|
Registered User
Join Date: Aug 2006
Location: Australia
Posts: 22
OS: XP
|
ComboFix Log
Here's the latest ComboFix log:
Start Time= Wed 08/09/2006 13:14:11.64
Running from: C:\Documents and Settings\Russell\Desktop
QuickScan did not find any signs of infected files
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-08-08 17:13:32 86496 ( A.... ) "C:\Documents and Settings\Russell\Application Data\GDIPFONTCACHEV1.DAT"
2006-08-05 14:36:38 528446 ( A.... ) "C:\WINDOWS\gmer.dll"
2006-07-26 13:51:24 ( .D... ) "C:\Program Files\Sales Letter Creator"
2006-07-23 13:20:22 0 ( A..H. ) "C:\Documents and Settings\Russell\Application Data\L84577898.5v1"
2006-07-23 13:18:08 ( .D... ) "C:\Program Files\FileMaker"
2006-07-23 10:37:02 ( .D... ) "C:\Program Files\!Cool Programs"
2006-07-22 15:38:22 ( .D... ) "C:\Program Files\myownarticles rewriter"
2006-07-20 19:35:04 ( .D... ) "C:\Program Files\UseNeXT"
2006-07-20 15:11:10 ( .D... ) "C:\Program Files\TechSmith"
2006-07-12 03:12:18 ( .D... ) "C:\Program Files\Domain Suggestion Tool"
2006-06-15 17:18:40 ( .D... ) "C:\Program Files\Cody Moya's .doc to .txt converter"
2006-06-15 03:12:00 45056 ( A.... ) "C:\WINDOWS\system32\CSvidcap.dll"
2006-06-14 22:26:06 ( .D... ) "C:\Program Files\The Keyword Bible Pro"
2006-06-14 21:13:42 102400 ( A.... ) "C:\WINDOWS\system32\tsccvid.dll"
2006-06-12 01:17:26 ( .D... ) "C:\Program Files\KA Sitebuilder"
2006-06-10 22:28:16 442 ( A.... ) "C:\Program Files\Shortcut to IVS.lnk"
2006-06-10 21:51:30 ( .D... ) "C:\Program Files\IVS"
2006-06-10 01:45:54 ( .D... ) "C:\Program Files\Web Audio Plus"
2006-06-09 16:15:46 5161 ( A.... ) "C:\Documents and Settings\Russell\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log"
2006-06-06 20:49:18 745531 ( A.... ) "C:\WINDOWS\gmer.exe"
2006-01-19 15:18:06 1135579 ( A.... ) "C:\Program Files\DocToTxtSetup.exe"
2005-11-19 22:12:46 1309840 ( A.... ) "C:\Program Files\a2freesetup.exe"
2005-11-19 21:30:44 777142 ( A.... ) "C:\Program Files\aaupd2012.exe"
2005-11-18 21:35:10 2693614 ( A.... ) "C:\Program Files\orwell.exe"
2005-11-15 00:39:48 13244 ( A.... ) "C:\Program Files\rssg2.zip"
2005-11-13 21:19:16 1014477 ( A.... ) "C:\Program Files\wrar351.exe"
2004-01-15 01:34:18 259539966 ( A.... ) "C:\Program Files\Microsoft Office XP Publisher 2003.zip"
2001-04-04 17:11:30 1499904 ( A...R ) "C:\Program Files\INSTMSIW.EXE"
2001-04-04 17:11:28 1489152 ( A...R ) "C:\Program Files\INSTMSI.EXE"
2001-04-04 17:11:28 184 ( A..HR ) "C:\Program Files\AUTORUN.INF"
2001-04-02 19:50:14 29 ( A...R ) "C:\Program Files\cd-key.txt"
2001-03-01 23:38:12 3485184 ( A...R ) "C:\Program Files\PROPLUS.MSI"
2001-03-01 23:35:58 306688 ( A...R ) "C:\Program Files\OWC10.MSI"
2001-03-01 14:35:26 224771818 ( A..HR ) "C:\Program Files\OFFICE1.CAB"
2001-02-28 12:14:46 476576 ( A...R ) "C:\Program Files\SETUP.EXE"
2001-02-21 12:18:24 7929 ( A...R ) "C:\Program Files\README.HTM"
(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))
2006-08-07 20:08 73,728 C:\WINDOWS\system32\asuninst.exe
2006-08-07 20:08 11,776 C:\WINDOWS\system32\ZPORT4AS.dll
2006-08-07 00:04 1,073,270,784 C:\hiberfil.sys
2006-08-05 14:36 745,531 C:\WINDOWS\gmer.exe
2006-08-05 14:36 528,446 C:\WINDOWS\gmer.dll
2006-07-20 15:11 45,056 C:\WINDOWS\system32\CSvidcap.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"SMSERIAL"="sm56hlpr.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"AVG7_EMC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe"
"Prolific_PLUtil"="C:\\Program Files\\Prolific\\USB Flash Disk Utility\\PLBkMon.exe"
"PLFFAP"="C:\\WINDOWS\\system32\\HotfixQ0306270.exe"
"Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"
"Zone Labs Client"="C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe"
"OpwareSE2"="\"C:\\Program Files\\ScanSoft\\OmniPageSE2.0\\OpwareSE2.exe\""
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"StatusClient 2.6"="C:\\Program Files\\Hewlett-Packard\\Toolbox\\StatusClient\\StatusClient.exe /auto"
"TomcatStartup 2.5"="C:\\Program Files\\Hewlett-Packard\\Toolbox\\hpbpsttp.exe"
"HP Software Update"="C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe"
"UltraMon"="\"C:\\Program Files\\UltraMon\\UltraMon.exe\" /auto"
"PCSuiteTrayApplication"="C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup"
"PCPitstop Optimize Registration Reminder"="C:\\Program Files\\PCPitstop\\Optimize\\Reminder.exe"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"SoundMan"="SOUNDMAN.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"NBJ"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\""
"Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"
"Update Service"="\"C:\\Program Files\\Common Files\\Teknum Systems\\update.exe\" /startup"
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe"
"LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
"Uniblue Registry Booster"="C:\\Program Files\\Uniblue\\Registry Booster\\RegistryBooster.exe /S"
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"googletalk"="\"C:\\Program Files\\Google\\Google Talk\\googletalk.exe\" /autostart"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,80,02,00,00,00,00,00,00,80,02,00,00,de,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,0d,02,00,00,00,00,00,00,f3,02,00,00,de,03,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,0d,02,00,00,00,00,00,00,f3,02,00,00,de,03,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
Contents of the 'Scheduled Tasks' folder
Completion time: Wed 08/09/2006 13:14:29.03
ComboFix ver 06.07.15/28 - This logfile is located at C:\ComboFix.txt
ComboFix.2006-08-05.211253.txt
ComboFix.2006-08-06.200215.txt
ComboFix.2006-08-06.201622.txt
ComboFix.2006-08-06.202939.txt
ComboFix.2006-08-09.131411.txt
|