I checked the file in VirusTotal and it is clean!!
My new comboFix log is:ComboFix 08-01-18.4 - Agapi-Vasilis 2008-01-20 14:45:50.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1253.1.1033.18.460 [GMT 2:00]
Running from: C:\Documents and Settings\Agapi-Vasilis\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Agapi-Vasilis\Desktop\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!FILE
C:\WINDOWS\system32\drivers\lvuvc.hs
F:\C\OLD_C\MSN Messenger\riched20.dll
F:\old_desk\ss2r2.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\drivers\lvuvc.hs
F:\C\OLD_C\MSN Messenger\riched20.dll
F:\old_desk\ss2r2.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-20 to 2008-01-20 )))))))))))))))))))))))))))))))
.
2008-01-20 14:37 . 2008-01-20 14:41 <DIR> d-------- C:\WINDOWS\LastGood
2008-01-20 14:37 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-01-20 14:37 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-01-20 14:37 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-01-20 02:49 . 2008-01-20 02:49 52 --a------ C:\WINDOWS\tlknw28.ini
2008-01-19 17:57 . 2008-01-20 02:49 621 --a------ C:\WINDOWS\tlknw8.ini
2008-01-19 16:26 . 2008-01-19 16:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-01-19 16:25 . 2008-01-19 16:25 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-01-19 14:49 . 2008-01-19 14:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-01-19 14:49 . 2008-01-19 14:49 <DIR> d-------- C:\Documents and Settings\Agapi-Vasilis\Application Data\SYSTRAN
2008-01-19 14:46 . 2008-01-19 14:46 <DIR> d-------- C:\Program Files\SYSTRAN
2008-01-19 14:45 . 2008-01-19 14:45 878,080 --a------ C:\WINDOWS\system32\iconv.dll
2008-01-19 14:45 . 2008-01-19 14:45 721,920 --a------ C:\WINDOWS\system32\libxml2.dll
2008-01-19 14:45 . 2008-01-19 14:45 170,432 --a------ C:\WINDOWS\system32\libsyslic1.pd
2008-01-19 14:45 . 2008-01-19 14:45 150,016 --a------ C:\WINDOWS\system32\libxslt.dll
2008-01-19 14:45 . 2008-01-19 14:45 51,200 --a------ C:\WINDOWS\system32\libexslt.dll
2008-01-19 14:45 . 2008-01-19 14:45 192 --a------ C:\WINDOWS\system32\libsyslic1.ls
2008-01-19 14:44 . 2007-03-14 00:57 144,896 -ra------ C:\WINDOWS\system32\libsyslic1.original.dll
2008-01-19 14:44 . 2007-03-24 11:45 57,344 -ra------ C:\WINDOWS\system32\libsyslic1.dll
2008-01-19 14:41 . 2008-01-19 14:41 <DIR> d-------- C:\WINDOWS\system32\URTTEMP
2008-01-19 14:36 . 2008-01-19 14:36 <DIR> d-------- C:\Program Files\systran_install
2008-01-19 02:59 . 2008-01-19 04:30 <DIR> d-------- C:\Program Files\Dictionaries Explorer II
2008-01-19 02:59 . 2003-10-06 04:00 323,584 --a------ C:\WINDOWS\system32\sdecdx61.dll
2008-01-19 02:59 . 2003-10-06 04:00 229,376 --a------ C:\WINDOWS\system32\sde61.dll
2008-01-19 02:59 . 2005-11-10 20:18 41,472 --a------ C:\WINDOWS\system32\indexudf.dll
2008-01-19 02:59 . 2003-04-23 18:43 4,822 --a------ C:\WINDOWS\sdecdx.udf
2008-01-18 23:44 . 2008-01-18 23:44 <DIR> d-------- C:\kav
2008-01-18 21:23 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-18 15:35 . 2008-01-18 15:35 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-18 15:35 . 2008-01-18 15:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-18 02:36 . 2008-01-18 22:03 <DIR> d-------- C:\HijackThis
2008-01-18 02:34 . 2008-01-18 03:07 <DIR> d-------- C:\VundoFix Backups
2008-01-15 23:49 . 2008-01-15 23:49 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-15 14:25 . 2008-01-15 14:28 <DIR> d-------- C:\wamp
2008-01-15 02:09 . 2008-01-15 02:10 38 --a------ C:\WINDOWS\avisplitter.INI
2008-01-14 02:13 . 2008-01-14 02:21 <DIR> d-------- C:\Documents and Settings\Agapi-Vasilis\Application Data\LimeWire
2008-01-14 01:21 . 2008-01-20 03:31 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-01-13 21:30 . 2008-01-13 21:30 <DIR> d-------- C:\Documents and Settings\Agapi-Vasilis\Application Data\Nero
2008-01-13 21:26 . 2008-01-13 21:26 <DIR> d-------- C:\Program Files\Nero
2008-01-13 21:26 . 2008-01-13 21:29 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-01-13 21:26 . 2008-01-13 21:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-01-12 17:18 . 2008-01-12 17:18 <DIR> d-------- C:\Documents and Settings\Agapi-Vasilis\Application Data\Ashampoo
2008-01-12 17:17 . 2008-01-12 17:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ashampoo
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-20 12:35 0 ----a-w C:\WINDOWS\system32\drivers\logiflt.iad
2008-01-19 22:47 --------- d-----w C:\Documents and Settings\Agapi-Vasilis\Application Data\uTorrent
2008-01-19 14:21 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-19 12:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-19 12:46 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-15 00:54 --------- d-----w C:\Documents and Settings\Agapi-Vasilis\Application Data\Skype
2008-01-13 18:59 --------- d-----w C:\Program Files\Common Files\Ahead
2008-01-13 18:59 --------- d-----w C:\Program Files\Ahead
