Tech Support Forum - View Single Post

mustangman · 01-16-2008, 07:09 PM

ComboFix 08-01-17.3 - Dante 2008-01-16 20:59:45.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.537 [GMT -5:00]
Running from: C:\Documents and Settings\Dante\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\pos10.tmp
C:\pos100.tmp
C:\pos101.tmp
C:\pos102.tmp
C:\pos103.tmp
C:\pos104.tmp
C:\pos105.tmp
C:\pos106.tmp
C:\pos107.tmp
C:\pos108.tmp
C:\pos109.tmp
C:\pos10A.tmp
C:\pos10B.tmp
C:\pos10C.tmp
C:\pos10D.tmp
C:\pos10E.tmp
C:\pos10F.tmp
C:\pos11.tmp
C:\pos110.tmp
C:\pos111.tmp
C:\pos112.tmp
C:\pos113.tmp
C:\pos114.tmp
C:\pos115.tmp
C:\pos116.tmp
C:\pos117.tmp
C:\pos118.tmp
C:\pos119.tmp
C:\pos11A.tmp
C:\pos11B.tmp
C:\pos11C.tmp
C:\pos11D.tmp
C:\pos11E.tmp
C:\pos11F.tmp
C:\pos12.tmp
C:\pos120.tmp
C:\pos121.tmp
C:\pos122.tmp
C:\pos123.tmp
C:\pos124.tmp
C:\pos125.tmp
C:\pos126.tmp
C:\pos127.tmp
C:\pos128.tmp
C:\pos129.tmp
C:\pos12A.tmp
C:\pos12B.tmp
C:\pos12C.tmp
C:\pos12D.tmp
C:\pos12E.tmp
C:\pos12F.tmp
C:\pos13.tmp
C:\pos130.tmp
C:\pos131.tmp
C:\pos132.tmp
C:\pos133.tmp
C:\pos134.tmp
C:\pos135.tmp
C:\pos136.tmp
C:\pos137.tmp
C:\pos138.tmp
C:\pos139.tmp
C:\pos13A.tmp
C:\pos13B.tmp
C:\pos13C.tmp
C:\pos13D.tmp
C:\pos13E.tmp
C:\pos13F.tmp
C:\pos14.tmp
C:\pos140.tmp
C:\pos141.tmp
C:\pos142.tmp
C:\pos143.tmp
C:\pos144.tmp
C:\pos145.tmp
C:\pos146.tmp
C:\pos147.tmp
C:\pos148.tmp
C:\pos149.tmp
C:\pos14A.tmp
C:\pos14B.tmp
C:\pos14C.tmp
C:\pos14D.tmp
C:\pos14E.tmp
C:\pos14F.tmp
C:\pos15.tmp
C:\pos150.tmp
C:\pos151.tmp
C:\pos152.tmp
C:\pos153.tmp
C:\pos154.tmp
C:\pos155.tmp
C:\pos156.tmp
C:\pos157.tmp
C:\pos158.tmp
C:\pos159.tmp
C:\pos15A.tmp
C:\pos15B.tmp
C:\pos15C.tmp
C:\pos15D.tmp
C:\pos15E.tmp
C:\pos15F.tmp
C:\pos16.tmp
C:\pos160.tmp
C:\pos161.tmp
C:\pos162.tmp
C:\pos163.tmp
C:\pos164.tmp
C:\pos165.tmp
C:\pos166.tmp
C:\pos167.tmp
C:\pos168.tmp
C:\pos169.tmp
C:\pos16A.tmp
C:\pos16B.tmp
C:\pos16C.tmp
C:\pos16D.tmp
C:\pos16E.tmp
C:\pos16F.tmp
C:\pos17.tmp
C:\pos170.tmp
C:\pos171.tmp
C:\pos172.tmp
C:\pos173.tmp
C:\pos174.tmp
C:\pos175.tmp
C:\pos176.tmp
C:\pos177.tmp
C:\pos178.tmp
C:\pos179.tmp
C:\pos17A.tmp
C:\pos17B.tmp
C:\pos17C.tmp
C:\pos17D.tmp
C:\pos17E.tmp
C:\pos17F.tmp
C:\pos18.tmp
C:\pos180.tmp
C:\pos181.tmp
C:\pos182.tmp
C:\pos183.tmp
C:\pos184.tmp
C:\pos185.tmp
C:\pos186.tmp
C:\pos187.tmp
C:\pos188.tmp
C:\pos189.tmp
C:\pos18A.tmp
C:\pos18B.tmp
C:\pos18C.tmp
C:\pos18D.tmp
C:\pos18E.tmp
C:\pos18F.tmp
C:\pos19.tmp
C:\pos190.tmp
C:\pos191.tmp
C:\pos192.tmp
C:\pos193.tmp
C:\pos194.tmp
C:\pos195.tmp
C:\pos196.tmp
C:\pos197.tmp
C:\pos198.tmp
C:\pos199.tmp
C:\pos19A.tmp
C:\pos19B.tmp
C:\pos19C.tmp
C:\pos19D.tmp
C:\pos19E.tmp
C:\pos19F.tmp
C:\pos1A.tmp
C:\pos1A0.tmp
C:\pos1A1.tmp
C:\pos1A2.tmp
C:\pos1A3.tmp
C:\pos1A4.tmp
C:\pos1A5.tmp
C:\pos1A6.tmp
C:\pos1A7.tmp
C:\pos1A8.tmp
C:\pos1A9.tmp
C:\pos1AA.tmp
C:\pos1AB.tmp
C:\pos1AC.tmp
C:\pos1AD.tmp
C:\pos1AE.tmp
C:\pos1AF.tmp
C:\pos1B.tmp
C:\pos1B0.tmp
C:\pos1B1.tmp
C:\pos1B2.tmp
C:\pos1B3.tmp
C:\pos1B4.tmp
C:\pos1B5.tmp
C:\pos1B6.tmp
C:\pos1B7.tmp
C:\pos1B8.tmp
C:\pos1B9.tmp
C:\pos1BA.tmp
C:\pos1BB.tmp
C:\pos1BC.tmp
C:\pos1BD.tmp
C:\pos1BE.tmp
C:\pos1BF.tmp
C:\pos1C.tmp
C:\pos1C0.tmp
C:\pos1C1.tmp
C:\pos1C2.tmp
C:\pos1C3.tmp
C:\pos1C4.tmp
C:\pos1C5.tmp
C:\pos1C6.tmp
C:\pos1C7.tmp
C:\pos1C8.tmp
C:\pos1C9.tmp
C:\pos1CA.tmp
C:\pos1CB.tmp
C:\pos1CC.tmp
C:\pos1CD.tmp
C:\pos1CE.tmp
C:\pos1CF.tmp
C:\pos1D.tmp
C:\pos1D0.tmp
C:\pos1D1.tmp
C:\pos1D2.tmp
C:\pos1D3.tmp
C:\pos1D4.tmp
C:\pos1D5.tmp
C:\pos1D6.tmp
C:\pos1D7.tmp
C:\pos1D8.tmp
C:\pos1D9.tmp
C:\pos1DA.tmp
C:\pos1DB.tmp
C:\pos1DC.tmp
C:\pos1DD.tmp
C:\pos1DE.tmp
C:\pos1DF.tmp
C:\pos1E.tmp
C:\pos1E0.tmp
C:\pos1E1.tmp
C:\pos1E2.tmp
C:\pos1E3.tmp
C:\pos1E4.tmp
C:\pos1E5.tmp
C:\pos1E6.tmp
C:\pos1E7.tmp
C:\pos1E8.tmp
C:\pos1E9.tmp
C:\pos1EA.tmp
C:\pos1EB.tmp
C:\pos1EC.tmp
C:\pos1ED.tmp
C:\pos1EE.tmp
C:\pos1EF.tmp
C:\pos1F.tmp
C:\pos1F0.tmp
C:\pos1F1.tmp
C:\pos1F2.tmp
C:\pos1F3.tmp
C:\pos1F4.tmp
C:\pos1F5.tmp
C:\pos1F6.tmp
C:\pos1F7.tmp
C:\pos1F8.tmp
C:\pos1F9.tmp
C:\pos1FA.tmp
C:\pos1FB.tmp
C:\pos1FC.tmp
C:\pos1FD.tmp
C:\pos1FE.tmp
C:\pos1FF.tmp
C:\pos20.tmp
C:\pos200.tmp
C:\pos201.tmp
C:\pos202.tmp
C:\pos203.tmp
C:\pos204.tmp
C:\pos205.tmp
C:\pos206.tmp
C:\pos207.tmp
C:\pos208.tmp
C:\pos209.tmp
C:\pos20A.tmp
C:\pos20B.tmp
C:\pos20C.tmp
C:\pos20D.tmp
C:\pos20E.tmp
C:\pos20F.tmp
C:\pos21.tmp
C:\pos210.tmp
C:\pos211.tmp
C:\pos212.tmp
C:\pos213.tmp
C:\pos214.tmp
C:\pos215.tmp
C:\pos216.tmp
C:\pos217.tmp
C:\pos218.tmp
C:\pos219.tmp
C:\pos21A.tmp
C:\pos21B.tmp
C:\pos21C.tmp
C:\pos21D.tmp
C:\pos21E.tmp
C:\pos21F.tmp
C:\pos22.tmp
C:\pos220.tmp
C:\pos221.tmp
C:\pos222.tmp
C:\pos223.tmp
C:\pos224.tmp
C:\pos225.tmp
C:\pos226.tmp
C:\pos227.tmp
C:\pos228.tmp
C:\pos229.tmp
C:\pos22A.tmp
C:\pos22B.tmp
C:\pos22C.tmp
C:\pos22D.tmp
C:\pos22E.tmp
C:\pos22F.tmp
C:\pos23.tmp
C:\pos230.tmp
C:\pos231.tmp
C:\pos232.tmp
C:\pos233.tmp
C:\pos234.tmp
C:\pos235.tmp
C:\pos236.tmp
C:\pos237.tmp
C:\pos238.tmp
C:\pos239.tmp
C:\pos23A.tmp
C:\pos23B.tmp
C:\pos23C.tmp
C:\pos23D.tmp
C:\pos23E.tmp
C:\pos23F.tmp
C:\pos24.tmp
C:\pos240.tmp
C:\pos241.tmp
C:\pos242.tmp
C:\pos243.tmp
C:\pos244.tmp
C:\pos245.tmp
C:\pos246.tmp
C:\pos247.tmp
C:\pos248.tmp
