Tech Support Forum - View Single Post

Chow · 12-04-2006, 09:42 PM

computer - 06-12-04 21:36:11.54 Service Pack 1
ComboFix 06-12-01W-BetaE - Running from: "C:\Documents and Settings\computer\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\p2pnetworking.exe
C:\WINDOWS\b.exe
d:\autorun.inf . . . . failed to delete

((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 ))))))))))))))))))))))))))))))))))

2006-12-04 21:39 <DIR> d-------- C:\WINNT
2006-12-04 21:38 <DIR> d-------- C:\WINDOWS\erdnt
2006-12-04 03:00 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2006-12-03 03:17 593,408 --a------ C:\WINDOWS\SYSTEM32\h323msp.dll
2006-12-03 03:17 548,352 --a------ C:\WINDOWS\SYSTEM32\rtcdll.dll
2006-12-03 03:17 439,808 --a------ C:\WINDOWS\SYSTEM32\ipnathlp.dll
2006-12-02 22:09 <DIR> d-------- C:\Documents and Settings\computer\Application Data\vlc
2006-12-02 22:07 <DIR> d-------- C:\Program Files\VideoLAN
2006-12-02 19:05 98,816 --a------ C:\WINDOWS\SYSTEM32\dmstyle.dll
2006-12-02 19:05 974,848 --a------ C:\WINDOWS\SYSTEM32\dxdiag.exe
2006-12-02 19:05 83,968 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nabtsfec.sys
2006-12-02 19:05 80,896 --a------ C:\WINDOWS\SYSTEM32\dpvsetup.exe
2006-12-02 19:05 8,192 --a------ C:\WINDOWS\SYSTEM32\d3d8thk.dll
2006-12-02 19:05 797,184 --a------ C:\WINDOWS\SYSTEM32\d3dim700.dll
2006-12-02 19:05 76,800 --a------ C:\WINDOWS\SYSTEM32\dmscript.dll
2006-12-02 19:05 733,184 --a------ C:\WINDOWS\SYSTEM32\qedwipes.dll
2006-12-02 19:05 7,424 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mskssrv.sys
2006-12-02 19:05 68,096 --a------ C:\WINDOWS\SYSTEM32\dsdmoprp.dll
2006-12-02 19:05 68,096 --a------ C:\WINDOWS\SYSTEM32\dpnhupnp.dll
2006-12-02 19:05 64,512 --a------ C:\WINDOWS\SYSTEM32\amstream.dll
2006-12-02 19:05 63,768 --a------ C:\WINDOWS\SYSTEM32\dxdllreg.exe
2006-12-02 19:05 602,624 --a------ C:\WINDOWS\SYSTEM32\dx7vb.dll
2006-12-02 19:05 58,368 --a------ C:\WINDOWS\SYSTEM32\dmcompos.dll
2006-12-02 19:05 57,856 --a------ C:\WINDOWS\SYSTEM32\dpwsockx.dll
2006-12-02 19:05 53,248 --a------ C:\WINDOWS\SYSTEM32\devenum.dll
2006-12-02 19:05 524,800 --a------ C:\WINDOWS\SYSTEM32\qedit.dll
2006-12-02 19:05 5,248 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mspclock.sys
2006-12-02 19:05 48,512 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\stream.sys
2006-12-02 19:05 47,104 --a------ C:\WINDOWS\SYSTEM32\wstdecod.dll
2006-12-02 19:05 4,096 --a------ C:\WINDOWS\SYSTEM32\ksuser.dll
2006-12-02 19:05 4,096 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\swenum.sys
2006-12-02 19:05 382,976 --a------ C:\WINDOWS\SYSTEM32\qdvd.dll
2006-12-02 19:05 377,856 --a------ C:\WINDOWS\SYSTEM32\dpnet.dll
2006-12-02 19:05 363,520 --a------ C:\WINDOWS\SYSTEM32\dsound.dll
2006-12-02 19:05 354,816 --a------ C:\WINDOWS\SYSTEM32\psisdecd.dll
2006-12-02 19:05 34,304 --a------ C:\WINDOWS\SYSTEM32\mciqtz32.dll
2006-12-02 19:05 33,280 --a------ C:\WINDOWS\SYSTEM32\dmloader.dll
2006-12-02 19:05 32,768 --a------ C:\WINDOWS\SYSTEM32\dpnhpast.dll
2006-12-02 19:05 3,072 --a------ C:\WINDOWS\SYSTEM32\dpnlobby.dll
