ComboFix 08-11-21.05 - Compaq_Administrator 2008-11-27 20:14:53.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.131 [GMT 0:00]
Running from: c:\documents and settings\Compaq_Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Compaq_Administrator\Desktop\CFScript.txt
* Created a new restore point
FILE ::
c:\windows\system32\hqpvhooc.dll
c:\windows\system32\qdseqydh.dll
c:\windows\system32\umaowcni.dll
c:\windows\system32\wqnnjbga.dll
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\hqpvhooc.dll
c:\windows\system32\qdseqydh.dll
c:\windows\system32\umaowcni.dll
c:\windows\system32\wqnnjbga.dll
.
((((((((((((((((((((((((( Files Created from 2008-10-27 to 2008-11-27 )))))))))))))))))))))))))))))))
.
2008-11-27 19:56 . 2008-11-27 19:56 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\AdobeUM
2008-11-27 19:55 . 2008-11-27 19:55 <DIR> d-------- c:\program files\Launchy
2008-11-27 19:55 . 2008-11-27 19:55 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\Launchy
2008-11-27 16:33 . 2008-11-27 16:33 <DIR> d-------- c:\program files\Start Killer
2008-11-27 08:35 . 2008-11-27 08:35 236 --a------ C:\sqmdata12.sqm
2008-11-27 08:35 . 2008-11-27 08:35 200 --a------ C:\sqmnoopt12.sqm
2008-11-23 09:59 . 2008-11-23 10:07 <DIR> d-------- c:\program files\Rainmeter
2008-11-22 14:05 . 2008-11-22 14:05 236 --a------ C:\sqmdata11.sqm
2008-11-22 14:05 . 2008-11-22 14:05 200 --a------ C:\sqmnoopt11.sqm
2008-11-22 13:12 . 2008-11-22 13:12 <DIR> d-------- c:\program files\EA Games
2008-11-22 13:12 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\system32\d3dx9_36.dll
2008-11-22 13:12 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\system32\d3dx9_34.dll
2008-11-22 13:12 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\system32\D3DCompiler_36.dll
2008-11-22 13:12 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\system32\D3DCompiler_34.dll
2008-11-22 13:12 . 2007-10-02 09:56 444,776 --a------ c:\windows\system32\d3dx10_36.dll
2008-11-22 13:12 . 2007-05-16 16:45 443,752 --a------ c:\windows\system32\d3dx10_34.dll
2008-11-22 13:12 . 2007-10-22 03:39 267,272 --a------ c:\windows\system32\xactengine2_10.dll
2008-11-22 13:12 . 2007-07-20 00:57 267,112 --a------ c:\windows\system32\xactengine2_9.dll
2008-11-22 13:12 . 2007-06-20 20:46 266,088 --a------ c:\windows\system32\xactengine2_8.dll
2008-11-22 13:12 . 2007-10-22 03:37 17,928 --a------ c:\windows\system32\X3DAudio1_2.dll
2008-11-22 09:37 . 2008-11-22 09:37 236 --a------ C:\sqmdata10.sqm
2008-11-22 09:37 . 2008-11-22 09:37 200 --a------ C:\sqmnoopt10.sqm
2008-11-22 09:32 . 2008-11-22 09:32 236 --a------ C:\sqmdata09.sqm
2008-11-22 09:32 . 2008-11-22 09:32 200 --a------ C:\sqmnoopt09.sqm
2008-11-21 09:26 . 2008-11-21 09:26 236 --a------ C:\sqmdata08.sqm
2008-11-21 09:26 . 2008-11-21 09:26 200 --a------ C:\sqmnoopt08.sqm
2008-11-21 07:46 . 2008-11-21 07:46 236 --a------ C:\sqmdata07.sqm
2008-11-21 07:46 . 2008-11-21 07:46 200 --a------ C:\sqmnoopt07.sqm
2008-11-20 19:42 . 2008-11-20 19:42 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-20 19:42 . 2008-11-20 20:52 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-20 19:41 . 2008-11-20 19:41 <DIR> d-------- c:\program files\Ad-Aware
2008-11-20 19:41 . 2008-11-20 19:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-20 10:23 . 2008-11-20 10:23 <DIR> d---s---- c:\documents and settings\Kim\UserData
2008-11-19 22:04 . 2008-11-19 22:04 <DIR> d-------- c:\program files\Nero 9
2008-11-19 22:04 . 2008-11-19 22:04 <DIR> d-------- c:\program files\Common Files\Nero
2008-11-19 21:50 . 2008-11-19 21:50 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\Sonic
2008-11-19 21:50 . 2008-11-19 21:50 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\Leadertech
2008-11-18 21:19 . 2008-11-18 21:19 236 --a------ C:\sqmdata06.sqm
2008-11-18 21:19 . 2008-11-18 21:19 200 --a------ C:\sqmnoopt06.sqm
2008-11-18 14:29 . 2008-11-20 10:23 <DIR> d-------- c:\documents and settings\Kim\Tracing
2008-11-18 10:09 . 2008-11-18 10:09 200 --a------ C:\sqmnoopt05.sqm
