Tech Support Forum - View Single Post - DSS wont complete-viruses,trojan downloaders and popups

hybritical · 10-05-2007, 05:31 PM

Nope, it didn't error this time or the last time...and I haven't gotten any popups in awhile.

ComboFix 07-10-05.3 - Owner 2007-10-05 19:19:25.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.104 [GMT -4:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Owner\Desktop\CFScript.txt
* Created a new restore point

FILE::
C:\WINDOWS\5bydbzjy.exe
C:\WINDOWS\system32\awtqrpn.dll
C:\WINDOWS\system32\ppqss.bak1
C:\WINDOWS\system32\ppqss.bak2
C:\WINDOWS\system32\ppqss.ini2
C:\WINDOWS\System32\simYr384.exe
C:\WINDOWS\system32\ssqpp.dll
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\5bydbzjy.exe
C:\WINDOWS\system32\awtqrpn.dll
C:\WINDOWS\system32\ppqss.bak1
C:\WINDOWS\system32\ppqss.bak2
C:\WINDOWS\system32\ppqss.ini2
C:\WINDOWS\system32\ssqpp.dll
C:\WINDOWS\Tasks\At1.job
C:\WINDOWS\Tasks\At10.job
C:\WINDOWS\Tasks\At11.job
C:\WINDOWS\Tasks\At12.job
C:\WINDOWS\Tasks\At13.job
C:\WINDOWS\Tasks\At14.job
C:\WINDOWS\Tasks\At15.job
C:\WINDOWS\Tasks\At16.job
C:\WINDOWS\Tasks\At17.job
C:\WINDOWS\Tasks\At18.job
C:\WINDOWS\Tasks\At19.job
C:\WINDOWS\Tasks\At2.job
C:\WINDOWS\Tasks\At20.job
C:\WINDOWS\Tasks\At21.job
C:\WINDOWS\Tasks\At22.job
C:\WINDOWS\Tasks\At23.job
C:\WINDOWS\Tasks\At24.job
C:\WINDOWS\Tasks\At3.job
C:\WINDOWS\Tasks\At4.job
C:\WINDOWS\Tasks\At5.job
C:\WINDOWS\Tasks\At6.job
C:\WINDOWS\Tasks\At7.job
C:\WINDOWS\Tasks\At8.job
C:\WINDOWS\Tasks\At9.job

.
((((((((((((((((((((((((( Files Created from 2007-09-05 to 2007-10-05 )))))))))))))))))))))))))))))))
.

2007-10-05 14:34 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-10-05 14:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-05 12:35 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-04 22:52 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-04 16:50 <DIR> d-------- C:\Deckard
2007-10-04 16:39 <DIR> d-------- C:\ie-spyad_zo
2007-10-04 16:14 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-10-04 00:50 <DIR> d-------- C:\WINDOWS\system32\ActiveScan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-04 02:03 --------- d-------- C:\Program Files\Google
2007-09-22 00:57 --------- d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2007-09-10 19:25 --------- dr-h----- C:\Documents and Settings\Owner\Application Data\yahoo!
2007-09-06 01:45 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-09-05 21:44 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-09-05 21:40 --------- d-------- C:\Program Files\Yahoo!
2007-08-26 12:10 --------- d-------- C:\Program Files\Dell
2007-08-18 18:41 --------- d-------- C:\Program Files\Escape From Paradise
2007-08-14 12:33 --------- d-------- C:\Program Files\America Online 9.0
2007-08-14 12:24 --------- d-------- C:\Documents and Settings\All Users\Application Data\AOL
2007-08-14 12:23 --------- d-------- C:\Program Files\McAfee.com
2007-08-14 12:20 --------- d-------- C:\Program Files\Common Files\aol
2007-08-14 03:14 --------- d-------- C:\Program Files\Webroot
2007-08-14 03:06 --------- d-------- C:\Documents and Settings\Owner\Application Data\Webroot
2007-08-14 03:06 --------- d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2007-08-14 03:06 --------- d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2007-08-14 03:06 --------- d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2007-08-14 03:06 --------- d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2007-08-14 01:49 --------- d-------- C:\Documents and Settings\Owner\Application Data\GetRightToGo
2007-08-13 03:21 --------- d-------- C:\Program Files\AVG2
2007-08-12 13:42 --------- d-------- C:\Program Files\Burger Island
2007-08-10 14:37 --------- d-------- C:\Program Files\DivX
2007-08-10 01:09 --------- d-------- C:\Documents and Settings\All Users\Application Data\Sandlot Games
2007-08-10 01:08 --------- d-------- C:\Program Files\Cake Mania 2
2007-08-09 19:35 --------- d-------- C:\Documents and Settings\Owner\Application Data\Sandlot Games
2007-08-09 19:34 --------- d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2007-08-09 17:47 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-08-09 16:20 682232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-07-19 22:54 1521464 --a------ C:\WINDOWS\WRSetup.dll
.

