i dont know if this means anything, but right before combofix rebooted my computer, a "this application failed to initialize" window popped up, and the application was "catchme.something" i didnt have time to read the file type. but anyway, heres the new log:
ComboFix 09-02-12.03 - TJ ARMSTRONG 2009-02-15 12:00:24.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1982.1396 [GMT -5:00]
Running from: c:\users\TJ ARMSTRONG\Desktop\combifax.exe
Command switches used :: c:\users\TJ ARMSTRONG\Desktop\CFScript.txt
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\oddbox
c:\oddbox\Quarantine.txt
c:\program files\BitTorrent
c:\program files\BitTorrent\bittorrent.exe
c:\program files\BitTorrent\BitTorrentIE.2.dll
c:\program files\BitTorrent\uninst.exe
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll
c:\program files\LimeWire
c:\program files\LimeWire\lib\aopalliance.jar
c:\program files\LimeWire\lib\clink.jar
c:\program files\LimeWire\lib\commons-httpclient.jar
c:\program files\LimeWire\lib\commons-logging.jar
c:\program files\LimeWire\lib\commons-net.jar
c:\program files\LimeWire\lib\commons-pool.jar
c:\program files\LimeWire\lib\daap.jar
c:\program files\LimeWire\lib\forms.jar
c:\program files\LimeWire\lib\foxtrot.jar
c:\program files\LimeWire\lib\gettext-commons.jar
c:\program files\LimeWire\lib\guice-1.0.jar
c:\program files\LimeWire\lib\httpcore-nio.jar
c:\program files\LimeWire\lib\httpcore.jar
c:\program files\LimeWire\lib\icu4j.jar
c:\program files\LimeWire\lib\id3v2.jar
c:\program files\LimeWire\lib\jcraft.jar
c:\program files\LimeWire\lib\jdic.dll
c:\program files\LimeWire\lib\jdic.jar
c:\program files\LimeWire\lib\jdic_stub.jar
c:\program files\LimeWire\lib\jflac.jar
c:\program files\LimeWire\lib\jl.jar
c:\program files\LimeWire\lib\jmdns.jar
c:\program files\LimeWire\lib\jogg.jar
c:\program files\LimeWire\lib\jorbis.jar
c:\program files\LimeWire\lib\LimeWire.jar
c:\program files\LimeWire\lib\log4j.jar
c:\program files\LimeWire\lib\looks.jar
c:\program files\LimeWire\lib\messages.jar
c:\program files\LimeWire\lib\mp3spi.jar
c:\program files\LimeWire\lib\ProgressTabs.jar
c:\program files\LimeWire\lib\swt.jar
c:\program files\LimeWire\lib\SystemUtilities.dll
c:\program files\LimeWire\lib\themes.jar
c:\program files\LimeWire\lib\tray.dll
c:\program files\LimeWire\lib\tritonus.jar
c:\program files\LimeWire\lib\vorbisspi.jar
c:\program files\LimeWire\LimeWire.exe
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\.NetworkShare\LimeWireWin4.16.6.exe
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\.NetworkShare\teams.txt
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\414splashfree.png
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\createtimes.cache
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\fileurns.bak
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\fileurns.cache
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\filters.props
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\gnutella.net
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\installation.props
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\library.dat
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\limewire.props
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\mojito.props
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\questions.props
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\responses.cache
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\simpp.xml
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\spam.dat
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\tables.props
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme.lwtp
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\
01_star.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\
02_star.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\
03_star.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\
04_star.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\
05_star.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\chat.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\forward_dn.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\forward_up.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\kill.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\kill_on.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\logo.png
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\notsearching.png
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\pause_dn.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\pause_up.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\play_dn.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\play_up.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\question.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\rewind_dn.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\rewind_up.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\searching.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\splash.png
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\splashpro.png
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\stop_dn.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\stop_up.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\theme.txt
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\version.txt
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\themes\windows_theme\warning.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\ttree.cache
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\ttrees.cache
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\ttroot.cache
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\version.xml
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\data\delete_me
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\misc\application.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\misc\audio.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\misc\document.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\misc\image.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\misc\video.gif
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\schemas\application.xsd
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\schemas\audio.xsd
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\schemas\document.xsd
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\schemas\image.xsd
c:\users\TJ ARMSTRONG\AppData\Roaming\LimeWire\xml\schemas\video.xsd
c:\windows\system32\drivers\seneka.sys
c:\windows\System32\drivers\senekactlyqdrl.sys
c:\windows\System32\senekagepxjfxd.dat
c:\windows\system32\senekapop.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_seneka
((((((((((((((((((((((((( Files Created from 2009-01-15 to 2009-02-15 )))))))))))))))))))))))))))))))
.
