((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\ProductCode
C:\DOCUME~1\DNS~1.CSD\APPLIC~1.\macromedia\Flash Player\#SharedObjects\96LZLSMR\www.broadcaster.com
C:\DOCUME~1\DNS~1.CSD\APPLIC~1.\macromedia\Flash Player\#SharedObjects\96LZLSMR\www.broadcaster.com\played_list.sol
C:\DOCUME~1\DNS~1.CSD\APPLIC~1.\macromedia\Flash Player\#SharedObjects\96LZLSMR\www.broadcaster.com\video_queue.sol
C:\DOCUME~1\DNS~1.CSD\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\DOCUME~1\DNS~1.CSD\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Program Files\Common Files\winantispyware 2007
C:\Program Files\Common Files\winantispyware 2007\err.log
C:\temp\tn3
C:\WINDOWS\b122.exe
C:\WINDOWS\system32\b02FdUe
C:\WINDOWS\system32\driver
C:\WINDOWS\system32\drivers\fopn.sys
C:\WINDOWS\system32\winnb58.dll
C:\WINDOWS\system32\Z1
C:\WINDOWS\system32\Z3
C:\WINDOWS\system32\Z3\w0716.exe
C:\WINDOWS\system32\Z5
C:\WINDOWS\system32\Z7
C:\WINDOWS\system32\Z9
C:\WINDOWS\wr.txt
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_CORE
-------\LEGACY_FOPN
-------\LEGACY_WINDOWS_OVERLAY_COMPONENTS
((((((((((((((((((((((((( Files Created from 2007-06-23 to 2007-07-23 )))))))))))))))))))))))))))))))
2007-07-23 16:15 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-23 11:57 3,260 --a------ C:\WINDOWS\system32\tmp.reg
2007-07-23 11:44 14,566,808 --a------ C:\Program Files\jre-6u2-windows-i586-p.exe
2007-07-23 09:08 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-07-23 09:05 <DIR> d-------- C:\Program Files\AVG Anti-Spyware
2007-07-23 08:57 <DIR> d-------- C:\Program Files\ATF Cleaner
2007-07-23 08:41 <DIR> d-------- C:\Program Files\Hijack This
2007-07-20 16:50 <DIR> d-------- C:\VundoFix Backups
2007-07-20 15:51 <DIR> d-------- C:\Program Files\Trend Micro
2007-07-20 10:30 <DIR> d-------- C:\Program Files\Lavasoft
2007-07-20 10:30 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-07-20 10:29 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-20 09:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-07-19 07:28 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2007-07-19 07:28 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-07-19 07:28 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2007-07-18 12:22 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2007-07-18 12:22 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-07-18 12:22 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-07-18 12:22 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll
2007-07-18 12:17 <DIR> d-------- C:\WINDOWS\system32\Z11
2007-07-18 12:17 <DIR> d-------- C:\Temp\brr
2007-07-18 12:17 <DIR> d-------- C:\Temp\0c2
2007-07-18 12:17 <DIR> d-------- C:\Temp
2007-07-16 16:55 <DIR> d-------- C:\Program Files\RP2007
2007-07-16 15:30 <DIR> d-------- C:\DOCUME~1\DNS~1.CSD\APPLIC~1\Profis
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-07-23 17:32:16 -------- d-----w C:\Program Files\BSTAurora
2007-07-17 20:57:37 -------- d-----w C:\DOCUME~1\DNS~1.CSD\APPLIC~1\AdobeUM
2007-07-16 19:32:24 -------- d-----w C:\Program Files\Common Files\TJ Shared
2007-06-19 16:08:45 -------- d-----w C:\DOCUME~1\DNS~1.CSD\APPLIC~1\CyberLink
2007-06-06 17:51:52 73 ----a-w C:\WINDOWS\system32\ssprs.dll
2007-06-06 17:51:52 205 ----a-w C:\WINDOWS\system32\lsprst7.dll
2007-06-04 19:18:48 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-06-04 19:17:02 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-06-04 19:14:56 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2005-10-07 00:13]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 12:55]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 12:56]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-04-06 15:58]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 17:30 C:\WINDOWS\stsystra.exe]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 21:29]
"Realtime Monitor"="C:\PROGRA~1\CA\ETRUST~1\realmon.exe" [2004-04-06 17:14]
"@"="" []
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-17 09:50 C:\WINDOWS\LOGI_MWX.EXE]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-07-21 15:09]
"FLMOFFICE4DMOUSE"="C:\Program Files\Labtec\Desktop\V5.1\moffice.exe" [2006-07-26 11:14]
"OFFICEKB"="C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe" [2006-07-26 11:14]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="C:\Program Files\NetWaiting\netWaiting.exe" [2003-09-10 03:24]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-27 08:00]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
AutoCAD LT Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe [2005-03-05 09:18:22]
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe [2005-03-05 09:18:22]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-06-28 00:39:18]
Microsoft Office Outlook 2003 (2).lnk - C:\WINDOWS\Installer\{90E00409-6000-11D3-8CFE-0150048383C9}\outicon.exe [2006-09-11 14:34:27]
Scanner File Utility.lnk - C:\Program Files\Kyocera\FileUtility\NsCatCom.exe [2006-07-17 15:01:22]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"=1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]
R0 INO_FLPY;INO_FLPY;C:\WINDOWS\system32\Drivers\ino_flpy.sys
R1 APPDRV;APPDRV;C:\WINDOWS\system32\DRIVERS\APPDRV.SYS
R1 NetworkX;NetworkX;C:\WINDOWS\system32\ckldrv.sys
R2 INO_FLTR;INO_FLTR;\??\C:\WINDOWS\system32\Drivers\ino_fltr.sys
R2 InoRPC;eTrust Antivirus RPC Server;"C:\Program Files\CA\eTrust Antivirus\InoRpc.exe"
R2 InoRT;eTrust Antivirus Realtime Server;"C:\Program Files\CA\eTrust Antivirus\InoRT.exe"
R2 InoTask;eTrust Antivirus Job Server;"C:\Program Files\CA\eTrust Antivirus\InoTask.exe"
R2 s24trans;WLAN Transport;C:\WINDOWS\system32\DRIVERS\s24trans.sys
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver;C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
R3 HSF_DPV;HSF_DPV;C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
R3 HSXHWAZL;HSXHWAZL;C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
R3 STHDA;SigmaTel High Definition Audio CODEC;C:\WINDOWS\system32\drivers\sthda.sys
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbehci.sys
R3 usbhub;Microsoft USB Standard Hub Driver;C:\WINDOWS\system32\DRIVERS\usbhub.sys
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbuhci.sys
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver;C:\WINDOWS\system32\DRIVERS\w39n51.sys
S2 Fax;Fax;C:\WINDOWS\system32\fxssvc.exe
S3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP;C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
S3 E100B;Intel(R) PRO Adapter Driver;C:\WINDOWS\system32\DRIVERS\e100b325.sys
S3 HidUsb;Microsoft HID Class Driver;C:\WINDOWS\system32\DRIVERS\hidusb.sys
S3 USBSTOR;USB Mass Storage Driver;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S4 agpCPQ;Compaq AGP Bus Filter;C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94372f70-41c3-11db-a5ae-0015c51d7c44}]
AutoRun\command- E:\setupSNK.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-23 16:23:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
scanning hidden files ...
**************************************************************************
Completion time: 2007-07-23 16:28:21 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-23 16:27
--- E O F ---