((((((((((((((((((((((((((((( snapshot@2007-10-05_12.46.18.71 )))))))))))))))))))))))))))))))))))))))))
.
----a-w 40,196 2007-10-05 16:47:39 C:\WINDOWS\system32\perfc009.dat
----a-w 311,934 2007-10-05 16:47:39 C:\WINDOWS\system32\perfh009.dat
----a-w 16,384 2007-10-05 23:12:33 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
----a-w 16,384 2007-10-05 23:12:33 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
----a-w 32,768 2007-10-05 23:12:33 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
----a-w 213,048 2005-05-24 15:27:16 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
----a-w 94,208 2007-09-07 15:29:00 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
----a-w 946,176 2007-09-07 15:29:00 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
.
----a-w 40,196 2007-04-12 23:07:38 C:\WINDOWS\system32\perfc009.dat
----a-w 311,934 2007-04-12 23:07:38 C:\WINDOWS\system32\perfh009.dat
----a-w 16,384 2007-10-05 16:32:17 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
----a-w 16,384 2007-10-05 16:32:17 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
----a-w 32,768 2007-10-05 16:32:17 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85589B5D-D53D-4237-A677-46B82EA275F3}]
C:\WINDOWS\WebAssist.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9815DA81-2E0C-478c-90E4-06E474E704D0}]
C:\Program Files\ISM\BndDrive.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"MCAgentExe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" []
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" []
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" []
"HostManager"="C:\Program Files\Common Files\AOL\1176427498\ee\AOLSoftware.exe" []
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 08:50]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-12 21:27]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-08-13 12:52]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2007-05-08 23:09]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-07-19 22:54]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-07 14:51]
"AOL Fast Start"="C:\Program Files\America Online 9.0\AOL.exe" [2005-07-12 06:17]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"<NO NAME>"=

.
Contents of the 'Scheduled Tasks' folder
"2007-10-05 23:27:03 C:\WINDOWS\Tasks\McAfee.com Update Check (NEW-HARVEST-Owner).job"
- C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-05 19:25:47
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ATWPKT2]
"ImagePath"="\??\C:\WINDOWS\System32\drivers\ATWPKT2.SYS"
.
Completion time: 2007-10-05 19:29:15 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-05 19:28
C:\ComboFix2.txt ... 2007-10-05 14:17
.
--- E O F ---