2006-12-02 19:05 3,072 --a------ C:\WINDOWS\SYSTEM32\dpnaddr.dll
2006-12-02 19:05 28,160 --a------ C:\WINDOWS\SYSTEM32\dplaysvr.exe
2006-12-02 19:05 276,480 --a------ C:\WINDOWS\SYSTEM32\qdv.dll
2006-12-02 19:05 27,136 --a------ C:\WINDOWS\SYSTEM32\dmband.dll
2006-12-02 19:05 265,728 --a------ C:\WINDOWS\SYSTEM32\ddraw.dll
2006-12-02 19:05 24,064 --a------ C:\WINDOWS\SYSTEM32\ddrawex.dll
2006-12-02 19:05 230,400 --a------ C:\WINDOWS\SYSTEM32\dplayx.dll
2006-12-02 19:05 22,016 --a------ C:\WINDOWS\SYSTEM32\dpmodemx.dll
2006-12-02 19:05 203,264 --a------ C:\WINDOWS\SYSTEM32\dpvoice.dll
2006-12-02 19:05 194,560 --a------ C:\WINDOWS\SYSTEM32\mswebdvd.dll
2006-12-02 19:05 19,968 --a------ C:\WINDOWS\SYSTEM32\dpvacm.dll
2006-12-02 19:05 186,880 --a------ C:\WINDOWS\SYSTEM32\dsdmo.dll
2006-12-02 19:05 181,248 --a------ C:\WINDOWS\SYSTEM32\dmime.dll
2006-12-02 19:05 18,944 --a------ C:\WINDOWS\SYSTEM32\encapi.dll
2006-12-02 19:05 18,688 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\wstcodec.sys
2006-12-02 19:05 18,432 --a------ C:\WINDOWS\SYSTEM32\dswave.dll
2006-12-02 19:05 177,152 --a------ C:\WINDOWS\SYSTEM32\qcap.dll
2006-12-02 19:05 16,896 --a------ C:\WINDOWS\SYSTEM32\msyuv.dll
2006-12-02 19:05 16,896 --a------ C:\WINDOWS\SYSTEM32\dpnsvr.exe
2006-12-02 19:05 16,384 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ccdecode.sys
2006-12-02 19:05 15,104 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mpe.sys
2006-12-02 19:05 14,976 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\streamip.sys
2006-12-02 19:05 130,304 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ks.sys
2006-12-02 19:05 13,312 --a------ C:\WINDOWS\SYSTEM32\msdmo.dll
2006-12-02 19:05 112,128 --a------ C:\WINDOWS\SYSTEM32\dpvvox.dll
2006-12-02 19:05 11,392 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\bdasup.sys
2006-12-02 19:05 104,448 --a------ C:\WINDOWS\SYSTEM32\dmusic.dll
2006-12-02 19:05 100,864 --a------ C:\WINDOWS\SYSTEM32\dmsynth.dll
2006-12-02 19:05 10,880 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\slip.sys
2006-12-02 19:05 10,112 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ndisip.sys
2006-12-02 19:05 1,294,336 --a------ C:\WINDOWS\SYSTEM32\dsound3d.dll
2006-12-02 19:05 1,230,336 --a------ C:\WINDOWS\SYSTEM32\msvidctl.dll
2006-12-02 19:05 1,227,776 --a------ C:\WINDOWS\SYSTEM32\quartz.dll
2006-12-02 19:05 1,189,888 --a------ C:\WINDOWS\SYSTEM32\dx8vb.dll
2006-12-02 19:05 1,179,648 --a------ C:\WINDOWS\SYSTEM32\d3d8.dll
2006-12-02 17:16 971,264 --a------ C:\WINDOWS\SYSTEM32\msgina.dll
2006-12-02 17:16 681,984 --a------ C:\WINDOWS\SYSTEM32\lsasrv.dll
2006-12-02 17:16 51,712 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll
2006-12-02 17:16 260,608 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll
2006-12-02 17:16 136,704 --a------ C:\WINDOWS\SYSTEM32\schannel.dll
2006-12-02 17:15 947,472 --a------ C:\WINDOWS\SYSTEM32\msjava.dll
2006-12-02 17:15 63,248 --a------ C:\WINDOWS\SYSTEM32\javaprxy.dll
2006-12-02 17:15 49,424 --a------ C:\WINDOWS\SYSTEM32\clspack.exe
2006-12-02 17:15 46,352 --a------ C:\WINDOWS\setdebug.exe