2008-11-18 10:09 . 2008-11-18 10:09 200 --a------ C:\sqmdata05.sqm
2008-11-18 08:52 . 2006-09-01 12:57 <DIR> d-------- c:\documents and settings\Kim\WINDOWS
2008-11-18 08:52 . 2008-11-20 10:23 <DIR> d-------- c:\documents and settings\Kim
2008-11-17 22:29 . 2007-03-07 23:51 129,784 --a------ c:\windows\system32\pxafs.dll
2008-11-17 21:56 . 2008-11-24 19:16 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\SiteAdvisor
2008-11-17 21:56 . 2008-11-17 21:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\SiteAdvisor
2008-11-17 21:56 . 2008-11-17 21:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\McAfee
2008-11-17 21:39 . 2008-11-17 21:42 <DIR> d-------- c:\program files\foobar2000
2008-11-17 20:55 . 2008-11-17 20:56 <DIR> d-------- c:\windows\system32\FLIQLO dir
2008-11-17 20:55 . 2008-11-17 20:55 532,480 --a------ c:\windows\system32\FLIQLO.scr
2008-11-17 20:42 . 2008-11-27 16:59 <DIR> d-------- c:\program files\CD Art Display
2008-11-17 20:42 . 2003-01-27 14:27 94,208 --a------ c:\windows\system32\wmpuice.dll
2008-11-17 20:42 . 2008-08-24 21:33 69,632 --a------ c:\windows\cadSSaver.scr
2008-11-17 20:15 . 2008-11-27 19:58 <DIR> d-------- c:\program files\Avast4
2008-11-16 20:45 . 2008-11-16 20:45 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\CyberLink
2008-11-16 20:41 . 2008-11-16 20:42 <DIR> d-------- c:\program files\InterActual
2008-11-16 19:08 . 2008-11-16 19:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\Blizzard
2008-11-16 16:23 . 2008-11-16 16:23 <DIR> d-------- c:\program files\DVD Flick
2008-11-16 16:23 . 2008-11-16 17:06 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\DVD Flick
2008-11-16 16:23 . 2004-03-09 00:00 662,288 --a------ c:\windows\system32\mscomct2.ocx
2008-11-16 16:23 . 1998-06-24 00:00 164,144 --a------ c:\windows\system32\comct232.ocx
2008-11-16 16:23 . 2003-01-26 13:41 40,960 --a------ c:\windows\system32\ssubtmr6.dll
2008-11-16 16:23 . 2007-08-31 18:36 36,864 --a------ c:\windows\system32\trayicon_handler.ocx
2008-11-16 16:23 . 2008-08-31 13:27 28,672 --a------ c:\windows\system32\mousewheel.ocx
2008-11-16 16:12 . 2006-09-01 12:57 <DIR> d-------- c:\documents and settings\Guest\WINDOWS
2008-11-16 16:12 . 2008-11-16 16:12 <DIR> d-------- c:\documents and settings\Guest
2008-11-16 14:21 . 2008-11-16 14:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Last.fm
2008-11-16 14:19 . 2008-11-16 14:19 <DIR> d-------- c:\program files\Last.fm
2008-11-16 13:29 . 2008-11-16 13:29 <DIR> d-------- c:\program files\BootSkin
2008-11-16 13:29 . 2008-11-16 13:30 162,432 --a------ c:\windows\system32\drivers\vidstub.sys
2008-11-16 12:57 . 2008-11-16 12:57 <DIR> d-------- c:\program files\Logon Loader
2008-11-16 09:17 . 2008-11-16 09:17 <DIR> d-------- c:\program files\Common Files\Blizzard Entertainment
2008-11-16 09:11 . 2008-11-16 09:15 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\Otto
2008-11-16 09:11 . 2008-11-16 09:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\Otto
2008-11-15 23:55 . 2008-11-15 23:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\SlySoft
2008-11-15 23:52 . 2008-11-15 23:52 <DIR> d-------- c:\program files\SlySoft
2008-11-15 23:44 . 2008-11-15 23:44 <DIR> d-------- c:\program files\Handbrake
2008-11-15 23:41 . 2008-11-15 23:41 236 --a------ C:\sqmdata04.sqm
2008-11-15 23:41 . 2008-11-15 23:41 200 --a------ C:\sqmnoopt04.sqm
2008-11-15 23:36 . 2008-11-15 23:36 <DIR> d-------- c:\windows\system32\XPSViewer
2008-11-15 23:36 . 2008-11-15 23:36 <DIR> d-------- c:\program files\Reference Assemblies
2008-11-15 23:36 . 2008-11-15 23:36 <DIR> d-------- c:\program files\MSBuild
2008-11-15 23:35 . 2008-07-06 12:06 1,676,288 --a------ c:\windows\system32\xpssvcs.dll
2008-11-15 23:35 . 2008-07-06 12:06 1,676,288 --a------ c:\windows\system32\dllcache\xpssvcs.dll
2008-11-15 23:35 . 2008-07-06 10:50 597,504 --a------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2008-11-15 23:35 . 2008-07-06 12:06 575,488 --a------ c:\windows\system32\xpsshhdr.dll
2008-11-15 23:35 . 2008-07-06 12:06 575,488 --a------ c:\windows\system32\dllcache\xpsshhdr.dll
