|
Registered User
Join Date: Oct 2006
Posts: 22
OS: xp
|
Simons - 06-12-01 8:31:56.46 Service Pack 2
ComboFix 06-12-01W-BetaE - Running from: "C:\Documents and Settings\Simons\Desktop"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\Downloaded Program Files\DinerDash2.1.0.0.48
((((((((((((((((((((((((((((((( Files Created from 2006-11-01 to 2006-12-01 ))))))))))))))))))))))))))))))))))
2006-11-30 20:57 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-11-30 20:57 39,184 --a------ C:\WINDOWS\system32\Ntrights.exe
2006-11-30 20:57 175,616 --a------ C:\WINDOWS\system32\strings.exe
2006-11-30 20:57 16,384 --a------ C:\WINDOWS\system32\restart.exe
2006-11-30 20:57 126,976 --a------ C:\WINDOWS\system32\zip.exe
2006-11-30 20:57 11,254 --a------ C:\WINDOWS\system32\locate.com
2006-11-28 14:03 <DIR> d-------- C:\WINDOWS\pss
2006-11-28 10:24 <DIR> d--hs---- C:\Config.Msi
2006-11-28 10:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2006-11-28 10:20 <DIR> d-------- C:\Program Files\Common Files\xing shared
2006-11-28 10:19 <DIR> d-------- C:\Documents and Settings\Simons\Application Data\Real
2006-11-27 19:39 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-27 19:39 <DIR> d-------- C:\Program Files\Grisoft
2006-11-27 17:34 <DIR> d-------- C:\WINDOWS\McAfee.com
2006-11-27 17:23 <DIR> d-------- C:\Documents and Settings\Simons\.housecall6.6
2006-11-27 16:33 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2006-11-27 16:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2006-11-27 12:25 <DIR> d-------- C:\Program Files\McAfee
2006-11-27 12:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2006-11-27 09:51 67,645 --a------ C:\WINDOWS\system32\drivers\pshook11.sys
2006-11-27 09:50 <DIR> d-------- C:\Program Files\INAC
2006-11-27 09:40 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2006-11-27 09:29 <DIR> d-------- C:\Documents and Settings\Simons\Application Data\Lavasoft
2006-11-27 09:17 <DIR> d-------- C:\Program Files\Lavasoft
2006-11-27 09:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2006-11-26 05:33 <DIR> d-------- C:\Smaddar
2006-11-22 22:22 <DIR> d-------- C:\Program Files\MSXML 4.0
2006-11-22 22:22 <DIR> d-------- C:\cb042bcb505fb43216815ccc
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-01 01:56 -------- d-------- C:\Documents and Settings\Simons\Application Data\Skype
2006-11-30 13:33 -------- d-------- C:\Program Files\Windows Media Player
2006-11-30 13:30 -------- d-------- C:\Program Files\Messenger
2006-11-30 13:28 -------- d-------- C:\Program Files\iTunes
2006-11-30 13:26 -------- d-------- C:\Program Files\Internet Explorer
2006-11-30 13:25 -------- d-------- C:\Program Files\Google
2006-11-30 13:24 -------- d-------- C:\Program Files\Digital Line Detect
2006-11-30 13:23 -------- d-------- C:\Program Files\Common Files\System
2006-11-30 13:19 -------- d-------- C:\Program Files\Apoint
2006-11-30 13:19 -------- d-------- C:\Program Files\America Online 9.0
2006-11-30 11:38 -------- d-------- C:\Program Files\MSN Messenger
2006-11-30 10:54 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-28 11:32 -------- d-------- C:\Program Files\Outlook Express
2006-11-28 10:20 -------- d-------- C:\Program Files\Common Files\Real
2006-11-28 10:20 -------- d-------- C:\Program Files\Common Files
2006-11-27 16:08 -------- d-------- C:\Program Files\Java
2006-11-26 06:18 -------- d---s---- C:\Documents and Settings\Simons\Application Data\Microsoft
2006-11-26 02:57 -------- d-------- C:\Program Files\San Diego International Airport TravelDesk
2006-10-13 04:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-09 18:20 6688 --a------ C:\WINDOWS\MOVEXE.EXE
2006-10-09 18:20 26 --a------ C:\WINDOWS\fiupd.bat
2006-10-09 18:05 -------- d-------- C:\Program Files\Mahjong Escape
2006-10-04 17:09 -------- d-------- C:\Program Files\Picasa2
2006-09-25 20:10 774144 --a------ C:\Program Files\RngInterstitial.dll
2006-09-12 21:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.6962\\GoogleToolbarNotifier.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Program Files\\Apoint\\Apoint.exe"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
@=""
"IntelWireless"="C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe /tf Intel PROSet/Wireless"
"PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\""
"Dell QuickSet"="C:\\Program Files\\Dell\\QuickSet\\quickset.exe"
"DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
"MMTray"="C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe"
"mmtask"="C:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mmtask.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
"VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe"
"OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
"SWN2"="C:\\Program Files\\Spyware Nuker\\swnxt.exe /h"
"MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe"
"MSKDetectorExe"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MSKDetct.exe /startup"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,c0,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (NANEL-Simons).job
Completion time: 06-12-01 8:34:56.12
|