C:\pos249.tmp
C:\pos24A.tmp
C:\pos24B.tmp
C:\pos24C.tmp
C:\pos24D.tmp
C:\pos24E.tmp
C:\pos24F.tmp
C:\pos25.tmp
C:\pos250.tmp
C:\pos251.tmp
C:\pos252.tmp
C:\pos253.tmp
C:\pos254.tmp
C:\pos255.tmp
C:\pos256.tmp
C:\pos257.tmp
C:\pos258.tmp
C:\pos259.tmp
C:\pos25A.tmp
C:\pos25B.tmp
C:\pos25C.tmp
C:\pos25D.tmp
C:\pos25E.tmp
C:\pos25F.tmp
C:\pos26.tmp
C:\pos260.tmp
C:\pos261.tmp
C:\pos262.tmp
C:\pos263.tmp
C:\pos264.tmp
C:\pos265.tmp
C:\pos266.tmp
C:\pos267.tmp
C:\pos268.tmp
C:\pos269.tmp
C:\pos26A.tmp
C:\pos26B.tmp
C:\pos26C.tmp
C:\pos26D.tmp
C:\pos26E.tmp
C:\pos26F.tmp
C:\pos27.tmp
C:\pos270.tmp
C:\pos271.tmp
C:\pos272.tmp
C:\pos273.tmp
C:\pos274.tmp
C:\pos275.tmp
C:\pos276.tmp
C:\pos277.tmp
C:\pos278.tmp
C:\pos279.tmp
C:\pos27A.tmp
C:\pos27B.tmp
C:\pos27C.tmp
C:\pos27D.tmp
C:\pos27E.tmp
C:\pos27F.tmp
C:\pos28.tmp
C:\pos280.tmp
C:\pos281.tmp
C:\pos282.tmp
C:\pos283.tmp
C:\pos284.tmp
C:\pos285.tmp
C:\pos286.tmp
C:\pos287.tmp
C:\pos288.tmp
C:\pos289.tmp
C:\pos28A.tmp
C:\pos28B.tmp
C:\pos28C.tmp
C:\pos28D.tmp
C:\pos28E.tmp
C:\pos28F.tmp
C:\pos29.tmp
C:\pos290.tmp
C:\pos291.tmp
C:\pos292.tmp
C:\pos293.tmp
C:\pos294.tmp
C:\pos295.tmp
C:\pos296.tmp
C:\pos297.tmp
C:\pos298.tmp
C:\pos299.tmp
C:\pos29A.tmp
C:\pos29B.tmp
C:\pos29C.tmp
C:\pos29D.tmp
C:\pos29E.tmp
C:\pos29F.tmp
C:\pos2A.tmp
C:\pos2A0.tmp
C:\pos2A1.tmp
C:\pos2A2.tmp
C:\pos2A3.tmp
C:\pos2A4.tmp
C:\pos2A5.tmp
C:\pos2A6.tmp
C:\pos2A7.tmp
C:\pos2A8.tmp
C:\pos2A9.tmp
C:\pos2AA.tmp
C:\pos2AB.tmp
C:\pos2AC.tmp
C:\pos2AD.tmp
C:\pos2AE.tmp
C:\pos2AF.tmp
C:\pos2B.tmp
C:\pos2B0.tmp
C:\pos2B1.tmp
C:\pos2B2.tmp
C:\pos2B3.tmp
C:\pos2B4.tmp
C:\pos2B5.tmp
C:\pos2B6.tmp
C:\pos2B7.tmp
C:\pos2B8.tmp
C:\pos2B9.tmp
C:\pos2BA.tmp
C:\pos2BB.tmp
C:\pos2BC.tmp
C:\pos2BD.tmp
C:\pos2BE.tmp
C:\pos2BF.tmp
C:\pos2C.tmp
C:\pos2C0.tmp
C:\pos2C1.tmp
C:\pos2C2.tmp
C:\pos2C3.tmp
C:\pos2C4.tmp
C:\pos2C5.tmp
C:\pos2C6.tmp
C:\pos2C7.tmp
C:\pos2C8.tmp
C:\pos2C9.tmp
C:\pos2CA.tmp
C:\pos2CB.tmp
C:\pos2CC.tmp
C:\pos2CD.tmp
C:\pos2CE.tmp
C:\pos2CF.tmp
C:\pos2D.tmp
C:\pos2D0.tmp
C:\pos2D1.tmp
C:\pos2D2.tmp
C:\pos2D3.tmp
C:\pos2D4.tmp
C:\pos2D5.tmp
C:\pos2D6.tmp
C:\pos2D7.tmp
C:\pos2D8.tmp
C:\pos2D9.tmp
C:\pos2DA.tmp
C:\pos2DB.tmp
C:\pos2DC.tmp
C:\pos2DD.tmp
C:\pos2DE.tmp
C:\pos2DF.tmp
C:\pos2E.tmp
C:\pos2E0.tmp
C:\pos2E1.tmp
C:\pos2E2.tmp
C:\pos2E3.tmp
C:\pos2E4.tmp
C:\pos2E5.tmp
C:\pos2E6.tmp
C:\pos2E7.tmp
C:\pos2E8.tmp
C:\pos2E9.tmp
C:\pos2EA.tmp
C:\pos2EB.tmp
C:\pos2EC.tmp
C:\pos2ED.tmp
C:\pos2EE.tmp
C:\pos2EF.tmp
C:\pos2F.tmp
C:\pos2F0.tmp
C:\pos2F1.tmp
C:\pos2F2.tmp
C:\pos2F3.tmp
C:\pos2F4.tmp
C:\pos2F5.tmp
C:\pos2F6.tmp
C:\pos2F7.tmp
C:\pos2F8.tmp
C:\pos2F9.tmp
C:\pos2FA.tmp
C:\pos2FB.tmp
C:\pos2FC.tmp
C:\pos2FD.tmp
C:\pos2FE.tmp
C:\pos2FF.tmp
C:\pos30.tmp
C:\pos300.tmp
C:\pos301.tmp
C:\pos302.tmp
C:\pos303.tmp
C:\pos304.tmp
C:\pos305.tmp
C:\pos306.tmp
C:\pos307.tmp
C:\pos308.tmp
C:\pos309.tmp
C:\pos30A.tmp
C:\pos30B.tmp
C:\pos30C.tmp
C:\pos30D.tmp
C:\pos30E.tmp
C:\pos30F.tmp
C:\pos31.tmp
C:\pos310.tmp
C:\pos311.tmp
C:\pos312.tmp
C:\pos313.tmp
C:\pos314.tmp
C:\pos315.tmp
C:\pos316.tmp
C:\pos317.tmp
C:\pos318.tmp
C:\pos319.tmp
C:\pos31A.tmp
C:\pos31B.tmp
C:\pos31C.tmp
C:\pos31D.tmp
C:\pos31E.tmp
C:\pos31F.tmp
C:\pos32.tmp
C:\pos320.tmp
C:\pos321.tmp
C:\pos322.tmp
C:\pos323.tmp
C:\pos324.tmp
C:\pos325.tmp
C:\pos326.tmp
C:\pos327.tmp
C:\pos328.tmp
C:\pos329.tmp
C:\pos32A.tmp
C:\pos32B.tmp
C:\pos32C.tmp
C:\pos32D.tmp
C:\pos32E.tmp
C:\pos32F.tmp
C:\pos33.tmp
C:\pos330.tmp
C:\pos331.tmp
C:\pos332.tmp
C:\pos333.tmp
C:\pos334.tmp
C:\pos335.tmp
C:\pos336.tmp
C:\pos337.tmp
C:\pos338.tmp
C:\pos339.tmp
C:\pos33A.tmp
C:\pos33B.tmp
C:\pos33C.tmp
C:\pos33D.tmp
C:\pos33E.tmp
C:\pos33F.tmp
C:\pos34.tmp
C:\pos340.tmp
C:\pos341.tmp
C:\pos342.tmp
C:\pos343.tmp
C:\pos344.tmp
C:\pos345.tmp
C:\pos346.tmp
C:\pos347.tmp
C:\pos348.tmp
C:\pos349.tmp
C:\pos34A.tmp
C:\pos34B.tmp
C:\pos34C.tmp
C:\pos34D.tmp
C:\pos34E.tmp
C:\pos34F.tmp
C:\pos35.tmp
C:\pos350.tmp
C:\pos351.tmp
C:\pos352.tmp
C:\pos353.tmp
C:\pos354.tmp
C:\pos355.tmp
C:\pos356.tmp
C:\pos357.tmp
C:\pos358.tmp
C:\pos359.tmp
C:\pos35A.tmp
C:\pos35B.tmp
C:\pos35C.tmp
C:\pos35D.tmp
C:\pos35E.tmp
C:\pos35F.tmp
C:\pos36.tmp
C:\pos360.tmp
C:\pos361.tmp
C:\pos362.tmp
C:\pos363.tmp
C:\pos364.tmp
C:\pos365.tmp
C:\pos366.tmp
C:\pos367.tmp
C:\pos368.tmp
C:\pos369.tmp
C:\pos36A.tmp
C:\pos36B.tmp
C:\pos36C.tmp
C:\pos36D.tmp
C:\pos36E.tmp
C:\pos36F.tmp
C:\pos37.tmp
C:\pos370.tmp
C:\pos371.tmp
C:\pos372.tmp
C:\pos373.tmp
C:\pos374.tmp
C:\pos375.tmp
C:\pos376.tmp
C:\pos377.tmp
C:\pos378.tmp
C:\pos379.tmp
C:\pos37A.tmp
C:\pos37B.tmp
C:\pos37C.tmp
C:\pos37D.tmp
C:\pos37E.tmp
C:\pos37F.tmp
C:\pos38.tmp
C:\pos380.tmp
C:\pos381.tmp
C:\pos382.tmp
C:\pos383.tmp
C:\pos384.tmp
C:\pos385.tmp
C:\pos386.tmp
C:\pos387.tmp
C:\pos388.tmp
C:\pos389.tmp
C:\pos38A.tmp
C:\pos38B.tmp
C:\pos38C.tmp
C:\pos38D.tmp
C:\pos38E.tmp
C:\pos38F.tmp
C:\pos39.tmp
C:\pos390.tmp
C:\pos391.tmp
C:\pos392.tmp
C:\pos393.tmp
C:\pos394.tmp
C:\pos395.tmp
C:\pos396.tmp
C:\pos397.tmp
C:\pos398.tmp
C:\pos399.tmp
C:\pos39A.tmp
C:\pos39B.tmp
C:\pos39C.tmp
C:\pos39D.tmp
C:\pos39E.tmp
C:\pos39F.tmp
C:\pos3A.tmp
C:\pos3A0.tmp
C:\pos3A1.tmp
C:\pos3A2.tmp
C:\pos3A3.tmp
C:\pos3A4.tmp