2006-12-02 17:15 404,752 --a------ C:\WINDOWS\SYSTEM32\javart.dll
2006-12-02 17:15 313,856 --a------ C:\WINDOWS\SYSTEM32\dx3j.dll
2006-12-02 17:15 286,992 --a------ C:\WINDOWS\SYSTEM32\vmhelper.dll
2006-12-02 17:15 21,264 --a------ C:\WINDOWS\SYSTEM32\msjdbc10.dll
2006-12-02 17:15 187,152 --a------ C:\WINDOWS\SYSTEM32\javacypt.dll
2006-12-02 17:15 172,304 --a------ C:\WINDOWS\SYSTEM32\jview.exe
2006-12-02 17:15 171,792 --a------ C:\WINDOWS\SYSTEM32\wjview.exe
2006-12-02 17:15 171,280 --a------ C:\WINDOWS\SYSTEM32\jit.dll
2006-12-02 17:15 154,384 --a------ C:\WINDOWS\SYSTEM32\msawt.dll
2006-12-02 17:15 15,120 --a------ C:\WINDOWS\SYSTEM32\jdbgmgr.exe
2006-12-02 17:15 139,536 --a------ C:\WINDOWS\SYSTEM32\javaee.dll
2006-12-02 17:15 113 --a------ C:\WINDOWS\SYSTEM32\zonedon.reg
2006-12-02 17:15 113 --a------ C:\WINDOWS\SYSTEM32\zonedoff.reg
2006-12-02 17:08 991,232 --a------ C:\WINDOWS\SYSTEM32\esent.dll
2006-12-02 16:43 <DIR> d-------- C:\bios update
2006-12-02 16:03 331,776 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll
2006-12-02 16:03 17,408 --a------ C:\WINDOWS\SYSTEM32\qmgrprxy.dll
2006-12-02 15:44 <DIR> d-------- C:\WINDOWS\Prefetch
2006-12-02 15:22 361,984 --a------ C:\WINDOWS\SYSTEM32\qmgr.dll
2006-12-02 15:22 159,232 --a------ C:\WINDOWS\SYSTEM32\schedsvc.dll
2006-12-02 15:11 89,600 --a------ C:\WINDOWS\SYSTEM32\comrepl.dll
2006-12-02 15:11 124,184 --a------ C:\WINDOWS\SYSTEM32\wuauclt.exe
2006-12-02 15:11 1,343,768 --a------ C:\WINDOWS\SYSTEM32\wuaueng.dll
2006-12-02 15:11 <DIR> d--h----- C:\Program Files\WindowsUpdate
2006-12-02 15:05 24,661 --a------ C:\WINDOWS\SYSTEM32\spxcoins.dll
2006-12-02 15:05 13,312 --a------ C:\WINDOWS\SYSTEM32\irclass.dll
2006-11-27 20:00 <DIR> d-------- C:\Program Files\uTorrent
2006-11-27 20:00 <DIR> d-------- C:\Documents and Settings\computer\Application Data\uTorrent
2006-11-26 10:22 <DIR> d-------- C:\Program Files\Serious Sam 2
2006-11-25 22:18 127,208 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll
2006-11-25 20:26 <DIR> d-------- C:\Program Files\ACW
2006-11-25 15:49 <DIR> d-------- C:\WINDOWS\ServicePackFiles

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-12-04 15:34 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-03 03:10 -------- d-------- C:\Program Files\Windows Media Player
2006-12-02 20:42 -------- d-------- C:\Program Files\World of Warcraft
2006-12-02 20:37 -------- d-------- C:\Program Files\hijackthis
2006-12-02 18:34 -------- d-------- C:\Program Files\Warcraft III
2006-12-02 16:16 -------- d-a------ C:\Program Files\Common Files
2006-12-02 15:24 -------- d-------- C:\Program Files\Movie Maker
2006-11-29 17:14 -------- d-------- C:\Program Files\Internet Explorer
2006-11-25 15:51 -------- d-------- C:\Program Files\Messenger
2006-11-25 15:49 -------- d-------- C:\Program Files\Windows NT
2006-11-25 15:49 -------- d-------- C:\Program Files\Outlook Express
2006-11-25 15:49 -------- d-------- C:\Program Files\NetMeeting
2006-11-25 15:49 -------- d-------- C:\Program Files\Common Files\System
