Tech Support Forum - View Single Post

bAz666 · 11-28-2006, 09:48 PM

Barry - 06-11-29 12:21:14.01 Service Pack 2
ComboFix 06.11.28W - Running from: "C:\Documents and Settings\Barry\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\drivers\npf.sys
C:\Documents and Settings\Barry\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.inter-focus.cn
C:\Documents and Settings\Barry\Application Data\Macromedia\Flash Player\#SharedObjects\JQBHWR5W\www.inter-focus.cn

((((((((((((((((((((((((((((((( Files Created from 2006-10-29 to 2006-11-29 ))))))))))))))))))))))))))))))))))

2006-11-29 09:36 51,072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys
2006-11-29 09:36 30,592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys
2006-11-28 23:44 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2006-11-28 22:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2006-11-28 22:12 <DIR> d-------- C:\Documents and Settings\Barry\Application Data\TuneUp Software
2006-11-28 22:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2006-11-27 07:40 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2006-11-27 07:40 <DIR> d-------- C:\Program Files\Common Files\Nokia
2006-11-27 07:39 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2006-11-27 07:39 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2006-11-27 07:39 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2006-11-27 07:38 9,216 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2006-11-27 07:38 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2006-11-27 07:38 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2006-11-27 07:38 138,240 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2006-11-25 10:47 <DIR> d-------- C:\Documents and Settings\Barry\Application Data\Uniblue
2006-11-21 22:51 178,408 --a------ C:\WINDOWS\system32\muweb.dll
2006-11-21 22:51 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2006-11-21 22:40 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2006-11-21 22:33 <DIR> d---s---- C:\Program Files\MSBuild
2006-11-21 22:33 <DIR> d---s---- C:\Program Files\Microsoft Visual Studio
2006-11-21 22:33 <DIR> d-------- C:\Program Files\Common Files\DESIGNER
2006-11-21 22:27 <DIR> d---s---- C:\Program Files\Microsoft Visual Studio 8
2006-11-19 23:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2006-11-19 20:28 271,360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2006-11-19 20:28 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2006-11-09 21:46 <DIR> d--hs---- C:\FOUND.000
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-03 21:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-11-03 21:21 <DIR> d-------- C:\Documents and Settings\Barry\Application Data\MegauploadToolbar
2006-11-01 15:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2006-10-29 09:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-11-01 23:41 61072 --a------ C:\WINDOWS\system32\drivers\klick.sys
2006-11-01 23:41 59536 --a------ C:\WINDOWS\system32\drivers\klin.sys
2006-10-26 14:10 33088 --a------ C:\WINDOWS\system32\FM20ENU.DLL
2006-10-26 14:10 1190688 --a------ C:\WINDOWS\system32\FM20.DLL
2006-10-26 13:45 293376 --a------ C:\WINDOWS\system32\WISPTIS.EXE
2006-10-26 13:45 207360 --a------ C:\WINDOWS\system32\INKED.DLL
2006-10-24 01:13 -------- d---s---- C:\Program Files\eMule
2006-10-22 23:59 -------- d-------- C:\Documents and Settings\Barry\Application Data\DivX
2006-10-21 10:48 47360 --a------ C:\WINDOWS\system32\drivers\Pcouffin.sys
2006-10-21 10:13 40960 --a------ C:\WINDOWS\system32\frapsvid.dll
2006-10-19 22:44 -------- d---s---- C:\Program Files\Spyware Doctor
2006-10-19 22:44 -------- d---s---- C:\Program Files\Advanced Spyware Remover Pro
2006-10-13 20:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-10 08:54 50688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2006-10-03 03:04 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-10-03 03:04 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-10-03 03:04 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-10-03 03:04 635486 --a------ C:\WINDOWS\system32\DivX.dll
2006-10-01 15:38 -------- d---s---- C:\Program Files\EA SPORTS
2006-10-01 02:12 -------- d---s---- C:\Program Files\Unlocker
2006-09-13 13:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-01 22:29 139 ---hs---- C:\Program Files\desktop.ini

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"LaunchApp"="Alaunch"
"KTPWare"="C:\\Program Files\\Elantech\\ktp.exe"
"PCMService"="\"C:\\Program Files\\Arcade\\PCMService.exe\""
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"EPM-DM"="c:\\acer\\epm\\epm-dm.exe"
"ePowerManagement"="C:\\Acer\\ePM\\ePM.exe boot"
"LManager"="C:\\PROGRA~1\\LAUNCH~1\\LManager.exe"
"SoundMan"="SOUNDMAN.EXE"
"eRecoveryService"="C:\\Program Files\\Acer\\eRecovery\\Monitor.exe"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"BootSkin Startup Jobs"="\"C:\\Program Files\\Stardock\\WinCustomize\\BootSkin\\BootSkin.exe\" /StartupJobs"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe"
"DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"
"UnlockerAssistant"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\" -H"
"kav"="\"D:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""
@=""
"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""
"PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"
"DiskeeperSystray"="\"D:\\Program Files\\Diskeeper Corporation\\Diskeeper\\DkIcon.exe\""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,0a,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,12,03,00,00,23,00,00,00,dc,00,00,00,d2,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"Spyware Doctor"=""

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"Spyware Doctor"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
bthsvcs REG_MULTI_SZ BthServ\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job

