Tech Support Forum - View Single Post

kmac182 · 11-28-2006, 08:46 PM

Kendall - 06-11-28 19:41:30.15 Service Pack 2
ComboFix 06.11.28W - Running from: "C:\Documents and Settings\Kendall\desktop"
Command switches used :: /v homsiuel qgtjrryr

(((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\homsiuel.dll
C:\WINDOWS\system32\qgtjrryr.dll

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

((((((((((((((((((((((((((((((( Files Created from 2006-10-28 to 2006-11-28 ))))))))))))))))))))))))))))))))))

2006-11-28 19:42 <DIR> d-------- C:\WINDOWS\erdnt
2006-11-28 19:10 <DIR> d-------- C:\WINDOWS\temp
2006-11-28 18:36 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2006-11-28 17:37 88,340 --a------ C:\WINDOWS\system32\yykdqmjx.exe
2006-11-28 17:31 88,340 --a------ C:\WINDOWS\system32\kblaikyl.exe
2006-11-27 17:31 88,340 --a------ C:\WINDOWS\system32\klkctdcn.exe
2006-11-27 17:26 88,340 --a------ C:\WINDOWS\system32\csnrguem.exe
2006-11-27 17:26 132,116 --a------ C:\WINDOWS\system32\hjpopuet.dll
2006-11-27 17:26 <DIR> d-------- C:\Program Files\VSAdd-in
2006-11-26 18:36 <DIR> d-------- C:\WINDOWS\pss
2006-11-26 18:35 218,112 --a------ C:\kmac.exe
2006-11-24 17:20 132,116 --a------ C:\WINDOWS\system32\oxkuvpqq.dll
2006-11-23 17:14 38,420 --a------ C:\WINDOWS\system32\verpbdqy.dll
2006-11-23 17:14 132,116 --a------ C:\WINDOWS\system32\vnlcqvpm.dll
2006-11-19 17:04 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2006-11-19 17:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2006-11-19 17:03 5,037,072 --a------ C:\spybotsd14.exe
2006-11-15 23:55 <DIR> d-------- C:\Program Files\MSXML 4.0
2006-11-15 23:55 <DIR> d-------- C:\7256fbfbf1f5068a0b3bb1
2006-11-15 17:52 <DIR> d-------- C:\Program Files\AOL Pictures
2006-11-14 19:14 <DIR> d--h----- C:\Program Files\Zero G Registry
2006-11-14 19:14 <DIR> d-------- C:\Program Files\Rosetta Stone
2006-11-14 19:13 <DIR> d--h----- C:\Documents and Settings\Kendall\InstallAnywhere
2006-11-10 06:58 110,612 --a------ C:\WINDOWS\system32\ldrdfjnd.exe
2006-11-09 16:49 110,612 --a------ C:\WINDOWS\system32\ujgtqyai.exe
2006-11-09 15:47 110,612 --a------ C:\WINDOWS\system32\btanamwt.exe
2006-11-08 19:47 110,612 --a------ C:\WINDOWS\system32\idhsgfvs.exe
2006-11-07 19:44 118,804 --a------ C:\WINDOWS\system32\yjmbhewi.dll
2006-11-06 13:11 110,612 --a------ C:\WINDOWS\system32\grpuuwmv.exe
2006-11-05 16:45 110,612 --a------ C:\WINDOWS\system32\pycvgaed.exe
2006-11-05 16:43 110,612 --a------ C:\WINDOWS\system32\sidriopw.exe
2006-11-05 10:45 110,612 --a------ C:\WINDOWS\system32\knxhetvn.exe
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-04 10:16 110,612 --a------ C:\WINDOWS\system32\gowtiskk.exe
2006-11-03 21:51 110,612 --a------ C:\WINDOWS\system32\bbwhxclh.exe
2006-11-03 21:30 110,612 --a------ C:\WINDOWS\system32\woptkjdj.exe
2006-11-03 21:27 110,612 --a------ C:\WINDOWS\system32\ibtvuavg.exe
2006-11-03 13:12 110,612 --a------ C:\WINDOWS\system32\fmadnhbo.exe
2006-11-02 15:59 60,436 --a------ C:\WINDOWS\system32\enajoyma.dll
2006-11-02 15:59 110,612 --a------ C:\WINDOWS\system32\fwehymsw.exe
2006-10-31 19:45 118,804 --a------ C:\WINDOWS\system32\uuarivno.dll
2006-10-30 12:38 <DIR> dr-h----- C:\Documents and Settings\Kendall\Recent
2006-10-30 12:37 <DIR> d-------- C:\Program Files\Common Files\Java
2006-10-29 12:21 <DIR> d-------- C:\Program Files\NETGEAR
2006-10-28 21:26 <DIR> d-------- C:\Documents and Settings\Kendall\Application Data\Business Logic

