ComboFix 07-10-22.7 - Emanuel 2007-10-30 17:44:22.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.733 [GMT -4:00]
Running from: C:\Documents and Settings\Emanuel\Desktop\Anti-Malware\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Common Files\{3F241~1
C:\Program Files\Common Files\{7F241~1
C:\WINDOWS\system32\LMIinit.dll
C:\WINDOWS\system32\pskill.exe
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_COM+_MESSAGES
((((((((((((((((((((((((( Files Created from 2007-09-28 to 2007-10-30 )))))))))))))))))))))))))))))))
.
2007-10-30 17:41 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-26 09:08 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-10-26 08:28 <DIR> d-------- C:\Deckard
2007-10-22 15:21 <DIR> d-------- C:\Program Files\Microsoft Works
2007-10-22 12:04 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2007-10-22 11:27 <DIR> d-------- C:\Program Files\a-squared Free
2007-10-18 10:52 <DIR> d-------- C:\Documents and Settings\Emanuel\My Do
2007-10-18 10:35 <DIR> d-------- C:\Program Files\Common Files\Palo Alto Software
2007-10-18 10:35 <DIR> d-------- C:\Program Files\Common Files\Intuit
2007-10-18 10:35 3,518,464 --a------ C:\WINDOWS\system32\cdintf300.dll
2007-10-18 10:35 1,843,200 --a------ C:\WINDOWS\system32\acXMLParser.dll
2007-10-18 09:20 <DIR> d-------- C:\Documents and Settings\Emanuel\Application Data\GrabIt
2007-10-18 09:12 <DIR> d-------- C:\Program Files\GrabIt
2007-10-16 09:56 <DIR> d-------- C:\Program Files\Winamp
2007-10-16 09:56 <DIR> d-------- C:\Documents and Settings\Emanuel\Application Data\Winamp
2007-10-16 09:22 278,528 --a------ C:\WINDOWS\system32\XXCOPY.EXE
2007-10-16 09:22 230,377 --a------ C:\WINDOWS\system32\XXCOPY16.EXE
2007-10-16 09:22 49,152 --a------ C:\WINDOWS\system32\XXPBAR.EXE
2007-10-16 09:22 1,436 --a------ C:\WINDOWS\system32\UIXXCOPY.BAT
2007-10-15 19:30 <DIR> d-------- C:\Program Files\Yahoo!
2007-10-12 13:40 <DIR> d-------- C:\sorted music
2007-10-12 12:46 <DIR> d-------- C:\Program Files\OPAL Network
2007-10-12 12:46 <DIR> d-------- C:\Program Files\Common Files\Sagekey Software
2007-10-12 12:46 <DIR> d-------- C:\Program Files\Access 97 Runtime
2007-10-12 10:50 <DIR> d-------- C:\Program Files\Replay Music 2
2007-10-12 10:50 <DIR> d-------- C:\Program Files\Replay Music
2007-10-12 10:50 41,984 --a------ C:\WINDOWS\system32\APTRRNTm.dll
2007-10-12 10:50 36,864 --a------ C:\WINDOWS\system32\APTRRNTl.dll
2007-10-10 14:36 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-10-10 14:29 <DIR> d-------- C:\Program Files\CCleaner
2007-10-10 14:25 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-05 14:57 46,338,080 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-10-05 14:54 1,086,952 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-10-05 14:54 75,248 --a------ C:\WINDOWS\zllsputility.exe
2007-10-05 14:54 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-10-05 14:08 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-05 11:58 <DIR> d-------- C:\Documents and Settings\Emanuel\Application Data\SlySoft
2007-10-05 11:51 34,308 --a------ C:\WINDOWS\system32\Chip.dll
2007-10-05 11:49 <DIR> d-------- C:\Program Files\SlySoft
2007-10-05 11:48 <DIR> d-------- C:\Program Files\Amazon DVD Shrinker
2007-10-05 11:47 <DIR> d-------- C:\WINDOWS\Bifrost
2007-09-28 10:37 <DIR> d-------- C:\Documents and Settings\Emanuel\Application Data\Audacity
2007-09-22 13:54 <DIR> d-------- C:\Kiswin
2007-09-22 13:54 <DIR> d-------- C:\Documents and Settings\Emanuel\.terminfo
2007-09-21 14:47 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-09-21 14:44 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-09-21 13:57 <DIR> d-------- C:\Program Files\WinPcap
2007-09-20 15:39 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-09-20 14:03 <DIR> d-------- C:\Program Files\SpiralFrog
2007-09-17 21:49 <DIR> d-------- C:\Program Files\PandoraBrowse
2007-09-17 21:15 <DIR> d-------- C:\Documents and Settings\Emanuel\.oboesync
2007-09-17 21:13 <DIR> d-------- C:\Program Files\MP3tunes
2007-09-14 09:51 <DIR> d-------- C:\Documents and Settings\Emanuel\Application Data\GTek
2007-09-02 00:57 491,520 --a------ C:\lame_enc.dll
2007-09-01 23:40 <DIR> d-------- C:\Program Files\ShufflePlay2
2007-09-01 23:40 249,856 --------- C:\WINDOWS\Setup1.exe
2007-09-01 23:40 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-30 21:54 --------- d-----w C:\Program Files\PeerGuardian2
2007-10-30 21:52 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\VMware
2007-10-30 21:52 --------- d-----w C:\Documents and Settings\LocalService\Application Data\VMware
2007-10-30 21:49 544,052 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-10-30 21:40 --------- d-----w C:\Documents and Settings\Emanuel\Application Data\AVG7
2007-10-26 17:56 --------- d-----w C:\Program Files\Azureus
2007-10-26 12:59 --------- d-----w C:\Program Files\InsideCAT3
2007-10-26 12:59 --------- d-----w C:\Program Files\DivX
2007-10-22 21:17 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2007-10-22 15:14 --------- d-----w C:\Documents and Settings\Emanuel\Application Data\AdobeUM