C:\pos3A5.tmp
C:\pos3A6.tmp
C:\pos3A7.tmp
C:\pos3A8.tmp
C:\pos3A9.tmp
C:\pos3AA.tmp
C:\pos3AB.tmp
C:\pos3AC.tmp
C:\pos3AD.tmp
C:\pos3AE.tmp
C:\pos3AF.tmp
C:\pos3B.tmp
C:\pos3B0.tmp
C:\pos3B1.tmp
C:\pos3B2.tmp
C:\pos3B3.tmp
C:\pos3B4.tmp
C:\pos3B5.tmp
C:\pos3B6.tmp
C:\pos3B7.tmp
C:\pos3B8.tmp
C:\pos3B9.tmp
C:\pos3BA.tmp
C:\pos3BB.tmp
C:\pos3BC.tmp
C:\pos3BD.tmp
C:\pos3BE.tmp
C:\pos3BF.tmp
C:\pos3C.tmp
C:\pos3C0.tmp
C:\pos3C1.tmp
C:\pos3C2.tmp
C:\pos3C3.tmp
C:\pos3C4.tmp
C:\pos3C5.tmp
C:\pos3C6.tmp
C:\pos3C7.tmp
C:\pos3C8.tmp
C:\pos3C9.tmp
C:\pos3CA.tmp
C:\pos3CB.tmp
C:\pos3CC.tmp
C:\pos3CD.tmp
C:\pos3CE.tmp
C:\pos3CF.tmp
C:\pos3D.tmp
C:\pos3D0.tmp
C:\pos3D1.tmp
C:\pos3D2.tmp
C:\pos3D3.tmp
C:\pos3D4.tmp
C:\pos3D5.tmp
C:\pos3D6.tmp
C:\pos3D7.tmp
C:\pos3D8.tmp
C:\pos3D9.tmp
C:\pos3DA.tmp
C:\pos3DB.tmp
C:\pos3DC.tmp
C:\pos3DD.tmp
C:\pos3DE.tmp
C:\pos3DF.tmp
C:\pos3E.tmp
C:\pos3E0.tmp
C:\pos3E1.tmp
C:\pos3E2.tmp
C:\pos3E3.tmp
C:\pos3E4.tmp
C:\pos3E5.tmp
C:\pos3E6.tmp
C:\pos3E7.tmp
C:\pos3E8.tmp
C:\pos3E9.tmp
C:\pos3EA.tmp
C:\pos3EB.tmp
C:\pos3F.tmp
C:\pos4.tmp
C:\pos40.tmp
C:\pos41.tmp
C:\pos42.tmp
C:\pos43.tmp
C:\pos44.tmp
C:\pos45.tmp
C:\pos46.tmp
C:\pos47.tmp
C:\pos48.tmp
C:\pos49.tmp
C:\pos4A.tmp
C:\pos4B.tmp
C:\pos4C.tmp
C:\pos4D.tmp
C:\pos4E.tmp
C:\pos4F.tmp
C:\pos5.tmp
C:\pos50.tmp
C:\pos51.tmp
C:\pos52.tmp
C:\pos53.tmp
C:\pos54.tmp
C:\pos55.tmp
C:\pos56.tmp
C:\pos57.tmp
C:\pos58.tmp
C:\pos59.tmp
C:\pos5A.tmp
C:\pos5B.tmp
C:\pos5C.tmp
C:\pos5D.tmp
C:\pos5E.tmp
C:\pos5F.tmp
C:\pos6.tmp
C:\pos60.tmp
C:\pos61.tmp
C:\pos62.tmp
C:\pos63.tmp
C:\pos64.tmp
C:\pos65.tmp
C:\pos66.tmp
C:\pos67.tmp
C:\pos68.tmp
C:\pos69.tmp
C:\pos6A.tmp
C:\pos6B.tmp
C:\pos6C.tmp
C:\pos6D.tmp
C:\pos6E.tmp
C:\pos6F.tmp
C:\pos7.tmp
C:\pos70.tmp
C:\pos71.tmp
C:\pos72.tmp
C:\pos73.tmp
C:\pos74.tmp
C:\pos75.tmp
C:\pos76.tmp
C:\pos77.tmp
C:\pos78.tmp
C:\pos79.tmp
C:\pos7A.tmp
C:\pos7B.tmp
C:\pos7C.tmp
C:\pos7D.tmp
C:\pos7E.tmp
C:\pos7F.tmp
C:\pos8.tmp
C:\pos80.tmp
C:\pos81.tmp
C:\pos82.tmp
C:\pos83.tmp
C:\pos84.tmp
C:\pos85.tmp
C:\pos86.tmp
C:\pos87.tmp
C:\pos88.tmp
C:\pos89.tmp
C:\pos8A.tmp
C:\pos8B.tmp
C:\pos8C.tmp
C:\pos8D.tmp
C:\pos8E.tmp
C:\pos8F.tmp
C:\pos9.tmp
C:\pos90.tmp
C:\pos91.tmp
C:\pos92.tmp
C:\pos93.tmp
C:\pos94.tmp
C:\pos95.tmp
C:\pos96.tmp
C:\pos97.tmp
C:\pos98.tmp
C:\pos99.tmp
C:\pos9A.tmp
C:\pos9B.tmp
C:\pos9C.tmp
C:\pos9D.tmp
C:\pos9E.tmp
C:\pos9F.tmp
C:\posA.tmp
C:\posA0.tmp
C:\posA1.tmp
C:\posA2.tmp
C:\posA3.tmp
C:\posA4.tmp
C:\posA5.tmp
C:\posA6.tmp
C:\posA7.tmp
C:\posA8.tmp
C:\posA9.tmp
C:\posAA.tmp
C:\posAB.tmp
C:\posAC.tmp
C:\posAD.tmp
C:\posAE.tmp
C:\posAF.tmp
C:\posB.tmp
C:\posB0.tmp
C:\posB1.tmp
C:\posB2.tmp
C:\posB3.tmp
C:\posB4.tmp
C:\posB5.tmp
C:\posB6.tmp
C:\posB7.tmp
C:\posB8.tmp
C:\posB9.tmp
C:\posBA.tmp
C:\posBB.tmp
C:\posBC.tmp
C:\posBD.tmp
C:\posBE.tmp
C:\posBF.tmp
C:\posC.tmp
C:\posC0.tmp
C:\posC1.tmp
C:\posC2.tmp
C:\posC3.tmp
C:\posC4.tmp
C:\posC5.tmp
C:\posC6.tmp
C:\posC7.tmp
C:\posC8.tmp
C:\posC9.tmp
C:\posCA.tmp
C:\posCB.tmp
C:\posCC.tmp
C:\posCD.tmp
C:\posCE.tmp
C:\posCF.tmp
C:\posD.tmp
C:\posD0.tmp
C:\posD1.tmp
C:\posD2.tmp
C:\posD3.tmp
C:\posD4.tmp
C:\posD5.tmp
C:\posD6.tmp
C:\posD7.tmp
C:\posD8.tmp
C:\posD9.tmp
C:\posDA.tmp
C:\posDB.tmp
C:\posDC.tmp
C:\posDD.tmp
C:\posDE.tmp
C:\posDF.tmp
C:\posE.tmp
C:\posE0.tmp
C:\posE1.tmp
C:\posE2.tmp
C:\posE3.tmp
C:\posE4.tmp
C:\posE5.tmp
C:\posE6.tmp
C:\posE7.tmp
C:\posE8.tmp
C:\posE9.tmp
C:\posEA.tmp
C:\posEB.tmp
C:\posEC.tmp
C:\posED.tmp
C:\posEE.tmp
C:\posEF.tmp
C:\posF.tmp
C:\posF0.tmp
C:\posF1.tmp
C:\posF2.tmp
C:\posF3.tmp
C:\posF4.tmp
C:\posF5.tmp
C:\posF6.tmp
C:\posF7.tmp
C:\posF8.tmp
C:\posF9.tmp
C:\posFA.tmp
C:\posFB.tmp
C:\posFC.tmp
C:\posFD.tmp
C:\posFE.tmp
C:\posFF.tmp
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\temp\tn3
C:\WINDOWS\system32\ailvmcnk.dllbox
C:\WINDOWS\system32\ehkmp.ini
C:\WINDOWS\system32\ehkmp.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\ttt.exe
C:\WINDOWS\system32\drivers\core.cache.dsk . . . . failed to delete

.
((((((((((((((((((((((((( Files Created from 2007-12-17 to 2008-01-17 )))))))))))))))))))))))))))))))
.

2008-01-16 21:05 . 2008-01-16 21:05 <DIR> d-------- C:\Temp\tn3
2008-01-16 21:05 . 2008-01-16 21:05 932 --------- C:\WINDOWS\system32\drivers\core.cache.dsk
2008-01-16 20:43 . 2004-08-03 23:00 260,272 --a------ C:\cmldr
2008-01-16 20:43 . 2004-10-01 19:50 211 --a------ C:\Boot.bak
2008-01-16 20:42 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-16 19:31 . 2008-01-16 19:31 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-01-16 19:05 . 2008-01-16 19:31 <DIR> d-------- C:\Program Files\Active Images Express
2008-01-12 21:23 . 2008-01-12 21:57 315 --a------ C:\WINDOWS\wininit.ini
2008-01-12 18:17 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS
2008-01-12 18:15 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\ymatxfjjkfdt.sys
2008-01-12 18:02 . 2008-01-12 18:02 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-01-12 17:57 . 2008-01-12 19:05 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2008-01-12 17:57 . 2008-01-12 17:57 30,590 --a------ C:\WINDOWS\system32\pavas.ico