2008-11-15 23:35 . 2008-07-06 12:06 117,760 --a------ c:\windows\system32\prntvpt.dll
2008-11-15 23:35 . 2008-07-06 12:06 89,088 --a------ c:\windows\system32\dllcache\filterpipelineprintproc.dll
2008-11-15 23:33 . 2008-11-15 23:39 <DIR> d-------- c:\windows\NV32401520.TMP
2008-11-15 23:33 . 2008-11-20 19:39 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-11-15 23:33 . 2008-10-07 13:33 201,157 --a------ c:\windows\system32\nvapps.nvb
2008-11-15 23:31 . 2008-11-15 23:31 <DIR> d-------- c:\program files\MSXML 6.0
2008-11-15 23:31 . 2008-11-15 23:31 <DIR> d-------- C:\NVIDIA
2008-11-15 23:27 . 2008-11-15 23:27 <DIR> d-------- c:\program files\SystemRequirementsLab
2008-11-15 23:27 . 2008-11-15 23:27 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\SystemRequirementsLab
2008-11-15 23:26 . 2008-11-15 23:26 <DIR> d-------- c:\windows\Sun
2008-11-15 13:22 . 2008-11-15 13:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2008-11-15 13:12 . 2008-11-15 13:12 <DIR> d-------- c:\program files\Wacom
2008-11-15 13:12 . 2000-11-22 11:40 1,682,273 --a------ c:\windows\system32\TabCP-En.znc
2008-11-15 13:12 . 2000-11-29 17:25 856,064 --a------ c:\windows\system32\Tablet.cpl
2008-11-15 13:12 . 2000-11-29 20:49 450,560 --a------ c:\windows\system32\Tablet.exe
2008-11-15 13:12 . 2000-11-29 20:49 90,112 --a------ c:\windows\system32\Wintab32.dll
2008-11-15 13:12 . 1999-12-21 15:53 53,248 --a------ c:\windows\system32\TabUnst.dll
2008-11-15 13:12 . 2000-11-29 20:49 49,152 --a------ c:\windows\system32\TabHook.dll
2008-11-15 13:12 . 2000-10-20 10:51 24,320 --a------ c:\windows\system32\drivers\penclass.sys
2008-11-15 13:12 . 1999-05-07 09:12 15,744 --a------ c:\windows\system32\wintab.dll
2008-11-15 13:12 . 2008-11-27 15:48 296 --a------ c:\windows\system32\wacom.dat
2008-11-15 13:11 . 2000-01-05 14:14 36,864 --a------ c:\windows\system32\pencls32.dll
2008-11-15 11:27 . 2008-11-15 11:27 <DIR> d-------- c:\program files\Bonjour
2008-11-15 11:24 . 2008-11-15 11:24 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2008-11-15 11:23 . 2008-11-15 11:23 236 --a------ C:\sqmdata03.sqm
2008-11-15 11:23 . 2008-11-15 11:23 200 --a------ C:\sqmnoopt03.sqm
2008-11-14 09:32 . 2008-11-14 09:32 236 --a------ C:\sqmdata02.sqm
2008-11-14 09:32 . 2008-11-14 09:32 200 --a------ C:\sqmnoopt02.sqm
2008-11-13 23:59 . 2008-11-13 23:59 236 --a------ C:\sqmdata01.sqm
2008-11-13 23:59 . 2008-11-13 23:59 200 --a------ C:\sqmnoopt01.sqm
2008-11-11 17:22 . 2008-11-11 17:22 <DIR> d-------- c:\program files\simplemu
2008-11-10 22:41 . 2008-11-10 22:42 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\vlc
2008-11-10 22:41 . 2008-11-19 16:48 <DIR> d-------- c:\documents and settings\Compaq_Administrator\Application Data\dvdcss
2008-11-10 22:39 . 2008-11-10 22:39 <DIR> d-------- c:\program files\VideoLAN
2008-11-10 21:13 . 2008-06-10 02:32 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-10 18:03 . 2008-11-10 18:49 <DIR> d-------- C:\illusion
2008-11-10 17:57 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-15 11:30 --------- d-----w c:\program files\Common Files\Adobe
2008-11-13 23:57 --------- d-----w c:\program files\Symantec
2008-11-13 23:57 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-11-13 23:57 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-11-10 21:13 --------- d-----w c:\program files\Java
2008-11-06 11:32 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-06 11:20 --------- d-----w c:\program files\Common Files\InstallShield
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 15:07 99,904 ----a-w c:\windows\system32\drivers\AnyDVD.sys