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-11-28 18:57 -------- d-------- C:\Program Files\QuickTime
2006-11-28 18:54 -------- d-------- C:\Program Files\Internet Explorer
2006-11-28 18:54 -------- d-------- C:\Program Files\GoogleAFE
2006-11-28 18:54 -------- d-------- C:\Program Files\Dell Support
2006-11-28 18:51 -------- d-------- C:\Program Files\America Online 9.0a
2006-11-28 18:51 -------- d-------- C:\Program Files\AIM
2006-11-27 20:44 -------- d-------- C:\Program Files\Mozilla Firefox
2006-11-03 14:12 6164 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2006-11-03 14:12 56 -r-hs---- C:\WINDOWS\system32\CC3DA89CEB.sys
2006-10-31 22:20 -------- d-------- C:\Program Files\VSToolbar
2006-10-30 19:12 -------- d-------- C:\Documents and Settings\Kendall\Application Data\AdobeUM
2006-10-29 17:36 -------- d-------- C:\Program Files\Java
2006-10-29 17:36 -------- d-------- C:\Program Files\Common Files
2006-10-29 12:21 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-29 10:27 -------- d---s---- C:\Documents and Settings\Kendall\Application Data\Microsoft
2006-10-28 14:29 908 --a------ C:\Documents and Settings\Kendall\Application Data\wklnhst.dat
2006-10-24 21:36 45525 --a------ C:\WINDOWS\system32\baialjvc.dll
2006-10-22 20:05 -------- d-------- C:\Documents and Settings\Kendall\Application Data\TPSEE
2006-10-22 14:37 67604 --a------ C:\WINDOWS\system32\cpaeuryr.exe
2006-10-19 10:09 -------- d-------- C:\Program Files\AOL
2006-10-19 09:45 -------- d-------- C:\Program Files\Common Files\AOL
2006-10-17 21:37 45525 --a------ C:\WINDOWS\system32\rmgdlnjf.dll
2006-10-16 17:29 45525 --a------ C:\WINDOWS\system32\jhtqjylu.dll
2006-10-13 04:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 04:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 04:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-13 02:23 163584 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2006-10-12 16:05 98324 --a------ C:\WINDOWS\system32\twgmqmyi.dll
2006-10-09 17:30 45525 --a------ C:\WINDOWS\system32\vhbwqdmy.dll
2006-10-03 09:43 86036 --a------ C:\WINDOWS\system32\omxwbojf.dll
2006-10-02 17:11 45525 --a------ C:\WINDOWS\system32\eetacftp.dll
2006-10-01 09:03 45525 --a------ C:\WINDOWS\system32\ylywwdem.dll
2006-09-28 19:28 -------- d-------- C:\Program Files\CleanUp!
2006-09-26 20:24 45525 --a------ C:\WINDOWS\system32\vctpwxvw.dll
2006-09-26 19:12 103984 --a------ C:\WINDOWS\system32\AOLDial.dll
2006-09-25 18:23 143380 --a------ C:\WINDOWS\system32\rpiufprr.exe
2006-09-19 20:25 106516 --a------ C:\WINDOWS\system32\qseybitq.dll
2006-09-19 07:38 86068 --a------ C:\WINDOWS\system32\uhvyblbu.dll
2006-09-12 21:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-12 20:26 106516 --a------ C:\WINDOWS\system32\bqsnaewd.dll
2006-09-11 09:37 106516 --a------ C:\WINDOWS\system32\vbjevdpj.dll
2006-09-10 15:05 106516 --a------ C:\WINDOWS\system32\stbnvxql.dll
2006-09-10 12:19 106516 --a------ C:\WINDOWS\system32\avwylkwv.dll
2006-09-10 09:26 106516 --a------ C:\WINDOWS\system32\hrjrnqba.dll
2006-09-09 08:59 106516 --a------ C:\WINDOWS\system32\gkhljwmf.dll
2006-09-08 08:41 106516 --a------ C:\WINDOWS\system32\swhcdobs.dll
2006-09-07 10:12 106516 --a------ C:\WINDOWS\system32\pnjyccxt.dll
2006-09-06 20:50 106516 --a------ C:\WINDOWS\system32\nhkryunc.dll
2006-09-06 20:22 106516 --a------ C:\WINDOWS\system32\dwqjtmbm.dll
2006-09-05 18:53 106516 --a------ C:\WINDOWS\system32\dmllrglk.dll
2006-09-04 08:31 106516 --a------ C:\WINDOWS\system32\whdccbvc.dll
2006-09-03 09:32 102420 --a------ C:\WINDOWS\system32\meuufksp.dll
2006-09-02 14:56 102420 --a------ C:\WINDOWS\system32\pxodrrkm.dll
2006-09-02 07:29 102420 --a------ C:\WINDOWS\system32\luxvwyxm.dll
2006-09-01 09:35 102420 --a------ C:\WINDOWS\system32\rkkuccre.dll
2006-08-29 07:29 13844 --a------ C:\WINDOWS\system32\iwjriqvp.exe