2008-01-12 17:57 . 2008-01-12 17:57 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-01-12 17:57 . 2008-01-12 17:57 1,406 --a------ C:\WINDOWS\system32\Help.ico
2008-01-12 10:52 . 2008-01-15 12:03 <DIR> d-------- C:\WINDOWS\system32\vt8
2008-01-12 10:52 . 2008-01-12 11:29 <DIR> d-------- C:\WINDOWS\system32\ob3
2008-01-12 10:52 . 2008-01-12 11:29 <DIR> d-------- C:\WINDOWS\system32\mp2
2008-01-12 10:52 . 2008-01-12 11:29 <DIR> d-------- C:\WINDOWS\system32\ez4
2008-01-12 10:52 . 2008-01-12 19:07 <DIR> d-------- C:\WINDOWS\system32\edcA17
2008-01-12 10:52 . 2008-01-12 10:52 <DIR> d-------- C:\WINDOWS\system32\che9
2008-01-12 10:52 . 2008-01-12 10:52 86,016 --a------ C:\WINDOWS\system32\drivers\wpdusbb.sys
2008-01-12 10:10 . 2008-01-12 10:11 <DIR> d-------- C:\WINDOWS\system32\edcA01
2008-01-12 10:10 . 2008-01-12 10:10 <DIR> d-------- C:\Temp\Ryuan1
2008-01-12 10:10 . 2008-01-16 21:05 <DIR> d-------- C:\Temp
2008-01-02 16:30 . 2008-01-15 19:40 <DIR> d-------- C:\Program Files\iTunes
2008-01-02 16:28 . 2008-01-02 16:36 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-01-02 16:28 . 2008-01-12 11:29 <DIR> d-------- C:\Program Files\QuickTime
2008-01-02 14:34 . 2008-01-02 14:34 <DIR> d-------- C:\Program Files\Photo Viewer
2007-12-17 08:26 . 2007-12-17 08:26 <DIR> d-------- C:\Documents and Settings\Dante\Application Data\Printer Info Cache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-17 02:03 --------- d-----w C:\Documents and Settings\Dante\Application Data\Free Download Manager
2008-01-16 17:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2008-01-15 16:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-12 23:46 --------- d-----w C:\Program Files\Lexmark 2200 Series
2008-01-12 23:45 --------- d-----w C:\Program Files\Google
2008-01-12 23:44 --------- d-----w C:\Program Files\Free Download Manager
2008-01-12 15:34 --------- d-----w C:\Program Files\Lexmark Fax Solutions
2008-01-03 20:41 --------- d-----w C:\Program Files\Motorola
2008-01-03 20:40 --------- d-----w C:\Program Files\MUSICMATCH
2008-01-02 21:30 --------- d-----w C:\Program Files\iPod
2008-01-02 21:23 --------- d-----w C:\Program Files\Apple Software Update
2008-01-02 19:32 4,424 ----a-w C:\Documents and Settings\Dante\Application Data\ViewerApp.dat
2007-12-17 13:30 --------- d-----w C:\Documents and Settings\Dante\Application Data\U3
2007-12-09 14:02 --------- d-----w C:\Program Files\WOMGames
2007-12-09 14:02 --------- d-----w C:\Program Files\Snood
2007-11-26 05:13 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-21 19:23 127,034 ------r C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe
2007-11-21 19:23 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-21 19:23 --------- d-----w C:\Program Files\Logitech
2007-11-21 19:23 --------- d-----w C:\Documents and Settings\Dante\Application Data\Logitech
2007-11-21 19:22 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2007-11-21 19:22 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2007-11-21 19:21 --------- d-----w C:\Program Files\Common Files\Logitech
2007-11-21 19:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech
2007-11-19 20:46 --------- d-----w C:\Program Files\GameSpy Arcade
2007-11-19 02:54 --------- d-----w C:\Program Files\EA GAMES
2005-01-11 20:47 13,482,997 ----a-w C:\Documents and Settings\My phone\2800ringtonesg.zip
2005-01-11 20:22 49,425,315 ----a-w C:\Documents and Settings\My phone\R1C0101.exe
2005-01-11 20:17 2,845,950 ----a-w C:\Documents and Settings\My phone\iDENDownloadAppsUtility.exe
2004-08-26 00:18 56 --sh--r C:\WINDOWS\system32\D9BCAB6F5A.sys
2005-01-03 21:49 4,184 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72CB06A0-29A3-4B79-ABE3-B8C0EC03F829}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9168926A-8648-4BA2-A761-880F0D8AA3ED}]
C:\WINDOWS\system32\pmkhe.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2004-07-22 13:38 88361 C:\WINDOWS\AGRSMMSG.exe]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 04:50 19968 C:\WINDOWS\LOGI_MWX.EXE]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [ ]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 09:02 219136]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 01:05:26]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-21 14:23:20]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-11-21 14:21:13]
Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2006-09-13 19:28:32]
Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2006-09-13 19:28:29]
Remocon Driver.lnk - C:\Program Files\sony\usbsircs\usbsircs.exe [2004-07-01 17:11:30]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ailvmcnk]
ailvmcnk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqqpol]
ssqqpol.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

R1 wpdusbb;wpdusbb;C:\WINDOWS\system32\drivers\wpdusbb.sys [2008-01-12 10:52]
R2 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [2004-03-12 19:32]
S3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\System32\DRIVERS\COMFiltr.sys []
S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe [2004-03-12 18:57]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f0c14a9-79bd-11dc-a6ea-00112f236203}]
\Shell\AutoRun\command - I:\LaunchU3.exe -a

.