2009-02-11 16:55 . 2009-01-14 22:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 16:55 . 2009-01-15 01:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-01 01:06 . 2009-02-01 01:06 <DIR> d-------- c:\program files\Curse
2009-01-30 23:57 . 2009-01-30 23:57 <DIR> d-------- c:\users\All Users\WindowsSearch
2009-01-30 23:57 . 2009-01-30 23:57 <DIR> d-------- c:\programdata\WindowsSearch
2009-01-30 22:30 . 2009-01-31 12:23 <DIR> d-------- c:\users\Public\Games
2009-01-30 22:30 . 2009-01-30 22:30 <DIR> d-------- c:\users\All Users\Blizzard
2009-01-30 22:30 . 2009-01-30 22:30 <DIR> d-------- c:\programdata\Blizzard
2009-01-27 22:51 . 2009-01-27 22:51 <DIR> d-------- c:\users\All Users\Avira
2009-01-27 22:51 . 2009-01-27 22:51 <DIR> d-------- c:\programdata\Avira
2009-01-27 22:51 . 2009-01-27 22:51 <DIR> d-------- c:\program files\Avira
2009-01-27 21:56 . 2009-01-28 17:45 <DIR> d--hs---- c:\users\TJ ARMSTRONG\AppData\Roaming\twain32
2009-01-27 21:48 . 2009-02-03 07:32 97,802,174 --a------ c:\windows\MEMORY.DMP
2009-01-26 23:28 . 2009-01-26 23:28 <DIR> d-------- c:\users\TJ ARMSTRONG\Program Files
2009-01-26 19:32 . 2009-01-26 21:20 139,264 --a------ c:\windows\War3Unin.exe
2009-01-26 19:32 . 2009-01-26 21:20 55,187 --a------ c:\windows\War3Unin.dat
2009-01-26 19:32 . 2009-01-26 21:20 2,829 --a------ c:\windows\War3Unin.pif
2009-01-26 19:30 . 2009-02-09 23:43 <DIR> d-------- c:\program files\Warcraft III
2009-01-26 17:00 . 2009-01-27 21:58 <DIR> d-------- c:\users\TJ ARMSTRONG\AppData\Roaming\DNA
2009-01-22 07:44 . 2009-01-22 07:44 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-01-19 20:24 . 2008-05-08 16:59 180,224 --a------ c:\windows\System32\scrobj.dll
2009-01-19 20:24 . 2008-05-08 16:59 172,032 --a------ c:\windows\System32\scrrun.dll
2009-01-19 20:24 . 2008-05-08 16:58 135,168 --a------ c:\windows\System32\cscript.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-15 08:00 --------- d-----w c:\program files\Windows Mail
2009-02-14 17:21 13,354 ----a-w c:\users\TJ ARMSTRONG\AppData\Roaming\nvModes.dat
2009-02-12 12:46 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-11 22:00 --------- d-----w c:\programdata\Symantec
2009-02-11 21:59 --------- d-----w c:\program files\Symantec
2009-01-31 11:00 --------- d-----w c:\program files\Common Files\Blizzard Entertainment
2009-01-31 06:22 --------- d-----w c:\program files\World of Warcraft
2009-01-31 03:03 --------- d-----w c:\program files\Common Files\Adobe
2009-01-31 01:47 --------- d-----w c:\program files\Silkroad
2009-01-31 01:29 --------- d-----w c:\program files\NCSoft
2009-01-27 00:39 --------- d-----w c:\programdata\Roxio
2009-01-17 09:09 174 --sha-w c:\program files\desktop.ini
2009-01-08 12:24 --------- d-----w c:\program files\Cheat Engine
2008-12-18 12:41 410,984 ----a-w c:\windows\System32\deploytk.dll
2008-12-18 12:41 --------- d-----w c:\program files\Java
2008-12-16 02:42 288,768 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-07 22:21 82,432 ----a-w c:\windows\System32\axaltocm.dll
2008-12-07 22:21 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2008-04-20 21:59 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-04-20 21:59 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-04-20 21:59 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\TJ ARMSTRONG\AppData\Roaming\twain32 ----
2009-01-28 17:45 35150 --a------ c:\users\TJ ARMSTRONG\AppData\Roaming\twain32\local.ds
2009-01-27 21:57 0 --a------ c:\users\TJ ARMSTRONG\AppData\Roaming\twain32\user.ds
((((((((((((((((((((((((((((( SnapShot@2009-02-13_16.08.36.78 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-15 17:00:12 6,438,912 ----a-w c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
+ 2005-10-21 01:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2009-02-15 17:02:46 6,438,912 ----a-w c:\windows\ERDNT\subs\SCHEMA.DAT