2007-10-18 23:31 --------- d-----w C:\Documents and Settings\Emanuel\Application Data\Azureus
2007-10-18 17:24 --------- d-----w C:\Program Files\Quicken
2007-10-18 14:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-16 23:32 --------- d-----w C:\Documents and Settings\Emanuel\Application Data\VMware
2007-10-16 00:27 --------- d-----w C:\Program Files\Rhapsody
2007-10-12 14:50 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-10-12 13:18 --------- d-----w C:\Program Files\Audacity
2007-10-11 14:44 --------- d-----w C:\Program Files\LogMeIn
2007-10-11 14:40 --------- d-----w C:\Program Files\Google
2007-10-11 14:40 --------- d-----w C:\Program Files\GizmoPlugin
2007-10-11 14:39 --------- d-----w C:\Program Files\DAEMON Tools
2007-10-11 14:37 --------- d-----w C:\Program Files\Common Files\LightScribe
2007-10-11 10:41 --------- d-----w C:\Program Files\QuickPar
2007-10-05 12:47 --------- d-----w C:\Program Files\Apple Software Update
2007-10-05 12:46 --------- d-----w C:\Program Files\Common Files\Adobe
2007-10-05 12:31 --------- d-----w C:\Program Files\HP
2007-09-24 21:38 --------- d-----w C:\Documents and Settings\Emanuel\Application Data\U3
2007-09-21 15:39 --------- d-----w C:\Documents and Settings\Emanuel\Application Data\Media Player Classic
2007-09-21 13:14 --------- d-----w C:\Documents and Settings\Emanuel\Application Data\Thinstall
2007-09-14 13:53 --------- d-----w C:\Documents and Settings\Emanuel\Application Data\Apple Computer
2007-09-02 02:54 --------- d-----w C:\Program Files\RSSoft
2007-08-31 17:37 --------- d-----w C:\Documents and Settings\Emanuel\Application Data\DivX
2007-08-31 14:49 --------- d-----w C:\Program Files\Executive Software
2007-08-30 03:21 --------- d-----w C:\Program Files\PartyGaming
2007-08-30 03:13 --------- d-----w C:\Program Files\Siber Systems
2007-08-28 17:18 --------- d-----w C:\Program Files\Magic MP3 Tagger
2007-08-22 13:12 96,256 ------w C:\WINDOWS\system32\dllcache\inseng.dll
2007-08-22 13:12 658,944 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-22 13:12 615,424 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-22 13:12 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-22 13:12 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-22 13:12 474,112 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-08-22 13:12 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-22 13:12 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-08-22 13:12 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-08-22 13:12 3,058,176 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-22 13:12 251,392 ------w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-08-22 13:12 205,312 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-22 13:12 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-22 13:12 151,040 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-08-22 13:12 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-22 13:12 1,494,528 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-08-22 13:12 1,054,208 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-08-22 13:12 1,022,976 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-08-21 10:30 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:15 683,520 ------w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-14 14:40 55,831 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2007-08-14 14:40 5,804 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-08-09 00:34 1,721,712 ----a-w C:\WINDOWS\system32\inetclnt.dll
2007-08-08 20:30 19,456 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll
2007-08-02 22:11 253,952 ----a-w C:\WINDOWS\system32\OnlineScannerDLLA.dll
2007-08-02 22:11 241,664 ----a-w C:\WINDOWS\system32\OnlineScannerDLLW.dll
2007-07-30 23:19 92,504 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 23:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 23:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 23:19 549,720 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 23:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 23:19 53,080 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 23:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 23:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 23:19 325,976 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 23:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 23:19 203,096 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 23:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 23:19 1,712,984 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 23:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-30 23:18 33,624 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2007-07-27 19:49 225,355 ----a-w C:\WINDOWS\system32\lnod32apiW.dll
2007-07-27 19:49 196,683 ----a-w C:\WINDOWS\system32\lnod32apiA.dll