2008-01-12 15:17 --------- d-----w C:\Program Files\Ashampoo
2008-01-12 11:37 --------- d-----w C:\Program Files\Steam
2008-01-11 23:45 --------- d-----w C:\Program Files\Winamp
2007-12-16 00:24 --------- d-----w C:\Program Files\DivX
2007-12-14 01:06 --------- d-----w C:\Program Files\MegauploadToolbar
2007-12-13 17:09 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
2007-12-12 13:45 --------- d-----w C:\Program Files\My_Poco
2007-12-12 04:01 --------- d-----w C:\Program Files\STOPzilla!
2007-12-12 04:00 --------- d-----w C:\Documents and Settings\Agapi-Vasilis\Application Data\STOPzilla!
2007-12-12 03:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\STOPzilla!
2007-12-12 03:37 2,048 ----a-w C:\WINDOWS\system32\drivers\476BEB79-F41D-42ED-8656-59CF0E5AB525.cxv
2007-12-12 03:31 --------- d-----w C:\Program Files\Enigma Software Group
2007-12-12 02:05 10,240 ----a-w C:\WINDOWS\system32\drivers\6A8FAFEE-DB8D-4E6B-8A02-EACFB52A0673.cxv
2007-12-12 02:01 --------- d-----w C:\Program Files\Common Files\iS3
2007-12-11 20:37 --------- d-----w C:\Program Files\TVAnts
2007-12-11 20:04 --------- d-----w C:\Program Files\TVUPlayer
2007-12-11 20:04 --------- d-----w C:\Documents and Settings\Agapi-Vasilis\Application Data\TVU Networks
2007-12-11 19:46 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-12-11 19:46 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-12-11 19:45 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-12-11 19:45 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-12-11 19:44 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-11 19:44 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-11 19:44 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-12-11 19:44 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-11 19:44 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-12-11 19:44 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-12-11 19:44 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-12-11 19:44 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-12-11 19:44 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-12-11 19:44 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-12-11 19:44 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-12-11 19:44 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-12-11 19:44 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-12-11 19:43 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-12-11 17:43 --------- d-----w C:\Documents and Settings\Administrator\Application Data\.purple
2007-12-08 17:48 --------- d-----w C:\Program Files\Macrogaming
2007-12-08 16:25 --------- d-----w C:\Program Files\FlashGet
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-04 07:59 972,072 ----a-w C:\WINDOWS\UNRecode.exe
2007-12-04 00:41 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-12-03 16:04 95,600 ----a-w C:\WINDOWS\system32\NeroCo.dll
2007-12-02 16:10 --------- d-----w C:\Program Files\FLVPlayer
2007-12-02 16:05 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2007-12-02 16:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2007-12-02 03:18 --------- d-----w C:\Program Files\Winamp Remote
2007-12-02 03:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
2007-12-02 00:49 --------- d-----w C:\Program Files\CDex_150
2007-11-30 20:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2007-11-28 19:40 --------- d-----w C:\Program Files\SopCast
2007-11-27 17:41 --------- d-----w C:\Documents and Settings\Agapi-Vasilis\Application Data\SopCast
2007-11-22 01:46 --------- d-----w C:\Program Files\VP Suite 3.1
2007-11-21 23:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-11-21 15:31 132,904 ----a-w C:\WINDOWS\system32\drivers\imagesrv.sys
2007-11-21 15:31 11,304 ----a-w C:\WINDOWS\system32\drivers\imagedrv.sys
2007-10-21 23:19 102,912 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
2007-10-21 23:19 1,316,352 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
2007-10-21 23:13 83,968 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
2007-10-21 23:13 1,316,352 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
2007-10-21 23:08 338,944 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
2007-10-21 23:08 1,316,352 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
2007-10-21 23:05 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE
2007-10-21 09:39 439,808 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
2007-10-21 09:39 1,306,112 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
2007-10-20 20:46 80,384 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2007-10-20 20:46 1,306,112 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
2007-10-19 21:02 1,279,488 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2007-09-25 09:00 340,992 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2007-09-25 09:00 1,252,864 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
.