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"DellSupport"="\"C:\\Program Files\\Dell Support\\DSAgnt.exe\" /startup"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Aim6"="\"C:\\Program Files\\Common Files\\AOL\\Launch\\AOLLaunch.exe\" /d locale=en-US ee://aol/imApp"
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"
"ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
"IntelMeM"="C:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe"
"CTSysVol"="C:\\Program Files\\Creative\\SBAudigy2ZS\\Surround Mixer\\CTSysVol.exe /r"
"CTDVDDET"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\DVDAudio\\CTDVDDET.EXE\""
"CTHelper"="CTHELPER.EXE"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~3\\mimboot.exe"
"pccguide.exe"="\"C:\\Program Files\\Trend Micro\\Internet Security 12\\pccguide.exe\""
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1146885179\\ee\\AOLSoftware.exe"
"AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"
"Corel Photo Downloader"="C:\\Program Files\\Corel\\Corel Photo Album 6\\MediaDetect.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe"
"DropBoxUtility"="\"C:\\Program Files\\DropBox\\DropBox\\DropBox.exe\" /s"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

Completion time: 06-11-28 19:44:09.76
C:\ComboFix.txt ... 06-11-28 19:44
C:\ComboFix2.txt ... 06-11-28 19:10
C:\ComboFix3.txt ... 06-11-28 19:12

I'm sorry, I'm really bad at these kind of things. Thanks so much for helping me out.