- 2009-02-13 21:04:48 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2009-02-15 17:04:52 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2009-02-13 21:04:48 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2009-02-15 17:04:52 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2009-02-13 20:56:37 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-15 15:47:51 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-02-13 20:56:37 81,920 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-15 15:47:51 81,920 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-13 20:56:37 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-15 15:47:51 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-10-16 04:47:29 6,068,736 ----a-w c:\windows\System32\ieframe.dll
+ 2009-01-15 06:07:53 6,069,248 ----a-w c:\windows\System32\ieframe.dll
- 2008-10-16 04:47:29 270,336 ----a-w c:\windows\System32\iertutil.dll
+ 2009-01-15 06:07:53 270,336 ----a-w c:\windows\System32\iertutil.dll
- 2008-10-16 04:47:30 28,160 ----a-w c:\windows\System32\jsproxy.dll
+ 2009-01-15 06:08:05 28,160 ----a-w c:\windows\System32\jsproxy.dll
- 2009-01-09 22:35:30 20,853,704 ----a-w c:\windows\System32\mrt.exe
+ 2009-02-12 04:56:17 21,244,872 ----a-w c:\windows\System32\mrt.exe
- 2008-01-19 07:34:58 458,240 ----a-w c:\windows\System32\msfeeds.dll
+ 2009-01-15 06:08:34 458,240 ----a-w c:\windows\System32\msfeeds.dll
- 2008-12-12 05:52:52 3,578,880 ----a-w c:\windows\System32\mshtml.dll
+ 2009-01-15 06:08:35 3,580,416 ----a-w c:\windows\System32\mshtml.dll
- 2008-10-16 04:47:32 671,232 ----a-w c:\windows\System32\mstime.dll
+ 2009-01-15 06:08:50 671,232 ----a-w c:\windows\System32\mstime.dll
- 2009-02-13 21:03:35 101,350 ----a-w c:\windows\System32\perfc009.dat
+ 2009-02-15 08:14:51 101,350 ----a-w c:\windows\System32\perfc009.dat
- 2009-02-13 21:03:35 595,684 ----a-w c:\windows\System32\perfh009.dat
+ 2009-02-15 08:14:51 595,684 ----a-w c:\windows\System32\perfh009.dat
- 2009-02-11 22:00:54 6,553,600 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-02-15 17:02:46 6,438,912 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2008-10-16 04:47:34 1,166,336 ----a-w c:\windows\System32\urlmon.dll
+ 2009-01-15 06:11:05 1,166,336 ----a-w c:\windows\System32\urlmon.dll
- 2009-02-13 20:58:49 7,436 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3558910601-4160562679-851209434-1000_UserData.bin
+ 2009-02-13 21:06:26 7,656 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3558910601-4160562679-851209434-1000_UserData.bin
- 2009-02-13 20:58:48 58,314 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-02-13 21:06:14 58,386 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-02-13 21:03:28 2,470 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-02-15 08:07:17 2,470 ----a-w c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2009-02-13 20:58:46 36,524 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-02-13 21:06:13 36,778 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-02-13 12:18:57 219,828 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-02-15 06:39:38 222,068 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-02-11 21:54:07 162,250,160 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-02-15 08:00:21 162,402,990 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2009-01-15 04:15:58 124,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16809_none_a9ee2d39f5a1db5c\advpack.dll
+ 2009-01-15 04:14:44 124,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.20996_none_aa1379db0f0b2a9a\advpack.dll
+ 2009-01-15 04:16:02 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16809_none_ebe936e9163ac15b\pngfilt.dll
+ 2009-01-15 04:18:35 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.20996_none_ec0e838a2fa41099\pngfilt.dll
+ 2009-01-15 04:16:03 1,160,192 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16809_none_b305df9bd99b38bf\urlmon.dll
+ 2009-01-15 04:19:06 1,163,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.20996_none_b32b2c3cf30487fd\urlmon.dll
+ 2009-01-15 06:11:05 1,166,336 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18203_none_b4e61c85d6c731a6\urlmon.dll
+ 2009-01-16 04:59:50 1,166,848 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22355_none_b53baa48f00b8fd3\urlmon.dll
+ 2009-01-15 04:16:01 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16809_none_dee86e647f43f82e\mstime.dll