2008-10-16 14:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 14:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 14:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 14:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 14:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 14:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 14:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 14:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 14:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 14:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 14:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 14:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 14:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 14:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 14:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-15 16:57 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
2008-09-30 16:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\win32k.sys
2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\dllcache\win32k.sys
2008-09-09 00:03 51,712 ----a-w c:\windows\system32\sirenacm.dll
2008-09-04 16:42 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 16:42 1,106,944 ----a-w c:\windows\system32\dllcache\msxml3.dll
2008-08-29 20:06 1,350,664 ----a-w c:\windows\system32\msxml6.dll
2008-08-28 10:04 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\Guest\WINDOWS ----
---- Directory of c:\documents and settings\Kim\Tracing ----
2008-11-20 10:23 0 --a------ c:\documents and settings\Kim\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog
---- Directory of c:\documents and settings\Kim\WINDOWS ----
((((((((((((((((((((((((((((( snapshot@2008-11-22_16.14.08.68 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-22 00:28:36 343,424 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-11-24 18:50:28 345,016 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-10-16 14:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 14:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
+ 2008-11-27 15:48:23 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_1d8.dat
+ 2008-11-27 16:06:51 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_784.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-09-09 3513344]
"Google Update"="c:\documents and settings\Compaq_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-06 133104]
"RocketDock"="j:\rocketdock\RocketDock.exe" [2007-09-02 495616]
"Steam"="c:\program files\Steam\Steam.exe" [2008-11-08 1410296]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"ftutil2"="ftutil2.dll" [2004-06-07 c:\windows\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 c:\windows\RTHDCPL.EXE]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 c:\windows\arpwrmsg.exe]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]
"PCDrProfiler"="" [BU]
c:\documents and settings\Guest\Start Menu\Programs\Startup\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-09-01 27136]
PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-09-01 27136]
c:\documents and settings\Kim\Start Menu\Programs\Startup\
PinMcLnk.lnk - c:\hp\bin\cloaker.exe [2006-09-01 27136]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Launchy.lnk - c:\program files\Launchy\Launchy.exe [2008-11-27 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\\windows\\resources\\LoginUI\\logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifgEtuu]
[BU]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Electronic Arts\\Red Alert 3\\Data\\ra3_1.3.game"=
"c:\\Program Files\\Steam\\steamapps\\rpowton\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\rpowton\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-20 110160]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-20 20560]
R3 ZY202_XP;ZyXEL 802.11g XG202 1211 Driver;c:\windows\system32\DRIVERS\WlanUZXP.sys [2008-11-06 437760]
S3 AFGMp50;AFGMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\AFGMp50.sys []
S3 AFGSp50;AFGSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\AFGSp50.sys []
S3 ZDCNDIS5;ZDCNDIS5 NDIS Protocol Driver;\??\c:\windows\system32\ZDCndis5.SYS []
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-27 20:17:39
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-11-27 20:18:41
ComboFix-quarantined-files.txt 2008-11-27 20:18:38
ComboFix2.txt 2008-11-22 16:14:41
Pre-Run: 86,129,291,264 bytes free
Post-Run: 86,116,220,928 bytes free
270 --- E O F --- 2008-11-16 21:01:22