2007-07-26 03:06 144,704 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-07-26 02:53 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-07-26 02:53 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-07-26 02:53 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-07-26 02:53 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-07-26 02:53 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-07-26 02:53 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-07-26 02:53 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-07-26 02:50 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-07-26 02:50 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-07-26 02:50 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-07-26 02:50 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-07-26 02:50 740,442 ----a-w C:\WINDOWS\system32\DivX.dll
2007-07-26 02:50 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-07-26 02:50 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-07-26 02:50 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-07-26 02:50 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-07-26 02:50 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-07-26 02:50 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-07-26 02:50 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2005-07-14 18:31:20 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-11-11 00:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-06-19 16:50]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2005-12-22 11:57]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2005-08-01 17:26]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 13:23]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 20:45]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" []
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11]
"LogMeIn GUI"="C:\Program Files\LogMeIn\LogMeInSystray.exe" [2006-10-06 19:55]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 04:00 C:\WINDOWS\system32\bthprops.cpl]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 18:53]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 01:12]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-10-26 08:18]
"DiskeeperSystray"="C:\Program Files\Executive Software\Diskeeper\DkIcon.exe" [2005-07-26 17:52]
"SpiralFrog"="C:\Program Files\SpiralFrog\Spiralfrog.exe" [2007-09-14 08:58]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-09-06 16:14]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 13:49]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-03 18:29]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2005-09-18 18:40]
"VisualTooltip"="C:\Program Files\VisualTooltip\VisualToolTip.exe" []
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2007-10-19 08:19]
C:\Documents and Settings\Emanuel\Start Menu\Programs\Startup\
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 18:05:02]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2007-08-14 09:42 176128 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HOTSYNCSHORTCUTNAME.lnk
backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Emanuel^Start Menu^Programs^Startup^palmOne Registration.lnk]
path=C:\Documents and Settings\Emanuel\Start Menu\Programs\Startup\palmOne Registration.lnk
backup=C:\WINDOWS\pss\palmOne Registration.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
"C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\manager]
"C:\Windows\System32\drivers\setup\manager.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime
R2 Gizmo Plugin;Gizmo VoIP Service;"C:\Program Files\GizmoPlugin\GizmoPlugin.exe"
R2 LMIInfo;LogMeIn Kernel Information Provider;\??\C:\Program Files\LogMeIn\RaInfo.sys
R2 vmserverdWin32;VMware Registration Service;C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
R3 LMImirr;LMImirr;C:\WINDOWS\system32\DRIVERS\LMImirr.sys
R3 pgfilter;pgfilter;\??\C:\Program Files\PeerGuardian2\pgfilter.sys
S2 COM+ System Manager;COM+ System Application Manage;C:\Program Files\Common Files\System\Dllhost.exe
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
S3 APLMp50;APLMp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\APLMp50.sys
S3 IMT0521;Inmax USB IMT-0521 Smartcard Reader;C:\WINDOWS\system32\Drivers\IMT0521.sys
S3 motccgp;Motorola USB Composite Device Driver;C:\WINDOWS\system32\DRIVERS\motccgp.sys
S3 motccgpfl;MotCcgpFlService;C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys
S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{55f9bd8a-84b6-11db-992f-0014a5ef0629}]
AutoRun\command - rundll32.exe url.dll,FileProtocolHandler LapNetWizard.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c73ca7a-7e99-11db-9928-0014a5ef0629}]
AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b2d99d6-687c-11dc-99d7-0016d443950d}]
AutoRun\command - F:\LaunchU3.exe -a
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{86BD9109-A930-850A-C400-CB85C0CEC5E1}]
C:\WINDOWS\Bifrost\Marcel s
.
**************************************************************************
catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-10-30 17:52:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe??????????H????|?????? ???B?????????????hLC? ??????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-30 17:56:13 - machine was rebooted
.
--- E O F ---