((((((((((((((((((((((((((((( snapshot@2008-01-18_21.33.39.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-19 12:41:28 7,680 ----a-w C:\WINDOWS\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-01-19 12:41:23 12,288 ----a-w C:\WINDOWS\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-01-19 12:41:29 33,792 ----a-w C:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-01-19 12:41:33 7,168 ----a-w C:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-01-19 12:41:29 32,768 ----a-w C:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-01-19 12:41:29 4,608 ----a-w C:\WINDOWS\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-01-19 12:41:29 26,112 ----a-w C:\WINDOWS\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-01-19 12:41:24 716,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-01-19 12:41:23 28,672 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-01-19 12:41:24 299,008 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-01-19 12:41:24 6,144 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
+ 2008-01-19 12:41:23 11,264 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-01-19 12:41:22 32,768 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-01-19 12:41:23 6,656 ----a-w C:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-01-19 12:41:30 1,564,672 ----a-w C:\WINDOWS\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll
+ 2008-01-19 12:41:33 32,768 ----a-w C:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2008-01-19 12:41:30 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-01-19 12:41:34 299,008 ----a-w C:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-01-19 12:41:30 1,290,240 ----a-w C:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2008-01-19 12:41:30 1,699,840 ----a-w C:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-01-19 12:41:30 86,016 ----a-w C:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-01-19 12:41:30 65,536 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-01-19 12:41:31 466,944 ----a-w C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-01-19 12:41:30 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-01-19 12:41:30 64,000 ----a-w C:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2008-01-19 12:41:31 368,640 ----a-w C:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-01-19 12:41:31 241,664 ----a-w C:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-01-19 12:41:31 323,584 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-01-19 12:41:31 131,072 ----a-w C:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-01-19 12:41:32 77,824 ----a-w C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-01-19 12:41:32 126,976 ----a-w C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-01-19 12:41:34 819,200 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-01-19 12:41:32 57,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-01-19 12:41:32 569,344 ----a-w C:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-01-19 12:41:32 1,245,184 ----a-w C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-01-19 12:41:33 2,039,808 ----a-w C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-01-19 12:41:33 1,335,296 ----a-w C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.Xml.dll
+ 2008-01-19 12:41:31 1,216,512 ----a-w C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-01-19 12:41:59 61,440 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_66699487\CustomMarshalers.dll
+ 2008-01-19 12:42:02 3,289,088 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ed7eebf4\mscorlib.dll
+ 2008-01-19 12:42:07 1,462,272 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_3d839d7e\System.Design.dll
+ 2008-01-19 12:42:11 90,112 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_416ded5a\System.Drawing.Design.dll
+ 2008-01-19 12:42:12 835,584 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_bdc02d47\System.Drawing.dll
+ 2008-01-19 12:42:15 2,994,176 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_cd647297\System.Windows.Forms.dll
+ 2008-01-19 12:42:19 2,076,672 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_41a59734\System.Xml.dll
+ 2008-01-19 12:42:10 1,929,216 ----a-w C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_0263a15c\System.dll
+ 2006-03-20 13:34:42 24,576 ----a-w C:\WINDOWS\Downloaded Program Files\dwusplay.dll
+ 2006-03-20 13:34:42 196,608 ----a-w C:\WINDOWS\Downloaded Program Files\dwusplay.exe
+ 2006-03-20 13:34:52 484,272 ----a-w C:\WINDOWS\Downloaded Program Files\isusweb.dll
- 2008-01-18 19:23:56 1,417,216 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000001\NTUSER.DAT
+ 2008-01-20 12:45:26 1,417,216 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000001\NTUSER.DAT
- 2008-01-18 19:23:56 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000002\UsrClass.dat
+ 2008-01-20 12:45:26 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000002\UsrClass.dat
- 2008-01-18 19:23:56 1,417,216 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000003\NTUSER.DAT
+ 2008-01-20 12:45:26 1,417,216 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000003\NTUSER.DAT
- 2008-01-18 19:23:56 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000004\UsrClass.dat
+ 2008-01-20 12:45:26 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000004\UsrClass.dat
- 2008-01-18 19:23:56 6,283,264 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000005\NTUSER.DAT
+ 2008-01-20 12:45:26 6,901,760 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000005\NTUSER.DAT
- 2008-01-18 19:23:56 212,992 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000006\UsrClass.dat
+ 2008-01-20 12:45:26 212,992 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000006\UsrClass.dat
+ 2008-01-19 14:25:25 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe
+ 2008-01-19 14:25:26 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat_3D.exe
+ 2008-01-19 14:25:26 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat_Standard.exe
+ 2008-01-19 14:25:26 25,214 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Distiller.exe
+ 2008-01-19 14:25:26 7,278 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_ELEMENTS_DT.exe