11-28-2006, 08:46 PM	#8 (permalink)
kmac182 Registered User Join Date: Nov 2006 Posts: 10 OS: windows XP	Kendall - 06-11-28 19:41:30.15 Service Pack 2 ComboFix 06.11.28W - Running from: "C:\Documents and Settings\Kendall\desktop" Command switches used :: /v homsiuel qgtjrryr (((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log ))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\homsiuel.dll C:\WINDOWS\system32\qgtjrryr.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ((((((((((((((((((((((((((((((( Files Created from 2006-10-28 to 2006-11-28 )))))))))))))))))))))))))))))))))) 2006-11-28 19:42 <DIR> d-------- C:\WINDOWS\erdnt 2006-11-28 19:10 <DIR> d-------- C:\WINDOWS\temp 2006-11-28 18:36 <DIR> d-------- C:\WINDOWS\system32\ActiveScan 2006-11-28 17:37 88,340 --a------ C:\WINDOWS\system32\yykdqmjx.exe 2006-11-28 17:31 88,340 --a------ C:\WINDOWS\system32\kblaikyl.exe 2006-11-27 17:31 88,340 --a------ C:\WINDOWS\system32\klkctdcn.exe 2006-11-27 17:26 88,340 --a------ C:\WINDOWS\system32\csnrguem.exe 2006-11-27 17:26 132,116 --a------ C:\WINDOWS\system32\hjpopuet.dll 2006-11-27 17:26 <DIR> d-------- C:\Program Files\VSAdd-in 2006-11-26 18:36 <DIR> d-------- C:\WINDOWS\pss 2006-11-26 18:35 218,112 --a------ C:\kmac.exe 2006-11-24 17:20 132,116 --a------ C:\WINDOWS\system32\oxkuvpqq.dll 2006-11-23 17:14 38,420 --a------ C:\WINDOWS\system32\verpbdqy.dll 2006-11-23 17:14 132,116 --a------ C:\WINDOWS\system32\vnlcqvpm.dll 2006-11-19 17:04 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2006-11-19 17:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2006-11-19 17:03 5,037,072 --a------ C:\spybotsd14.exe 2006-11-15 23:55 <DIR> d-------- C:\Program Files\MSXML 4.0 2006-11-15 23:55 <DIR> d-------- C:\7256fbfbf1f5068a0b3bb1 2006-11-15 17:52 <DIR> d-------- C:\Program Files\AOL Pictures 2006-11-14 19:14 <DIR> d--h----- C:\Program Files\Zero G Registry 2006-11-14 19:14 <DIR> d-------- C:\Program Files\Rosetta Stone 2006-11-14 19:13 <DIR> d--h----- C:\Documents and Settings\Kendall\InstallAnywhere 2006-11-10 06:58 110,612 --a------ C:\WINDOWS\system32\ldrdfjnd.exe 2006-11-09 16:49 110,612 --a------ C:\WINDOWS\system32\ujgtqyai.exe 2006-11-09 15:47 110,612 --a------ C:\WINDOWS\system32\btanamwt.exe 2006-11-08 19:47 110,612 --a------ C:\WINDOWS\system32\idhsgfvs.exe 2006-11-07 19:44 118,804 --a------ C:\WINDOWS\system32\yjmbhewi.dll 2006-11-06 13:11 110,612 --a------ C:\WINDOWS\system32\grpuuwmv.exe 2006-11-05 16:45 110,612 --a------ C:\WINDOWS\system32\pycvgaed.exe 2006-11-05 16:43 110,612 --a------ C:\WINDOWS\system32\sidriopw.exe 2006-11-05 10:45 110,612 --a------ C:\WINDOWS\system32\knxhetvn.exe 2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll 2006-11-04 10:16 110,612 --a------ C:\WINDOWS\system32\gowtiskk.exe 2006-11-03 21:51 110,612 --a------ C:\WINDOWS\system32\bbwhxclh.exe 2006-11-03 21:30 110,612 --a------ C:\WINDOWS\system32\woptkjdj.exe 2006-11-03 21:27 110,612 --a------ C:\WINDOWS\system32\ibtvuavg.exe 2006-11-03 13:12 110,612 --a------ C:\WINDOWS\system32\fmadnhbo.exe 2006-11-02 15:59 60,436 --a------ C:\WINDOWS\system32\enajoyma.dll 2006-11-02 15:59 110,612 --a------ C:\WINDOWS\system32\fwehymsw.exe 2006-10-31 19:45 118,804 --a------ C:\WINDOWS\system32\uuarivno.dll 2006-10-30 12:38 <DIR> dr-h----- C:\Documents and Settings\Kendall\Recent 2006-10-30 12:37 <DIR> d-------- C:\Program Files\Common Files\Java 2006-10-29 12:21 <DIR> d-------- C:\Program Files\NETGEAR 2006-10-28 21:26 <DIR> d-------- C:\Documents and Settings\Kendall\Application Data\Business Logic (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-28 18:57 -------- d-------- C:\Program Files\QuickTime 2006-11-28 18:54 -------- d-------- C:\Program Files\Internet Explorer 2006-11-28 18:54 -------- d-------- C:\Program Files\GoogleAFE 2006-11-28 18:54 -------- d-------- C:\Program Files\Dell Support 2006-11-28 18:51 -------- d-------- C:\Program Files\America Online 9.0a 2006-11-28 18:51 -------- d-------- C:\Program Files\AIM 2006-11-27 20:44 -------- d-------- C:\Program Files\Mozilla Firefox 2006-11-03 14:12 6164 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2006-11-03 14:12 56 -r-hs---- C:\WINDOWS\system32\CC3DA89CEB.sys 2006-10-31 22:20 -------- d-------- C:\Program Files\VSToolbar 2006-10-30 19:12 -------- d-------- C:\Documents and Settings\Kendall\Application Data\AdobeUM 2006-10-29 17:36 -------- d-------- C:\Program Files\Java 2006-10-29 17:36 -------- d-------- C:\Program Files\Common Files 2006-10-29 12:21 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-29 10:27 -------- d---s---- C:\Documents and Settings\Kendall\Application Data\Microsoft 2006-10-28 14:29 908 --a------ C:\Documents and Settings\Kendall\Application