10-05-2007, 05:31 PM	#9 (permalink)
hybritical Registered User Join Date: Oct 2007 Posts: 28 OS: winxp	Re: DSS wont complete-viruses,trojan downloaders and popups Nope, it didn't error this time or the last time...and I haven't gotten any popups in awhile. ComboFix 07-10-05.3 - Owner 2007-10-05 19:19:25.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.104 [GMT -4:00] Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Owner\Desktop\CFScript.txt * Created a new restore point FILE:: C:\WINDOWS\5bydbzjy.exe C:\WINDOWS\system32\awtqrpn.dll C:\WINDOWS\system32\ppqss.bak1 C:\WINDOWS\system32\ppqss.bak2 C:\WINDOWS\system32\ppqss.ini2 C:\WINDOWS\System32\simYr384.exe C:\WINDOWS\system32\ssqpp.dll C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\5bydbzjy.exe C:\WINDOWS\system32\awtqrpn.dll C:\WINDOWS\system32\ppqss.bak1 C:\WINDOWS\system32\ppqss.bak2 C:\WINDOWS\system32\ppqss.ini2 C:\WINDOWS\system32\ssqpp.dll C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job . ((((((((((((((((((((((((( Files Created from 2007-09-05 to 2007-10-05 ))))))))))))))))))))))))))))))) . 2007-10-05 14:34 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-10-05 14:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2007-10-05 12:35 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-04 22:52 <DIR> d-------- C:\Program Files\Trend Micro 2007-10-04 16:50 <DIR> d-------- C:\Deckard 2007-10-04 16:39 <DIR> d-------- C:\ie-spyad_zo 2007-10-04 16:14 <DIR> d-------- C:\Program Files\SpywareBlaster 2007-10-04 00:50 <DIR> d-------- C:\WINDOWS\system32\ActiveScan . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-04 02:03 --------- d-------- C:\Program Files\Google 2007-09-22 00:57 --------- d-------- C:\Documents and Settings\All Users\Application Data\WinZip 2007-09-10 19:25 --------- dr-h----- C:\Documents and Settings\Owner\Application Data\yahoo! 2007-09-06 01:45 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2007-09-05 21:44 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2007-09-05 21:40 --------- d-------- C:\Program Files\Yahoo! 2007-08-26 12:10 --------- d-------- C:\Program Files\Dell 2007-08-18 18:41 --------- d-------- C:\Program Files\Escape From Paradise 2007-08-14 12:33 --------- d-------- C:\Program Files\America Online 9.0 2007-08-14 12:24 --------- d-------- C:\Documents and Settings\All Users\Application Data\AOL 2007-08-14 12:23 --------- d-------- C:\Program Files\McAfee.com 2007-08-14 12:20 --------- d-------- C:\Program Files\Common Files\aol 2007-08-14 03:14 --------- d-------- C:\Program Files\Webroot 2007-08-14 03:06 --------- d-------- C:\Documents and Settings\Owner\Application Data\Webroot 2007-08-14 03:06 --------- d-------- C:\Documents and Settings\LocalService\Application Data\Webroot 2007-08-14 03:06 --------- d-------- C:\Documents and Settings\LocalService\Application Data\Webroot 2007-08-14 03:06 --------- d-------- C:\Documents and Settings\LocalService\Application Data\Webroot 2007-08-14 03:06 --------- d-------- C:\Documents and Settings\All Users\Application Data\Webroot 2007-08-14 01:49 --------- d-------- C:\Documents and Settings\Owner\Application Data\GetRightToGo 2007-08-13 03:21 --------- d-------- C:\Program Files\AVG2 2007-08-12 13:42 --------- d-------- C:\Program Files\Burger Island 2007-08-10 14:37 --------- d-------- C:\Program Files\DivX 2007-08-10 01:09 --------- d-------- C:\Documents and Settings\All Users\Application Data\Sandlot Games 2007-08-10 01:08 --------- d-------- C:\Program Files\Cake Mania 2 2007-08-09 19:35 --------- d-------- C:\Documents and Settings\Owner\Application Data\Sandlot Games 2007-08-09 19:34 --------- d-------- C:\Documents and Settings\All Users\Application Data\Trymedia 2007-08-09 17:47 --------- d-------- C:\Program Files\Microsoft ActiveSync 2007-08-09 16:20 682232 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2007-07-19 22:54 1521464 --a------ C:\WINDOWS\WRSetup.dll . ((((((((((((((((((((((((((((( snapshot@2007-10-05_12.46.18.71 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 40,196 2007-10-05 16:47:39 C:\WINDOWS\system32\perfc009.dat ----a-w 311,934 2007-10-05 16:47:39 C:\WINDOWS\system32\perfh009.dat ----a-w 16,384 2007-10-05 23:12:33 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ----a-w 16,384 2007-10-05 23:12:33 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ----a-w 32,768 2007-10-05 23:12:33 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat ----a-w 213,048 2005-05-24 15:27:16 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll ----a-w 94,208 2007-09-07 15:29:00 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe ----a-w 946,176 2007-09-07 15:29:00 C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll . ----a-w 40,196 2007-04-12 23:07:38 C:\WINDOWS\system32\perfc009.dat ----a-w 311,934 2007-04-12 23:07:38 C:\WINDOWS\system32\perfh009.dat ----a-w 16,384 2007-10-05 16:32:17 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat ----a-w 16,384 2007-10-05 16:32:17 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat ----a-w 32,768 2007-10-05 16:32:17 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85589B5D-D53D-4237-A677-46B82EA275F3}] C:\WINDOWS\WebAssist.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9815DA81-2E0C-478c-90E4-06E474E704D0}] C:\Program Files\ISM\BndDrive.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "@"="" [] "MCAgentExe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [] "BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [] "HostManager"="C:\Program Files\Common Files\AOL\1176427498\ee\AOLSoftware.exe" [] "AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 08:50] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-12 21:27] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-08-13 12:52] "RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2007-05-08 23:09] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-07-19 22:54] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-07 14:51] "AOL Fast Start"="C:\Program Files\America Online 9.0\AOL.exe" [2005-07-12 06:17] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "<NO NAME>"= . Contents of the 'Scheduled Tasks' folder "2007-10-05 23:27:03 C:\WINDOWS\Tasks\McAfee.com Update Check (NEW-HARVEST-Owner).job" - C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe . ************************************************************************ catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-05 19:25:47 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ATWPKT2] "ImagePath"="\??\C:\WINDOWS\System32\drivers\ATWPKT2.SYS" . Completion time: 2007-10-05 19:29:15 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-10-05 19:28 C:\ComboFix2.txt ... 2007-10-05 14:17 . --- E O F ---