ac2.3574@fe33.usenetserver.com.txt
2007-08-05 21:45 257708 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Jl2ti.22226$Ac2.9507@fe33.usenetserver.com.txt
2007-08-05 21:45 257561 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\_m2ti.22230$Ac2.15098@fe33.usenetserver.com.txt
2007-08-05 21:44 257798 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\%a2ti.22189$Ac2.20261@fe33.usenetserver.com.txt
2007-08-05 21:44 257744 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\K92ti.22184$Ac2.6531@fe33.usenetserver.com.txt
2007-08-05 21:44 257726 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\jd2ti.22196$Ac2.2915@fe33.usenetserver.com.txt
2007-08-05 21:44 257715 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\t82ti.22180$Ac2.6529@fe33.usenetserver.com.txt
2007-08-05 21:44 257676 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\Q42ti.22169$Ac2.7418@fe33.usenetserver.com.txt
2007-08-05 21:44 257673 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\dc2ti.22193$Ac2.5981@fe33.usenetserver.com.txt
2007-08-05 21:44 257649 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\j72ti.22177$Ac2.20700@fe33.usenetserver.com.txt
2007-08-05 21:44 257622 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\462ti.22173$Ac2.12841@fe33.usenetserver.com.txt
2007-08-05 21:43 257893 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com.txt
2007-08-05 21:43 257850 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\012ti.22156$Ac2.12102@fe33.usenetserver.com.txt
2007-08-05 21:43 257837 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\V%1ti.22153$Ac2.20436@fe33.usenetserver.com.txt
2007-08-05 21:43 257813 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\K_1ti.22148$Ac2.9279@fe33.usenetserver.com.txt
2007-08-05 21:43 257694 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\y32ti.22165$Ac2.1393@fe33.usenetserver.com.txt
2007-08-05 21:43 257635 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Articles\alt.binaries.movies.divx\uZ1ti.22143$Ac2.9828@fe33.usenetserver.com\h22ti.22160$Ac2.19438@fe33.usenetserver.com.txt
2007-08-05 21:24 827907 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GrabIt\Groups\New server\grouplist
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-04-21 17:09]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-12-15 12:18]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:56]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-01-26 23:56]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 09:27]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:06]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:20]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 00:01:50]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
"GhostStartTrayApp"=C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
"VTTimer"=VTTimer.exe
"VTTrayp"=VTtrayp.exe
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
R1 GhPciScan;GhostPciScanner;\??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys
R1 StarOpen;StarOpen;C:\WINDOWS\system32\drivers\StarOpen.sys
R2 DLPortIO;DriverLINX Port I/O Driver;\??\C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS
R2 MASPINT;MASPINT;C:\WINDOWS\system32\drivers\MASPINT.sys
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 Pcouffin;VSO Software pcouffin;C:\WINDOWS\system32\Drivers\Pcouffin.sys
R3 viagfx;viagfx;C:\WINDOWS\system32\DRIVERS\vtmini.sys
S3 cmuda;C-Media WDM Audio Interface;C:\WINDOWS\system32\drivers\cmuda.sys
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\fetnd5.sys
S3 irsir;Microsoft Serial Infrared Driver;C:\WINDOWS\system32\DRIVERS\irsir.sys
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver;C:\WINDOWS\system32\drivers\msmpu401.sys
S3 smserial;smserial;C:\WINDOWS\system32\DRIVERS\smserial.sys
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
S3 usbbus;LGE Mobile Composite USB Device;C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
S3 UsbDiag;LGE Mobile USB Serial Port;C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
S3 USBModem;LGE Mobile USB Modem;C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
Contents of the 'Scheduled Tasks' folder
2007-08-03 16:16:00 C:\WINDOWS\Tasks\1-Click Maintenance.job - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
2007-08-08 00:32:08 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-08-08 14:09:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000071
"TracesSuccessful"=dword:0000005f
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\poof]
Completion time: 2007-08-08 14:11:24
C:\ComboFix-quarantined-files.txt ... 2007-08-08 14:10
C:\ComboFix2.txt ... 2007-08-08 01:30
C:\ComboFix3.txt ... 2007-08-05 17:51
--- E O F ---