Data\wklnhst.dat 2006-10-24 21:36 45525 --a------ C:\WINDOWS\system32\baialjvc.dll 2006-10-22 20:05 -------- d-------- C:\Documents and Settings\Kendall\Application Data\TPSEE 2006-10-22 14:37 67604 --a------ C:\WINDOWS\system32\cpaeuryr.exe 2006-10-19 10:09 -------- d-------- C:\Program Files\AOL 2006-10-19 09:45 -------- d-------- C:\Program Files\Common Files\AOL 2006-10-17 21:37 45525 --a------ C:\WINDOWS\system32\rmgdlnjf.dll 2006-10-16 17:29 45525 --a------ C:\WINDOWS\system32\jhtqjylu.dll 2006-10-13 04:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll 2006-10-13 04:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll 2006-10-13 04:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-13 02:23 163584 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys 2006-10-12 16:05 98324 --a------ C:\WINDOWS\system32\twgmqmyi.dll 2006-10-09 17:30 45525 --a------ C:\WINDOWS\system32\vhbwqdmy.dll 2006-10-03 09:43 86036 --a------ C:\WINDOWS\system32\omxwbojf.dll 2006-10-02 17:11 45525 --a------ C:\WINDOWS\system32\eetacftp.dll 2006-10-01 09:03 45525 --a------ C:\WINDOWS\system32\ylywwdem.dll 2006-09-28 19:28 -------- d-------- C:\Program Files\CleanUp! 2006-09-26 20:24 45525 --a------ C:\WINDOWS\system32\vctpwxvw.dll 2006-09-26 19:12 103984 --a------ C:\WINDOWS\system32\AOLDial.dll 2006-09-25 18:23 143380 --a------ C:\WINDOWS\system32\rpiufprr.exe 2006-09-19 20:25 106516 --a------ C:\WINDOWS\system32\qseybitq.dll 2006-09-19 07:38 86068 --a------ C:\WINDOWS\system32\uhvyblbu.dll 2006-09-12 21:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll 2006-09-12 20:26 106516 --a------ C:\WINDOWS\system32\bqsnaewd.dll 2006-09-11 09:37 106516 --a------ C:\WINDOWS\system32\vbjevdpj.dll 2006-09-10 15:05 106516 --a------ C:\WINDOWS\system32\stbnvxql.dll 2006-09-10 12:19 106516 --a------ C:\WINDOWS\system32\avwylkwv.dll 2006-09-10 09:26 106516 --a------ C:\WINDOWS\system32\hrjrnqba.dll 2006-09-09 08:59 106516 --a------ C:\WINDOWS\system32\gkhljwmf.dll 2006-09-08 08:41 106516 --a------ C:\WINDOWS\system32\swhcdobs.dll 2006-09-07 10:12 106516 --a------ C:\WINDOWS\system32\pnjyccxt.dll 2006-09-06 20:50 106516 --a------ C:\WINDOWS\system32\nhkryunc.dll 2006-09-06 20:22 106516 --a------ C:\WINDOWS\system32\dwqjtmbm.dll 2006-09-05 18:53 106516 --a------ C:\WINDOWS\system32\dmllrglk.dll 2006-09-04 08:31 106516 --a------ C:\WINDOWS\system32\whdccbvc.dll 2006-09-03 09:32 102420 --a------ C:\WINDOWS\system32\meuufksp.dll 2006-09-02 14:56 102420 --a------ C:\WINDOWS\system32\pxodrrkm.dll 2006-09-02 07:29 102420 --a------ C:\WINDOWS\system32\luxvwyxm.dll 2006-09-01 09:35 102420 --a------ C:\WINDOWS\system32\rkkuccre.dll 2006-08-29 07:29 13844 --a------ C:\WINDOWS\system32\iwjriqvp.exe (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) Note empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "DellSupport"="\"C:\\Program Files\\Dell Support\\DSAgnt.exe\" /startup" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "Aim6"="\"C:\\Program Files\\Common Files\\AOL\\Launch\\AOLLaunch.exe\" /d locale=en-US ee://aol/imApp" "AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe" "IAAnotif"="C:\\Program Files\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe" "ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\"" "IntelMeM"="C:\\Program Files\\Intel\\Modem Event Monitor\\IntelMEM.exe" "CTSysVol"="C:\\Program Files\\Creative\\SBAudigy2ZS\\Surround Mixer\\CTSysVol.exe /r" "CTDVDDET"="\"C:\\Program Files\\Creative\\SBAudigy2ZS\\DVDAudio\\CTDVDDET.EXE\"" "CTHelper"="CTHELPER.EXE" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\"" "RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup" "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start" "MimBoot"="C:\\PROGRA~1\\MUSICM~1\\MUSICM~3\\mimboot.exe" "pccguide.exe"="\"C:\\Program Files\\Trend Micro\\Internet Security 12\\pccguide.exe\"" "HostManager"="C:\\Program Files\\Common Files\\AOL\\1146885179\\ee\\AOLSoftware.exe" "AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe" "Corel Photo Downloader"="C:\\Program Files\\Corel\\Corel Photo Album 6\\MediaDetect.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe" "DropBoxUtility"="\"C:\\Program Files\\DropBox\\DropBox\\DropBox.exe\" /s" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\ 63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\ 6d,73,73,74,79,6c,65,73,00 "InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\ 73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 Completion time: 06-11-28 19:44:09.76 C:\ComboFix.txt ... 06-11-28 19:44 C:\ComboFix2.txt ... 06-11-28 19:10 C:\ComboFix3.txt ... 06-11-28 19:12 I'm sorry, I'm really bad at these kind of things. Thanks so much for helping me out.