Completion time: 06-11-29 12:27:23.01
C:\ComboFix.txt ... 06-11-29 12:27

11-28-2006, 09:48 PM	#5 (permalink)
bAz666 Registered User Join Date: Nov 2006 Posts: 56 OS: XP Home, Vista Home Premium	Barry - 06-11-29 12:21:14.01 Service Pack 2 ComboFix 06.11.28W - Running from: "C:\Documents and Settings\Barry\Desktop" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\drivers\npf.sys C:\Documents and Settings\Barry\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.inter-focus.cn C:\Documents and Settings\Barry\Application Data\Macromedia\Flash Player\#SharedObjects\JQBHWR5W\www.inter-focus.cn ((((((((((((((((((((((((((((((( Files Created from 2006-10-29 to 2006-11-29 )))))))))))))))))))))))))))))))))) 2006-11-29 09:36 51,072 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys 2006-11-29 09:36 30,592 --a------ C:\WINDOWS\system32\drivers\ikhfile.sys 2006-11-28 23:44 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2006-11-28 22:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2006-11-28 22:12 <DIR> d-------- C:\Documents and Settings\Barry\Application Data\TuneUp Software 2006-11-28 22:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2006-11-27 07:40 <DIR> d-------- C:\Program Files\Common Files\PCSuite 2006-11-27 07:40 <DIR> d-------- C:\Program Files\Common Files\Nokia 2006-11-27 07:39 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys 2006-11-27 07:39 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys 2006-11-27 07:39 <DIR> d-------- C:\Program Files\PC Connectivity Solution 2006-11-27 07:38 9,216 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys 2006-11-27 07:38 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll 2006-11-27 07:38 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2006-11-27 07:38 138,240 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2006-11-25 10:47 <DIR> d-------- C:\Documents and Settings\Barry\Application Data\Uniblue 2006-11-21 22:51 178,408 --a------ C:\WINDOWS\system32\muweb.dll 2006-11-21 22:51 127,208 --a------ C:\WINDOWS\system32\mucltui.dll 2006-11-21 22:40 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll 2006-11-21 22:33 <DIR> d---s---- C:\Program Files\MSBuild 2006-11-21 22:33 <DIR> d---s---- C:\Program Files\Microsoft Visual Studio 2006-11-21 22:33 <DIR> d-------- C:\Program Files\Common Files\DESIGNER 2006-11-21 22:27 <DIR> d---s---- C:\Program Files\Microsoft Visual Studio 8 2006-11-19 23:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield 2006-11-19 20:28 271,360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys 2006-11-19 20:28 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys 2006-11-09 21:46 <DIR> d--hs---- C:\FOUND.000 2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll 2006-11-03 21:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google 2006-11-03 21:21 <DIR> d-------- C:\Documents and Settings\Barry\Application Data\MegauploadToolbar 2006-11-01 15:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2006-10-29 09:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-01 23:41 61072 --a------ C:\WINDOWS\system32\drivers\klick.sys 2006-11-01 23:41 59536 --a------ C:\WINDOWS\system32\drivers\klin.sys 2006-10-26 14:10 33088 --a------ C:\WINDOWS\system32\FM20ENU.DLL 2006-10-26 14:10 1190688 --a------ C:\WINDOWS\system32\FM20.DLL 2006-10-26 13:45 293376 --a------ C:\WINDOWS\system32\WISPTIS.EXE 2006-10-26 13:45 207360 --a------ C:\WINDOWS\system32\INKED.DLL 2006-10-24 01:13 -------- d---s---- C:\Program Files\eMule 2006-10-22 23:59 -------- d-------- C:\Documents and Settings\Barry\Application Data\DivX 2006-10-21 10:48 47360 --a------ C:\WINDOWS\system32\drivers\Pcouffin.sys 2006-10-21 10:13 40960 --a------ C:\WINDOWS\system32\frapsvid.dll 2006-10-19 22:44 -------- d---s---- C:\Program Files\Spyware Doctor 2006-10-19 22:44 -------- d---s---- C:\Program Files\Advanced Spyware Remover Pro 2006-10-13 20:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll 2006-10-10 08:54 50688 --a------ C:\WINDOWS\system32\nmwcdcls.dll 2006-10-03 03:04 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll 2006-10-03 03:04 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll 2006-10-03 03:04 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll 2006-10-03 03:04 635486 --a------ C:\WINDOWS\system32\DivX.dll 2006-10-01 15:38 -------- d---s---- C:\Program Files\EA SPORTS 2006-10-01 02:12 -------- d---s---- C:\Program Files\Unlocker 2006-09-13 13:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll 2006-08-01 22:29 139 ---hs---- C:\Program Files\desktop.ini (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) Note empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe" "LaunchApp"="Alaunch" "KTPWare"="C:\\Program Files\\Elantech\\ktp.exe" "PCMService"="\"C:\\Program Files\\Arcade\\PCMService.exe\"" "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32" "MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC" "PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC" "PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName" "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe" "EPM-DM"="c:\\acer\\epm\\epm-dm.exe" "ePowerManagement"="C:\\Acer\\ePM\\ePM.exe boot" "LManager"="C:\\PROGRA~1\\LAUNCH~1\\LManager.exe" "SoundMan"="SOUNDMAN.EXE" "eRecoveryService"="C:\\Program Files\\Acer\\eRecovery\\Monitor.exe" "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "BootSkin Startup Jobs"="\"C:\\Program Files\\Stardock\\WinCustomize\\BootSkin\\BootSkin.exe\" /StartupJobs" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe" "DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033" "UnlockerAssistant"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\" -H" "kav"="\"D:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\"" @="" "ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start" "GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" "PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup" "DiskeeperSystray"="\"D:\\Program Files\\Diskeeper Corporation\\Diskeeper\\DkIcon.exe\"" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,0a,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,12,03,00,00,23,00,00,00,dc,00,00,00,d2,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog" "Spyware Doctor"="" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog" "Spyware Doctor"="" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 bthsvcs REG_MULTI_SZ BthServ\0\0 Usnsvc REG_MULTI_SZ usnsvc\0\0 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost netsvcs UxTuneUp Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Click Maintenance.job Completion time: 06-11-29 12:27:23.01 C:\ComboFix.txt ... 06-11-29 12:27