Contents of the 'Scheduled Tasks' folder
"2008-01-14 17:12:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-16 21:05:50
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-16 21:07:52 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-17 02:07:50
.
2008-01-09 14:29:40 --- E O F ---

01-16-2008, 07:09 PM	#11 (permalink)
mustangman Registered User Join Date: Jul 2007 Posts: 29 OS: WinXP	Re: constant pops, extremely slow ComboFix 08-01-17.3 - Dante 2008-01-16 20:59:45.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.537 [GMT -5:00] Running from: C:\Documents and Settings\Dante\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\pos10.tmp C:\pos100.tmp C:\pos101.tmp C:\pos102.tmp C:\pos103.tmp C:\pos104.tmp C:\pos105.tmp C:\pos106.tmp C:\pos107.tmp C:\pos108.tmp C:\pos109.tmp C:\pos10A.tmp C:\pos10B.tmp C:\pos10C.tmp C:\pos10D.tmp C:\pos10E.tmp C:\pos10F.tmp C:\pos11.tmp C:\pos110.tmp C:\pos111.tmp C:\pos112.tmp C:\pos113.tmp C:\pos114.tmp C:\pos115.tmp C:\pos116.tmp C:\pos117.tmp C:\pos118.tmp C:\pos119.tmp C:\pos11A.tmp C:\pos11B.tmp C:\pos11C.tmp C:\pos11D.tmp C:\pos11E.tmp C:\pos11F.tmp C:\pos12.tmp C:\pos120.tmp C:\pos121.tmp C:\pos122.tmp C:\pos123.tmp C:\pos124.tmp C:\pos125.tmp C:\pos126.tmp C:\pos127.tmp C:\pos128.tmp C:\pos129.tmp C:\pos12A.tmp C:\pos12B.tmp C:\pos12C.tmp C:\pos12D.tmp C:\pos12E.tmp C:\pos12F.tmp C:\pos13.tmp C:\pos130.tmp C:\pos131.tmp C:\pos132.tmp C:\pos133.tmp C:\pos134.tmp C:\pos135.tmp C:\pos136.tmp C:\pos137.tmp C:\pos138.tmp C:\pos139.tmp C:\pos13A.tmp C:\pos13B.tmp C:\pos13C.tmp C:\pos13D.tmp C:\pos13E.tmp C:\pos13F.tmp C:\pos14.tmp C:\pos140.tmp C:\pos141.tmp C:\pos142.tmp C:\pos143.tmp C:\pos144.tmp C:\pos145.tmp C:\pos146.tmp C:\pos147.tmp C:\pos148.tmp C:\pos149.tmp C:\pos14A.tmp C:\pos14B.tmp C:\pos14C.tmp C:\pos14D.tmp C:\pos14E.tmp C:\pos14F.tmp C:\pos15.tmp C:\pos150.tmp C:\pos151.tmp C:\pos152.tmp C:\pos153.tmp C:\pos154.tmp C:\pos155.tmp C:\pos156.tmp C:\pos157.tmp C:\pos158.tmp C:\pos159.tmp C:\pos15A.tmp C:\pos15B.tmp C:\pos15C.tmp C:\pos15D.tmp C:\pos15E.tmp C:\pos15F.tmp C:\pos16.tmp C:\pos160.tmp C:\pos161.tmp C:\pos162.tmp C:\pos163.tmp C:\pos164.tmp C:\pos165.tmp C:\pos166.tmp C:\pos167.tmp C:\pos168.tmp C:\pos169.tmp C:\pos16A.tmp C:\pos16B.tmp C:\pos16C.tmp C:\pos16D.tmp C:\pos16E.tmp C:\pos16F.tmp C:\pos17.tmp C:\pos170.tmp C:\pos171.tmp C:\pos172.tmp C:\pos173.tmp C:\pos174.tmp C:\pos175.tmp C:\pos176.tmp C:\pos177.tmp C:\pos178.tmp C:\pos179.tmp C:\pos17A.tmp C:\pos17B.tmp C:\pos17C.tmp C:\pos17D.tmp C:\pos17E.tmp C:\pos17F.tmp C:\pos18.tmp C:\pos180.tmp C:\pos181.tmp C:\pos182.tmp C:\pos183.tmp C:\pos184.tmp C:\pos185.tmp C:\pos186.tmp C:\pos187.tmp C:\pos188.tmp C:\pos189.tmp C:\pos18A.tmp C:\pos18B.tmp C:\pos18C.tmp C:\pos18D.tmp C:\pos18E.tmp C:\pos18F.tmp C:\pos19.tmp C:\pos190.tmp C:\pos191.tmp C:\pos192.tmp C:\pos193.tmp C:\pos194.tmp C:\pos195.tmp C:\pos196.tmp C:\pos197.tmp C:\pos198.tmp C:\pos199.tmp C:\pos19A.tmp C:\pos19B.tmp C:\pos19C.tmp C:\pos19D.tmp C:\pos19E.tmp C:\pos19F.tmp C:\pos1A.tmp C:\pos1A0.tmp C:\pos1A1.tmp C:\pos1A2.tmp C:\pos1A3.tmp C:\pos1A4.tmp C:\pos1A5.tmp C:\pos1A6.tmp C:\pos1A7.tmp C:\pos1A8.tmp C:\pos1A9.tmp C:\pos1AA.tmp C:\pos1AB.tmp C:\pos1AC.tmp C:\pos1AD.tmp C:\pos1AE.tmp C:\pos1AF.tmp C:\pos1B.tmp C:\pos1B0.tmp C:\pos1B1.tmp C:\pos1B2.tmp C:\pos1B3.tmp C:\pos1B4.tmp C:\pos1B5.tmp C:\pos1B6.tmp C:\pos1B7.tmp C:\pos1B8.tmp C:\pos1B9.tmp C:\pos1BA.tmp C:\pos1BB.tmp C:\pos1BC.tmp C:\pos1BD.tmp C:\pos1BE.tmp C:\pos1BF.tmp C:\pos1C.tmp C:\pos1C0.tmp C:\pos1C1.tmp C:\pos1C2.tmp C:\pos1C3.tmp C:\pos1C4.tmp C:\pos1C5.tmp C:\pos1C6.tmp C:\pos1C7.tmp C:\pos1C8.tmp C:\pos1C9.tmp C:\pos1CA.tmp C:\pos1CB.tmp C:\pos1CC.tmp C:\pos1CD.tmp C:\pos1CE.tmp C:\pos1CF.tmp C:\pos1D.tmp C:\pos1D0.tmp C:\pos1D1.tmp C:\pos1D2.tmp C:\pos1D3.tmp C:\pos1D4.tmp C:\pos1D5.tmp C:\pos1D6.tmp C:\pos1D7.tmp C:\pos1D8.tmp C:\pos1D9.tmp C:\pos1DA.tmp C:\pos1DB.tmp C:\pos1DC.tmp C:\pos1DD.tmp C:\pos1DE.tmp C:\pos1DF.tmp C:\pos1E.tmp C:\pos1E0.tmp C:\pos1E1.tmp C:\pos1E2.tmp C:\pos1E3.tmp C:\pos1E4.tmp C:\pos1E5.tmp C:\pos1E6.tmp C:\pos1E7.tmp C:\pos1E8.tmp C:\pos1E9.tmp C:\pos1EA.tmp C:\pos1EB.tmp C:\pos1EC.tmp C:\pos1ED.tmp C:\pos1EE.tmp C:\pos1EF.tmp C:\pos1F.tmp C:\pos1F0.tmp C:\pos1F1.tmp C:\pos1F2.tmp C:\pos1F3.tmp C:\pos1F4.tmp C:\pos1F5.tmp C:\pos1F6.tmp C:\pos1F7.tmp C:\pos1F8.tmp C:\pos1F9.tmp C:\pos1FA.tmp C:\pos1FB.tmp C:\pos1FC.tmp C:\pos1FD.tmp C:\pos1FE.tmp C:\pos1FF.tmp C:\pos20.tmp C:\pos200.tmp C:\pos201.tmp C:\pos202.tmp C:\pos203.tmp C:\pos204.tmp C:\pos205.tmp C:\pos206.tmp C:\pos207.tmp C:\pos208.tmp C:\pos209.tmp C:\pos20A.tmp C:\pos20B.tmp C:\pos20C.tmp C:\pos20D.tmp C:\pos20E.tmp C:\pos20F.tmp C:\pos21.tmp C:\pos210.tmp C:\pos211.tmp C:\pos212.tmp C:\pos213.tmp C:\pos214.tmp C:\pos215.tmp C:\pos216.tmp C:\pos217.tmp C:\pos218.tmp C:\pos219.tmp C:\pos21A.tmp C:\pos21B.tmp C:\pos21C.tmp C:\pos21D.tmp C:\pos21E.tmp C:\pos21F.tmp C:\pos22.tmp C:\pos220.tmp C:\pos221.tmp C:\pos222.tmp C:\pos223.tmp C:\pos224.tmp C:\pos225.tmp C:\pos226.tmp C:\pos227.tmp C:\pos228.tmp C:\pos229.tmp C:\pos22A.tmp C:\pos22B.tmp C:\pos22C.tmp C:\pos22D.tmp C:\pos22E.tmp C:\pos22F.tmp C:\pos23.tmp C:\pos230.tmp C:\pos231.tmp C:\pos232.tmp C:\pos233.tmp C:\pos234.tmp C:\pos235.tmp C:\pos236.tmp C:\pos237.tmp C:\pos238.tmp C:\pos239.tmp C:\pos23A.tmp C:\pos23B.tmp C:\pos23C.tmp