+ 2008-01-19 14:25:25 23,558 ----a-r C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
+ 2003-02-21 00:59:44 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll
+ 2003-02-21 01:55:06 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll
+ 2003-02-21 01:02:16 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll
+ 2003-02-21 03:04:20 155,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll
+ 2003-02-21 05:24:08 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll
+ 2003-02-21 03:00:36 98,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\alink.dll
+ 2003-02-20 17:19:42 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2003-02-20 17:19:32 253,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2003-02-20 17:19:22 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll
+ 2003-02-20 17:19:34 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2003-02-20 17:19:38 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2003-02-20 17:19:36 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2002-07-29 09:11:50 219,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll
+ 2003-02-21 05:24:10 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe
+ 2003-02-21 05:24:32 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
+ 2003-02-20 17:09:08 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2003-02-21 08:20:44 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2003-02-21 08:21:00 626,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2003-02-21 05:24:34 12,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll
+ 2003-02-21 05:24:36 33,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll
+ 2003-02-21 02:12:24 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
+ 2003-02-21 08:21:40 524,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
+ 2003-02-20 17:16:32 798,720 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll
+ 2003-02-20 17:06:20 282,624 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-02-21 05:24:38 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExec.exe
+ 2003-02-21 05:24:38 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2003-02-21 05:24:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2003-02-21 05:24:40 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll
+ 2003-02-20 17:09:40 196,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2003-02-21 05:24:42 15,872 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe
+ 2003-02-20 17:22:24 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll
+ 2003-02-21 05:24:44 26,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll
+ 2003-02-21 05:24:52 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe
+ 2003-02-21 05:26:36 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2003-02-21 05:26:38 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2003-02-21 05:24:54 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll
+ 2003-02-21 05:25:02 6,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll
+ 2003-02-21 05:24:58 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll
+ 2003-02-21 05:25:06 11,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2003-02-21 05:25:02 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Microsoft_VsaVb.dll
+ 2003-02-21 05:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2003-02-21 05:25:04 49,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2003-02-21 05:25:06 1,564,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorcfg.dll
+ 2003-02-20 17:09:12 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2003-02-20 17:09:12 233,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2003-02-20 17:09:14 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2003-02-20 17:06:32 311,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2003-02-20 17:09:16 98,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2003-02-21 05:26:34 2,088,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2003-02-20 16:43:52 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll
+ 2003-02-20 17:06:34 65,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll
+ 2003-02-20 17:09:18 143,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2003-02-20 17:09:18 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2003-02-20 17:09:18 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2003-02-20 17:07:34 2,494,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2003-02-20 17:09:24 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscortim.dll
+ 2003-02-20 17:08:32 2,482,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2003-02-21 02:42:22 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
+ 2003-02-20 17:18:34 20,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll
+ 2003-02-20 16:43:36 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MUI\
0409\mscorsecr.dll
+ 2003-02-20 17:09:46 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen.exe
+ 2003-02-20 17:09:30 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2003-02-21 05:25:24 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe
+ 2003-02-21 05:26:46 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2003-02-21 05:25:30 12,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe
+ 2003-02-20 17:09:34 253,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\shfusion.dll
+ 2003-02-20 17:09:34 122,880 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\shfusres.dll
+ 2003-02-20 17:09:34 319,488 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2003-02-21 05:26:38 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll
+ 2003-02-21 05:26:38 1,290,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2003-02-21 05:25:42 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2003-02-21 05:26:42 1,699,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2003-02-21 05:26:44 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2003-02-21 05:26:46 1,216,512 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2003-02-21 05:26:48 65,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll
+ 2003-02-21 05:26:50 466,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2003-02-21 05:26:50 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2003-02-20 17:09:36 64,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2003-02-21 05:26:52 368,640 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2003-02-21 05:26:54 241,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2003-02-21 05:26:56 323,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2003-02-21 05:26:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2003-02-21 05:26:58 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2003-02-21 05:27:00 126,976 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2003-02-21 05:27:02 1,245,184 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2003-02-21 05:27:06 819,200 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2003-02-21 05:24:18 57,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2003-02-21 05:27:06 569,344 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
+ 2003-02-21 05:27:08 2,039,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2003-02-21 05:27:10 1,335,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2003-02-21 08:20:38 737,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2003-02-21 03:04:18 1,032,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2003-02-20 18:10:40 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2006-09-29 04:56:38 28,248 ----a-r C:\WINDOWS\system32\AdobePDF.dll
+ 2008-01-19 01:13:04 10,752 ----a-w C:\WINDOWS\system32\BASSMOD.dll
- 2007-12-03 11:17:33 264,616 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-01-19 16:33:16 269,392 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2003-02-20 16:43:36 4,096 ----a-w C:\WINDOWS\system32\mui\
0409\mscoreer.dll
- 2007-11-13 12:02:23 59,576 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-01-19 12:41:52 63,266 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-11-13 12:02:24 395,336 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-01-19 12:41:52 403,664 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2006-10-22 21:37:38 24,456 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\ADREGP.DLL
+ 2006-10-22 21:37:52 190,072 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\ADUIGP.DLL
- 2006-11-06 22:55:04 106,256 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\ps5ui.dll
+ 2003-05-05 14:47:20 129,024 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\Ps5ui.dll
- 2006-11-06 22:55:05 383,248 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\pscript5.dll
+ 2003-05-05 14:47:20 455,168 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL
+ 2006-10-22 21:37:38 24,456 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\ADReGP.dll
+ 2006-10-22 21:37:52 190,072 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\ADUIGP.DLL
- 2006-11-06 22:55:04 106,256 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\ps5ui.dll
+ 2003-05-05 14:47:20 129,024 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\PS5UI.DLL
- 2006-11-06 22:55:05 383,248 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\pscript5.dll
+ 2003-05-05 14:47:20 455,168 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\PSCRIPT5.DLL
+ 2003-02-21 03:16:08 49,152 ----a-w C:\WINDOWS\system32\URTTEMP\regtlib.exe
+ 2008-01-20 12:35:38 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6c4.dat
+ 2006-06-05 13:47:40 1,093,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfc80.dll
+ 2006-06-05 13:47:48 1,080,320 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfc80u.dll
+ 2006-06-05 13:47:50 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfcm80.dll
+ 2006-06-05 13:47:50 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\mfcm80u.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 14:00 15360]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 19:10 1688872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 23:43 8466432]
"nwiz"="nwiz.exe" [2007-06-28 23:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2006-06-18 16:54 968696]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-28 23:43 81920]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 14:21 2213160]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 16:34 213936]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24 620152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-02-28 14:00 15360]
C:\Documents and Settings\Agapi-Vasilis\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AAWTray]
--a------ 2007-08-30 12:19 87392 C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-26 23:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-09-26 13:42 267064 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 12.0]
--a------ 2007-03-28 19:41 2037352 C:\Program Files\Norton Ghost\Agent\VProTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2006-11-06 10:27 200704 C:\Program Files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 05:24 286720 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
-ra------ 2005-06-20 15:42 77824 C:\WINDOWS\SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2007-11-30 14:05 1266936 C:\Program Files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2006-03-30 15:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-12-20 17:16 37376 C:\Program Files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"aawservice"=2 (0x2)
"odserv"=3 (0x3)
"Norton Ghost"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"IDriverT"=3 (0x3)
"Adobe LM Service"=3 (0x3)
S2 LogWatch;Event Log Watch;C:\WINDOWS\LogWatNT.exe [2003-01-17 17:47]
S3 wampapache;wampapache;"c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe" [2007-09-05 08:59]
S3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe wampmysqld []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\Shell\AutoRun\command - H:\setup.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-01-18 18:28:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-08 11:09:00 C:\WINDOWS\Tasks\Uniblue SpyEraser Nag.job"
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
"2007-11-08 11:06:59 C:\WINDOWS\Tasks\Uniblue SpyEraser.job"
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-01-20 14:57:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-20 14:58:23
ComboFix-quarantined-files.txt 2008-01-20 12:58:15
ComboFix2.txt 2008-01-18 19:33:56