+ 2009-01-15 04:17:12 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.20996_none_df0dbb0598ad476c\mstime.dll
+ 2009-01-15 06:08:50 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18203_none_e0c8ab4e7c6ff115\mstime.dll
+ 2009-01-16 04:57:07 671,232 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22355_none_e11e391195b44f42\mstime.dll
+ 2009-01-15 04:16:00 27,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\jsproxy.dll
+ 2009-01-15 04:16:03 826,368 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\wininet.dll
+ 2009-01-15 04:16:03 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16809_none_000bbb3da4a45f52\WininetPlugin.dll
+ 2009-01-15 04:16:04 27,648 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\jsproxy.dll
+ 2009-01-15 04:19:13 827,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\wininet.dll
+ 2009-01-15 04:19:13 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20996_none_003107debe0dae90\WininetPlugin.dll
+ 2009-01-15 06:08:05 28,160 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\jsproxy.dll
+ 2009-01-15 06:11:16 827,392 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18203_none_01ebf827a1d05839\wininet.dll
+ 2009-01-16 04:56:01 28,160 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\jsproxy.dll
+ 2009-01-16 05:00:04 827,904 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\wininet.dll
+ 2009-01-16 05:00:04 64,512 ----a-w c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22355_none_024185eabb14b666\WininetPlugin.dll
+ 2009-01-15 04:16:00 383,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16809_none_f9b4de176e8fd9a5\ieapfltr.dll
+ 2009-01-15 04:15:42 380,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20996_none_f9da2ab887f928e3\ieapfltr.dll
+ 2009-01-15 04:15:59 347,136 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16809_none_95e916cf84755fd3\dxtmsft.dll
+ 2009-01-15 04:15:59 214,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16809_none_95e916cf84755fd3\dxtrans.dll
+ 2009-01-15 04:15:22 347,136 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20996_none_960e63709ddeaf11\dxtmsft.dll
+ 2009-01-15 04:15:22 214,528 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.20996_none_960e63709ddeaf11\dxtrans.dll
+ 2009-01-15 04:16:00 459,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.16809_none_5e09520c3d47b20a\msfeeds.dll
+ 2009-01-15 04:16:41 459,264 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.20996_none_5e2e9ead56b10148\msfeeds.dll
+ 2009-01-15 06:08:34 458,240 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.18203_none_5fe98ef63a73aaf1\msfeeds.dll
+ 2009-01-16 04:56:39 458,240 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.22355_none_603f1cb953b8091e\msfeeds.dll
+ 2009-01-15 04:16:00 477,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16809_none_464bb12746361260\mshtmled.dll
+ 2009-01-15 04:16:46 477,696 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.20996_none_4670fdc85f9f619e\mshtmled.dll
+ 2009-01-15 04:16:00 3,594,752 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16809_none_1165da5c24fac888\mshtml.dll
+ 2009-01-15 04:16:45 3,596,288 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.20996_none_118b26fd3e6417c6\mshtml.dll
+ 2009-01-15 06:08:35 3,580,416 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18203_none_134617462226c16f\mshtml.dll
+ 2009-01-16 04:56:43 3,580,928 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22355_none_139ba5093b6b1f9c\mshtml.dll
+ 2009-01-15 04:16:00 63,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16809_none_58be4726670f5491\icardie.dll
+ 2009-01-15 04:15:42 63,488 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.20996_none_58e393c78078a3cf\icardie.dll
+ 2009-01-15 04:15:30 26,624 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\ieUnatt.exe
+ 2009-01-15 04:14:36 634,024 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16809_none_2d84c7c91ccfce35\iexplore.exe
+ 2009-01-15 02:05:46 26,624 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\ieUnatt.exe
+ 2009-01-15 04:18:47 634,024 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20996_none_2daa146a36391d73\iexplore.exe