C:\pos23D.tmp C:\pos23E.tmp C:\pos23F.tmp C:\pos24.tmp C:\pos240.tmp C:\pos241.tmp C:\pos242.tmp C:\pos243.tmp C:\pos244.tmp C:\pos245.tmp C:\pos246.tmp C:\pos247.tmp C:\pos248.tmp C:\pos249.tmp C:\pos24A.tmp C:\pos24B.tmp C:\pos24C.tmp C:\pos24D.tmp C:\pos24E.tmp C:\pos24F.tmp C:\pos25.tmp C:\pos250.tmp C:\pos251.tmp C:\pos252.tmp C:\pos253.tmp C:\pos254.tmp C:\pos255.tmp C:\pos256.tmp C:\pos257.tmp C:\pos258.tmp C:\pos259.tmp C:\pos25A.tmp C:\pos25B.tmp C:\pos25C.tmp C:\pos25D.tmp C:\pos25E.tmp C:\pos25F.tmp C:\pos26.tmp C:\pos260.tmp C:\pos261.tmp C:\pos262.tmp C:\pos263.tmp C:\pos264.tmp C:\pos265.tmp C:\pos266.tmp C:\pos267.tmp C:\pos268.tmp C:\pos269.tmp C:\pos26A.tmp C:\pos26B.tmp C:\pos26C.tmp C:\pos26D.tmp C:\pos26E.tmp C:\pos26F.tmp C:\pos27.tmp C:\pos270.tmp C:\pos271.tmp C:\pos272.tmp C:\pos273.tmp C:\pos274.tmp C:\pos275.tmp C:\pos276.tmp C:\pos277.tmp C:\pos278.tmp C:\pos279.tmp C:\pos27A.tmp C:\pos27B.tmp C:\pos27C.tmp C:\pos27D.tmp C:\pos27E.tmp C:\pos27F.tmp C:\pos28.tmp C:\pos280.tmp C:\pos281.tmp C:\pos282.tmp C:\pos283.tmp C:\pos284.tmp C:\pos285.tmp C:\pos286.tmp C:\pos287.tmp C:\pos288.tmp C:\pos289.tmp C:\pos28A.tmp C:\pos28B.tmp C:\pos28C.tmp C:\pos28D.tmp C:\pos28E.tmp C:\pos28F.tmp C:\pos29.tmp C:\pos290.tmp C:\pos291.tmp C:\pos292.tmp C:\pos293.tmp C:\pos294.tmp C:\pos295.tmp C:\pos296.tmp C:\pos297.tmp C:\pos298.tmp C:\pos299.tmp C:\pos29A.tmp C:\pos29B.tmp C:\pos29C.tmp C:\pos29D.tmp C:\pos29E.tmp C:\pos29F.tmp C:\pos2A.tmp C:\pos2A0.tmp C:\pos2A1.tmp C:\pos2A2.tmp C:\pos2A3.tmp C:\pos2A4.tmp C:\pos2A5.tmp C:\pos2A6.tmp C:\pos2A7.tmp C:\pos2A8.tmp C:\pos2A9.tmp C:\pos2AA.tmp C:\pos2AB.tmp C:\pos2AC.tmp C:\pos2AD.tmp C:\pos2AE.tmp C:\pos2AF.tmp C:\pos2B.tmp C:\pos2B0.tmp C:\pos2B1.tmp C:\pos2B2.tmp C:\pos2B3.tmp C:\pos2B4.tmp C:\pos2B5.tmp C:\pos2B6.tmp C:\pos2B7.tmp C:\pos2B8.tmp C:\pos2B9.tmp C:\pos2BA.tmp C:\pos2BB.tmp C:\pos2BC.tmp C:\pos2BD.tmp C:\pos2BE.tmp C:\pos2BF.tmp C:\pos2C.tmp C:\pos2C0.tmp C:\pos2C1.tmp C:\pos2C2.tmp C:\pos2C3.tmp C:\pos2C4.tmp C:\pos2C5.tmp C:\pos2C6.tmp C:\pos2C7.tmp C:\pos2C8.tmp C:\pos2C9.tmp C:\pos2CA.tmp C:\pos2CB.tmp C:\pos2CC.tmp C:\pos2CD.tmp C:\pos2CE.tmp C:\pos2CF.tmp C:\pos2D.tmp C:\pos2D0.tmp C:\pos2D1.tmp C:\pos2D2.tmp C:\pos2D3.tmp C:\pos2D4.tmp C:\pos2D5.tmp C:\pos2D6.tmp C:\pos2D7.tmp C:\pos2D8.tmp C:\pos2D9.tmp C:\pos2DA.tmp C:\pos2DB.tmp C:\pos2DC.tmp C:\pos2DD.tmp C:\pos2DE.tmp C:\pos2DF.tmp C:\pos2E.tmp C:\pos2E0.tmp C:\pos2E1.tmp C:\pos2E2.tmp C:\pos2E3.tmp C:\pos2E4.tmp C:\pos2E5.tmp C:\pos2E6.tmp C:\pos2E7.tmp C:\pos2E8.tmp C:\pos2E9.tmp C:\pos2EA.tmp C:\pos2EB.tmp C:\pos2EC.tmp C:\pos2ED.tmp C:\pos2EE.tmp C:\pos2EF.tmp C:\pos2F.tmp C:\pos2F0.tmp C:\pos2F1.tmp C:\pos2F2.tmp C:\pos2F3.tmp C:\pos2F4.tmp C:\pos2F5.tmp C:\pos2F6.tmp C:\pos2F7.tmp C:\pos2F8.tmp C:\pos2F9.tmp C:\pos2FA.tmp C:\pos2FB.tmp C:\pos2FC.tmp C:\pos2FD.tmp C:\pos2FE.tmp C:\pos2FF.tmp C:\pos30.tmp C:\pos300.tmp C:\pos301.tmp C:\pos302.tmp C:\pos303.tmp C:\pos304.tmp C:\pos305.tmp C:\pos306.tmp C:\pos307.tmp C:\pos308.tmp C:\pos309.tmp C:\pos30A.tmp C:\pos30B.tmp C:\pos30C.tmp C:\pos30D.tmp C:\pos30E.tmp C:\pos30F.tmp C:\pos31.tmp C:\pos310.tmp C:\pos311.tmp C:\pos312.tmp C:\pos313.tmp C:\pos314.tmp C:\pos315.tmp C:\pos316.tmp C:\pos317.tmp C:\pos318.tmp C:\pos319.tmp C:\pos31A.tmp C:\pos31B.tmp C:\pos31C.tmp C:\pos31D.tmp C:\pos31E.tmp C:\pos31F.tmp C:\pos32.tmp C:\pos320.tmp C:\pos321.tmp C:\pos322.tmp C:\pos323.tmp C:\pos324.tmp C:\pos325.tmp C:\pos326.tmp C:\pos327.tmp C:\pos328.tmp C:\pos329.tmp C:\pos32A.tmp C:\pos32B.tmp C:\pos32C.tmp C:\pos32D.tmp C:\pos32E.tmp C:\pos32F.tmp C:\pos33.tmp C:\pos330.tmp C:\pos331.tmp C:\pos332.tmp C:\pos333.tmp C:\pos334.tmp C:\pos335.tmp C:\pos336.tmp C:\pos337.tmp C:\pos338.tmp C:\pos339.tmp C:\pos33A.tmp C:\pos33B.tmp C:\pos33C.tmp C:\pos33D.tmp C:\pos33E.tmp C:\pos33F.tmp C:\pos34.tmp C:\pos340.tmp C:\pos341.tmp C:\pos342.tmp C:\pos343.tmp C:\pos344.tmp C:\pos345.tmp C:\pos346.tmp C:\pos347.tmp C:\pos348.tmp C:\pos349.tmp C:\pos34A.tmp C:\pos34B.tmp C:\pos34C.tmp C:\pos34D.tmp C:\pos34E.tmp C:\pos34F.tmp C:\pos35.tmp C:\pos350.tmp C:\pos351.tmp C:\pos352.tmp C:\pos353.tmp C:\pos354.tmp C:\pos355.tmp C:\pos356.tmp C:\pos357.tmp C:\pos358.tmp C:\pos359.tmp C:\pos35A.tmp C:\pos35B.tmp C:\pos35C.tmp C:\pos35D.tmp C:\pos35E.tmp C:\pos35F.tmp C:\pos36.tmp C:\pos360.tmp C:\pos361.tmp C:\pos362.tmp C:\pos363.tmp C:\pos364.tmp C:\pos365.tmp C:\pos366.tmp C:\pos367.tmp C:\pos368.tmp C:\pos369.tmp C:\pos36A.tmp C:\pos36B.tmp C:\pos36C.tmp C:\pos36D.tmp C:\pos36E.tmp C:\pos36F.tmp C:\pos37.tmp C:\pos370.tmp C:\pos371.tmp C:\pos372.tmp C:\pos373.tmp C:\pos374.tmp C:\pos375.tmp C:\pos376.tmp C:\pos377.tmp C:\pos378.tmp C:\pos379.tmp C:\pos37A.tmp C:\pos37B.tmp C:\pos37C.tmp C:\pos37D.tmp C:\pos37E.tmp C:\pos37F.tmp C:\pos38.tmp C:\pos380.tmp C:\pos381.tmp C:\pos382.tmp C:\pos383.tmp C:\pos384.tmp C:\pos385.tmp C:\pos386.tmp C:\pos387.tmp C:\pos388.tmp C:\pos389.tmp C:\pos38A.tmp C:\pos38B.tmp C:\pos38C.tmp C:\pos38D.tmp C:\pos38E.tmp C:\pos38F.tmp C:\pos39.tmp C:\pos390.tmp C:\pos391.tmp C:\pos392.tmp C:\pos393.tmp C:\pos394.tmp C:\pos395.tmp C:\pos396.tmp C:\pos397.tmp C:\pos398.tmp C:\pos399.tmp C:\pos39A.tmp C:\pos39B.tmp C:\pos39C.tmp C:\pos39D.tmp C:\pos39E.tmp C:\pos39F.tmp C:\pos3A.tmp C:\pos3A0.tmp C:\pos3A1.tmp C:\pos3A2.tmp C:\pos3A3.tmp C:\pos3A4.tmp C:\pos3A5.tmp