+ 2009-01-15 04:16:00 267,776 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16809_none_45c672198f557daf\iertutil.dll
+ 2009-01-15 04:16:02 134,144 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16809_none_45c672198f557daf\sqmapi.dll
+ 2009-01-15 04:15:44 267,776 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20996_none_45ebbebaa8becced\iertutil.dll
+ 2009-01-15 04:18:57 134,144 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.20996_none_45ebbebaa8becced\sqmapi.dll
+ 2009-01-15 06:07:53 270,336 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18203_none_47a6af038c817696\iertutil.dll
+ 2009-01-16 04:55:51 270,848 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22355_none_47fc3cc6a5c5d4c3\iertutil.dll
+ 2009-01-16 04:59:31 129,536 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22355_none_47fc3cc6a5c5d4c3\sqmapi.dll
+ 2009-01-15 04:15:30 70,656 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16809_none_c3f37ce4614a96da\ie4uinit.exe
+ 2009-01-15 04:16:00 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16809_none_c3f37ce4614a96da\iernonce.dll
+ 2009-01-15 04:16:00 56,320 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16809_none_c3f37ce4614a96da\iesetup.dll
+ 2009-01-15 02:05:40 70,656 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20996_none_c418c9857ab3e618\ie4uinit.exe
+ 2009-01-15 04:15:44 44,544 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20996_none_c418c9857ab3e618\iernonce.dll
+ 2009-01-15 04:15:44 56,320 ----a-w c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.20996_none_c418c9857ab3e618\iesetup.dll
+ 2009-01-15 04:16:00 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16809_none_2a18935467fa6c37\iebrshim.dll
+ 2009-01-15 04:15:42 52,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.20996_none_2a3ddff58163bb75\iebrshim.dll
+ 2009-01-15 04:16:00 6,066,688 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16809_none_62c5345fb0f056b5\ieframe.dll
+ 2009-01-15 04:16:00 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16809_none_62c5345fb0f056b5\ieui.dll
+ 2009-01-15 04:15:44 6,068,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20996_none_62ea8100ca59a5f3\ieframe.dll
+ 2009-01-15 04:15:44 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.20996_none_62ea8100ca59a5f3\ieui.dll
+ 2009-01-15 06:07:53 6,069,248 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18203_none_64a57149ae1c4f9c\ieframe.dll
+ 2009-01-16 04:55:51 6,070,784 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22355_none_64faff0cc760adc9\ieframe.dll
+ 2009-01-16 04:55:51 180,736 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22355_none_64faff0cc760adc9\ieui.dll
+ 2009-01-15 04:15:30 263,168 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16809_none_e6bea0de9473aaed\ieinstal.exe
+ 2009-01-15 02:05:59 263,168 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.20996_none_e6e3ed7faddcfa2b\ieinstal.exe
+ 2009-01-15 04:15:30 301,568 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16809_none_0b66d5fad6ee6a9f\ieuser.exe
+ 2009-01-15 02:06:01 301,568 ----a-w c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.20996_none_0b8c229bf057b9dd\ieuser.exe
+ 2009-01-09 23:21:31 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16808_none_f0a9e19a6e4c873c\OESpamFilter.dat
+ 2009-01-08 23:21:51 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20995_none_f0cf2e3b87b5d67a\OESpamFilter.dat
+ 2009-01-08 23:21:09 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18202_none_f28a1e846b788023\OESpamFilter.dat
+ 2009-01-08 23:21:04 2,410,800 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22353_none_f2deabfd84bdc4f9\OESpamFilter.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"EPSON Stylus CX7400 Series (Copy 1)"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATICDA.EXE" [2007-02-15 179200]