C:\pos3A6.tmp C:\pos3A7.tmp C:\pos3A8.tmp C:\pos3A9.tmp C:\pos3AA.tmp C:\pos3AB.tmp C:\pos3AC.tmp C:\pos3AD.tmp C:\pos3AE.tmp C:\pos3AF.tmp C:\pos3B.tmp C:\pos3B0.tmp C:\pos3B1.tmp C:\pos3B2.tmp C:\pos3B3.tmp C:\pos3B4.tmp C:\pos3B5.tmp C:\pos3B6.tmp C:\pos3B7.tmp C:\pos3B8.tmp C:\pos3B9.tmp C:\pos3BA.tmp C:\pos3BB.tmp C:\pos3BC.tmp C:\pos3BD.tmp C:\pos3BE.tmp C:\pos3BF.tmp C:\pos3C.tmp C:\pos3C0.tmp C:\pos3C1.tmp C:\pos3C2.tmp C:\pos3C3.tmp C:\pos3C4.tmp C:\pos3C5.tmp C:\pos3C6.tmp C:\pos3C7.tmp C:\pos3C8.tmp C:\pos3C9.tmp C:\pos3CA.tmp C:\pos3CB.tmp C:\pos3CC.tmp C:\pos3CD.tmp C:\pos3CE.tmp C:\pos3CF.tmp C:\pos3D.tmp C:\pos3D0.tmp C:\pos3D1.tmp C:\pos3D2.tmp C:\pos3D3.tmp C:\pos3D4.tmp C:\pos3D5.tmp C:\pos3D6.tmp C:\pos3D7.tmp C:\pos3D8.tmp C:\pos3D9.tmp C:\pos3DA.tmp C:\pos3DB.tmp C:\pos3DC.tmp C:\pos3DD.tmp C:\pos3DE.tmp C:\pos3DF.tmp C:\pos3E.tmp C:\pos3E0.tmp C:\pos3E1.tmp C:\pos3E2.tmp C:\pos3E3.tmp C:\pos3E4.tmp C:\pos3E5.tmp C:\pos3E6.tmp C:\pos3E7.tmp C:\pos3E8.tmp C:\pos3E9.tmp C:\pos3EA.tmp C:\pos3EB.tmp C:\pos3F.tmp C:\pos4.tmp C:\pos40.tmp C:\pos41.tmp C:\pos42.tmp C:\pos43.tmp C:\pos44.tmp C:\pos45.tmp C:\pos46.tmp C:\pos47.tmp C:\pos48.tmp C:\pos49.tmp C:\pos4A.tmp C:\pos4B.tmp C:\pos4C.tmp C:\pos4D.tmp C:\pos4E.tmp C:\pos4F.tmp C:\pos5.tmp C:\pos50.tmp C:\pos51.tmp C:\pos52.tmp C:\pos53.tmp C:\pos54.tmp C:\pos55.tmp C:\pos56.tmp C:\pos57.tmp C:\pos58.tmp C:\pos59.tmp C:\pos5A.tmp C:\pos5B.tmp C:\pos5C.tmp C:\pos5D.tmp C:\pos5E.tmp C:\pos5F.tmp C:\pos6.tmp C:\pos60.tmp C:\pos61.tmp C:\pos62.tmp C:\pos63.tmp C:\pos64.tmp C:\pos65.tmp C:\pos66.tmp C:\pos67.tmp C:\pos68.tmp C:\pos69.tmp C:\pos6A.tmp C:\pos6B.tmp C:\pos6C.tmp C:\pos6D.tmp C:\pos6E.tmp C:\pos6F.tmp C:\pos7.tmp C:\pos70.tmp C:\pos71.tmp C:\pos72.tmp C:\pos73.tmp C:\pos74.tmp C:\pos75.tmp C:\pos76.tmp C:\pos77.tmp C:\pos78.tmp C:\pos79.tmp C:\pos7A.tmp C:\pos7B.tmp C:\pos7C.tmp C:\pos7D.tmp C:\pos7E.tmp C:\pos7F.tmp C:\pos8.tmp C:\pos80.tmp C:\pos81.tmp C:\pos82.tmp C:\pos83.tmp C:\pos84.tmp C:\pos85.tmp C:\pos86.tmp C:\pos87.tmp C:\pos88.tmp C:\pos89.tmp C:\pos8A.tmp C:\pos8B.tmp C:\pos8C.tmp C:\pos8D.tmp C:\pos8E.tmp C:\pos8F.tmp C:\pos9.tmp C:\pos90.tmp C:\pos91.tmp C:\pos92.tmp C:\pos93.tmp C:\pos94.tmp C:\pos95.tmp C:\pos96.tmp C:\pos97.tmp C:\pos98.tmp C:\pos99.tmp C:\pos9A.tmp C:\pos9B.tmp C:\pos9C.tmp C:\pos9D.tmp C:\pos9E.tmp C:\pos9F.tmp C:\posA.tmp C:\posA0.tmp C:\posA1.tmp C:\posA2.tmp C:\posA3.tmp C:\posA4.tmp C:\posA5.tmp C:\posA6.tmp C:\posA7.tmp C:\posA8.tmp C:\posA9.tmp C:\posAA.tmp C:\posAB.tmp C:\posAC.tmp C:\posAD.tmp C:\posAE.tmp C:\posAF.tmp C:\posB.tmp C:\posB0.tmp C:\posB1.tmp C:\posB2.tmp C:\posB3.tmp C:\posB4.tmp C:\posB5.tmp C:\posB6.tmp C:\posB7.tmp C:\posB8.tmp C:\posB9.tmp C:\posBA.tmp C:\posBB.tmp C:\posBC.tmp C:\posBD.tmp C:\posBE.tmp C:\posBF.tmp C:\posC.tmp C:\posC0.tmp C:\posC1.tmp C:\posC2.tmp C:\posC3.tmp C:\posC4.tmp C:\posC5.tmp C:\posC6.tmp C:\posC7.tmp C:\posC8.tmp C:\posC9.tmp C:\posCA.tmp C:\posCB.tmp C:\posCC.tmp C:\posCD.tmp C:\posCE.tmp C:\posCF.tmp C:\posD.tmp C:\posD0.tmp C:\posD1.tmp C:\posD2.tmp C:\posD3.tmp C:\posD4.tmp C:\posD5.tmp C:\posD6.tmp C:\posD7.tmp C:\posD8.tmp C:\posD9.tmp C:\posDA.tmp C:\posDB.tmp C:\posDC.tmp C:\posDD.tmp C:\posDE.tmp C:\posDF.tmp C:\posE.tmp C:\posE0.tmp C:\posE1.tmp C:\posE2.tmp C:\posE3.tmp C:\posE4.tmp C:\posE5.tmp C:\posE6.tmp C:\posE7.tmp C:\posE8.tmp C:\posE9.tmp C:\posEA.tmp C:\posEB.tmp C:\posEC.tmp C:\posED.tmp C:\posEE.tmp C:\posEF.tmp C:\posF.tmp C:\posF0.tmp C:\posF1.tmp C:\posF2.tmp C:\posF3.tmp C:\posF4.tmp C:\posF5.tmp C:\posF6.tmp C:\posF7.tmp C:\posF8.tmp C:\posF9.tmp C:\posFA.tmp C:\posFB.tmp C:\posFC.tmp C:\posFD.tmp C:\posFE.tmp C:\posFF.tmp C:\Temp\1cb C:\Temp\1cb\syscheck.log C:\temp\tn3 C:\WINDOWS\system32\ailvmcnk.dllbox C:\WINDOWS\system32\ehkmp.ini C:\WINDOWS\system32\ehkmp.ini2 C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\pac.txt C:\WINDOWS\system32\ttt.exe C:\WINDOWS\system32\drivers\core.cache.dsk . . . . failed to delete . ((((((((((((((((((((((((( Files Created from 2007-12-17 to 2008-01-17 ))))))))))))))))))))))))))))))) . 2008-01-16 21:05 . 2008-01-16 21:05 <DIR> d-------- C:\Temp\tn3 2008-01-16 21:05 . 2008-01-16 21:05 932 --------- C:\WINDOWS\system32\drivers\core.cache.dsk 2008-01-16 20:43 . 2004-08-03 23:00 260,272 --a------ C:\cmldr 2008-01-16 20:43 . 2004-10-01 19:50 211 --a------ C:\Boot.bak 2008-01-16 20:42 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-16 19:31 . 2008-01-16 19:31 <DIR> d--hs---- C:\WINDOWS\ftpcache 2008-01-16 19:05 . 2008-01-16 19:31 <DIR> d-------- C:\Program Files\Active Images Express 2008-01-12 21:23 . 2008-01-12 21:57 315 --a------ C:\WINDOWS\wininit.ini 2008-01-12 18:17 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS 2008-01-12 18:15 . 2007-06-08 09:44 8,576 --a------ C:\WINDOWS\system32\drivers\ymatxfjjkfdt.sys 2008-01-12 18:02 . 2008-01-12 18:02 <DIR> d-------- C:\Program Files\SpywareBlaster 2008-01-12 17:57 . 2008-01-12 19:05 <DIR> d-------- C:\WINDOWS\system32\ActiveScan 2008-01-12 17:57 . 2008-01-12 17:57 30,590 --a------ C:\WINDOWS\system32\pavas.ico 2008-01-12 17:57 . 2008-01-12 17:57 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico 2008-01-12 17:57 . 2008-01-12 17:57 1,406 --a------ C:\WINDOWS\system32\Help.ico 2008-01-12 10:52 . 2008-01-15 12:03 <DIR> d-------- C:\WINDOWS\system32\vt8 2008-01-12 10:52 . 2008-01-12 11:29 <DIR> d-------- C:\WINDOWS\system32\ob3 2008-01-12 10:52 . 2008-01-12 11:29 <DIR> d-------- C:\WINDOWS\system32\mp2 2008-01-12 10:52 . 2008-01-12 11:29 <DIR> d-------- C:\WINDOWS\system32\ez4 2008-01-12 10:52 . 2008-01-12 19:07 <DIR> d-------- C:\WINDOWS\system32\edcA17 2008-01-12 10:52 . 2008-01-12 10:52 <DIR> d-------- C:\WINDOWS\system32\che9 2008-01-12 10:52 . 2008-01-12 10:52 86,016 --a------ C:\WINDOWS\system32\drivers\wpdusbb.sys 2008-01-12 10:10 . 2008-01-12 10:11 <DIR> d-------- C:\WINDOWS\system32\edcA01 2008-01-12 10:10 . 2008-01-12 10:10 <DIR> d-------- C:\Temp\Ryuan1 2008-01-12 10:10 . 2008-01-16 21:05 <DIR> d-------- C:\Temp 2008-01-02 16:30 . 2008-01-15 19:40 <DIR> d-------- C:\Program Files\iTunes 2008-01-02 16:28 . 2008-01-02 16:36 <DIR> d-------- C:\WINDOWS\SxsCaPendDel 2008-01-02 16:28 . 2008-01-12 11:29 <DIR> d-------- C:\Program Files\QuickTime 2008-01-02 14:34 . 2008-01-02 14:34 <DIR> d-------- C:\Program Files\Photo Viewer 2007-12-17 08:26 . 2007-12-17 08:26 <DIR> d-------- C:\Documents and Settings\Dante\Application Data\Printer Info Cache . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-17 02:03 --------- d-----w C:\Documents and Settings\Dante\Application Data\Free Download Manager 2008-01-16 17:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7 2008-01-15 16:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-01-12 23:46 --------- d-----w C:\Program Files\Lexmark 2200 Series 2008-01-12 23:45 --------- d-----w C:\Program Files\Google 2008-01-12 23:44 --------- d-----w C:\Program Files\Free Download Manager 2008-01-12 15:34 --------- d-----w C:\Program Files\Lexmark Fax Solutions 2008-01-03 20:41 --------- d-----w C:\Program Files\Motorola 2008-01-03 20:40 --------- d-----w C:\Program Files\MUSICMATCH 2008-01-02 21:30 --------- d-----w C:\Program Files\iPod 2008-01-02 21:23 --------- d-----w C:\Program Files\Apple Software Update 2008-01-02 19:32 4,424 ----a-w C:\Documents and Settings\Dante\Application Data\ViewerApp.dat 2007-12-17 13:30 --------- d-----w C:\Documents and Settings\Dante\Application Data\U3 2007-12-09 14:02 --------- d-----w C:\Program Files\WOMGames 2007-12-09 14:02 --------- d-----w C:\Program Files\Snood 2007-11-26 05:13 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2007-11-21 19:23 127,034 ------r C:\WINDOWS\bwUnin-8.1.1.50-8876480SL.exe 2007-11-21 19:23 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-11-21 19:23 --------- d-----w C:\Program Files\Logitech 2007-11-21 19:23 --------- d-----w C:\Documents and Settings\Dante\Application Data\Logitech 2007-11-21 19:22 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2007-11-21 19:22 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2007-11-21 19:21 --------- d-----w C:\Program Files\Common Files\Logitech 2007-11-21 19:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech 2007-11-19 20:46 --------- d-----w C:\Program Files\GameSpy Arcade 2007-11-19 02:54 --------- d-----w C:\Program Files\EA GAMES 2005-01-11 20:47 13,482,997 ----a-w C:\Documents and Settings\My phone\2800ringtonesg.zip 2005-01-11 20:22 49,425,315 ----a-w C:\Documents and Settings\My phone\R1C0101.exe 2005-01-11 20:17 2,845,950 ----a-w C:\Documents and Settings\My phone\iDENDownloadAppsUtility.exe 2004-08-26 00:18 56 --sh--r C:\WINDOWS\system32\D9BCAB6F5A.sys 2005-01-03 21:49 4,184 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{72CB06A0-29A3-4B79-ABE3-B8C0EC03F829}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9168926A-8648-4BA2-A761-880F0D8AA3ED}] C:\WINDOWS\system32\pmkhe.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AGRSMMSG"="AGRSMMSG.exe" [2004-07-22 13:38 88361 C:\WINDOWS\AGRSMMSG.exe] "Logitech Utility"="Logi_MwX.Exe" [2003-11-07 04:50 19968 C:\WINDOWS\LOGI_MWX.EXE] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [ ] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 09:02 219136] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 01:05:26] Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-11-21 14:23:20] Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-11-21 14:21:13] Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2006-09-13 19:28:32] Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2006-09-13 19:28:29] Remocon Driver.lnk - C:\Program Files\sony\usbsircs\usbsircs.exe [2004-07-01 17:11:30] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ailvmcnk] ailvmcnk.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqqpol] ssqqpol.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] @="" R1 wpdusbb;wpdusbb;C:\WINDOWS\system32\drivers\wpdusbb.sys [2008-01-12 10:52] R2 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [2004-03-12 19:32] S3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\System32\DRIVERS\COMFiltr.sys [] S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys [] S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe [2004-03-12 18:57] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f0c14a9-79bd-11dc-a6ea-00112f236203}] \Shell\AutoRun\command - I:\LaunchU3.exe -a . Contents of the 'Scheduled Tasks' folder "2008-01-14 17:12:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-16 21:05:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-01-16 21:07:52 - machine was rebooted ComboFix-quarantined-files.txt 2008-01-17 02:07:50 . 2008-01-09 14:29:40 --- E O F ---