"CurseClient"="c:\program files\Curse\CurseClient.exe" [2008-10-10 4789760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-12-02 167936]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2006-12-04 46704]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2006-10-18 317152]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2006-10-18 472800]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-18 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-03-22 185896]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-11-27 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-11-27 7757824]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-11-27 81920]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List]
"c:\\Program Files\\NCsoft\\Exteel\\System\\Exteel.exe"= c:\program files\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{426245FF-FD86-44A1-808F-6C65F78EB0F6}"= UDP:c:\program files\HP\QuickPlay\QP.exe:QP
"{5102BC89-BB9B-476D-A72D-6D8C72515009}"= TCP:c:\program files\HP\QuickPlay\QP.exe:QP
"{298FAB4F-536D-4FC5-B474-71842BE4A921}"= c:\program files\Compaq Connections\3572475\Program\Compaq Connections:Compaq Connections
"{B5AED527-A53D-44EF-A5CB-5763FD79DC7C}"= UDP:c:\program files\Compaq Connections\3572475\Program\Compaq Connections.exe:Compaq Connections
"{8ED81263-017D-4E79-B622-77341D771807}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{9AC08782-A6FC-4B0E-8756-0D177BC4952A}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{DFE2EC3F-F81A-4A35-AAFD-B9588DE3AB14}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{96793B7B-DC7E-466E-A987-5C3C4AAAA853}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{0381F178-CC1A-43A4-AA5B-6F1B9AE9F9E2}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{E2E329B1-A53F-41CF-8394-1CD945620BFA}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{8D4F6724-D07D-4935-9327-FCB965266A1C}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{E2417725-34DC-4710-95EC-EEE2779AB801}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{4D148BDB-1523-4C24-9EF1-C06054061C22}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{54040D5F-7A35-400D-9CFA-E2591C3E5DF0}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{551D91B1-2CD1-459E-AA3B-E734958FB583}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{A109D7F6-9AC7-40EA-B8DD-D868323C2E47}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{47B38B73-354A-4290-9178-E9816961E4D2}"= UDP:c:\program files\Curse\CurseClient.exe:Curse Client
"{2199A966-BA74-499F-95E2-6F534EDC98B2}"= TCP:c:\program files\Curse\CurseClient.exe:Curse Client
"TCP Query User{11CD4A69-F24D-409F-AB97-D9DF3211C8BD}c:\\program files\\curse\\curseclient.exe"= UDP:c:\program files\curse\curseclient.exe:CurseClient
"UDP Query User{37889709-913F-4701-97FE-68F17B2FE26B}c:\\program files\\curse\\curseclient.exe"= TCP:c:\program files\curse\curseclient.exe:CurseClient
"TCP Query User{BD90144D-AD63-4337-91F0-B5F62988A704}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= UDP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
"UDP Query User{6760BF8C-935D-4F54-955D-E08FE8F4BEC4}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= TCP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= c:\program files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"c:\\Program Files\\NCsoft\\Exteel\\System\\Exteel.exe"= c:\program files\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-12-17 24652]
.
.
------- Supplementary Scan -------
.
mStart Page =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptopIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\TJ ARMSTRONG\AppData\Roaming\Mozilla\Firefox\Profiles\ih8vumjq.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com/ 1 file(s) moved.
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\users\TJ ARMSTRONG\Program Files\DNA\plugins\npbtdna.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-02-15 12:04:55
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(1084)
c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\System32\rundll32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\progra~1\HEWLET~1\Shared\HPQTOA~1.EXE
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\System32\wbem\WMIADAP.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2009-02-15 12:09:52 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-15 17:09:45
ComboFix2.txt 2009-02-13 21:10:12
Pre-Run: 40,628,260,864 bytes free
Post-Run: 40,429,875,200 bytes free
430 --- E O F --- 2009-02-15 08:01:59