2006-11-01 19:23 -------- d-------- C:\Program Files\iTunes
2006-11-01 19:22 -------- d-------- C:\Program Files\iPod
2006-11-01 19:21 -------- d-------- C:\Program Files\QuickTime
2006-11-01 19:19 -------- d-------- C:\Program Files\Apple Software Update
2006-10-25 13:10 -------- d--h----- C:\Program Files\Uninstall Information
2006-10-25 13:10 -------- d-------- C:\Program Files\Ubisoft
2006-10-24 21:35 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-24 21:30 -------- d-------- C:\Program Files\SCCT
2006-10-24 21:04 -------- d-------- C:\Program Files\PowerISO
2006-10-23 09:38 -------- d-------- C:\Program Files\LimeWire
2006-10-23 09:14 43520 --a------ C:\WINDOWS\SYSTEM32\CmdLineExt03.dll
2006-10-23 08:32 611064 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys
2006-10-22 21:52 -------- d-------- C:\Documents and Settings\computer\Application Data\Sun
2006-10-22 12:22 888832 --a------ C:\WINDOWS\SYSTEM32\nvmobls.dll
2006-10-22 12:22 86016 --a------ C:\WINDOWS\SYSTEM32\nvmctray.dll
2006-10-22 12:22 81920 --a------ C:\WINDOWS\SYSTEM32\nvwddi.dll
2006-10-22 12:22 794624 --a------ C:\WINDOWS\SYSTEM32\nvcplui.exe
2006-10-22 12:22 7700480 --a------ C:\WINDOWS\SYSTEM32\nvcpl.dll
2006-10-22 12:22 581632 --a------ C:\WINDOWS\SYSTEM32\nvhwvid.dll
2006-10-22 12:22 5644288 --a------ C:\WINDOWS\SYSTEM32\nvoglnt.dll
2006-10-22 12:22 5619712 --a------ C:\WINDOWS\SYSTEM32\nvdisps.dll
2006-10-22 12:22 5255168 --a------ C:\WINDOWS\SYSTEM32\nvdispsr.dll
2006-10-22 12:22 466944 --a------ C:\WINDOWS\SYSTEM32\nvshell.dll
2006-10-22 12:22 458752 --a------ C:\WINDOWS\SYSTEM32\nvmccssr.dll
2006-10-22 12:22 4527488 --a------ C:\WINDOWS\SYSTEM32\nv4_disp.dll
2006-10-22 12:22 45056 --a------ C:\WINDOWS\SYSTEM32\nvmccsrs.dll
2006-10-22 12:22 442368 --a------ C:\WINDOWS\SYSTEM32\nvappbar.exe
2006-10-22 12:22 425984 --a------ C:\WINDOWS\SYSTEM32\keystone.exe
2006-10-22 12:22 3994624 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys
2006-10-22 12:22 35840 --a------ C:\WINDOWS\SYSTEM32\nvcodins.dll
2006-10-22 12:22 35840 --a------ C:\WINDOWS\SYSTEM32\nvcod.dll
2006-10-22 12:22 3203072 --a------ C:\WINDOWS\SYSTEM32\nvgamesr.dll
2006-10-22 12:22 311296 --a------ C:\WINDOWS\SYSTEM32\nvexpbar.dll
2006-10-22 12:22 3047424 --a------ C:\WINDOWS\SYSTEM32\nvgames.dll
2006-10-22 12:22 2973696 --a------ C:\WINDOWS\SYSTEM32\nvvitvsr.dll
2006-10-22 12:22 2924544 --a------ C:\WINDOWS\SYSTEM32\nvvitvs.dll
2006-10-22 12:22 286720 --a------ C:\WINDOWS\SYSTEM32\nvnt4cpl.dll
2006-10-22 12:22 2859008 --a------ C:\WINDOWS\SYSTEM32\nvmoblsr.dll
2006-10-22 12:22 229376 --a------ C:\WINDOWS\SYSTEM32\nvmccs.dll
2006-10-22 12:22 212992 --a------ C:\WINDOWS\SYSTEM32\nvapi.dll
2006-10-22 12:22 188416 --a------ C:\WINDOWS\SYSTEM32\nvmccss.dll
2006-10-22 12:22 1732608 --a------ C:\WINDOWS\SYSTEM32\nvwssr.dll
2006-10-22 12:22 1662976 --a------ C:\WINDOWS\SYSTEM32\nvwdmcpl.dll
2006-10-22 12:22 1622016 --a------ C:\WINDOWS\SYSTEM32\nwiz.exe
2006-10-22 12:22 159810 --a------ C:\WINDOWS\SYSTEM32\nvsvc32.exe
2006-10-22 12:22 147456 --a------ C:\WINDOWS\SYSTEM32\nvcolor.exe
2006-10-22 12:22 1470464 --a------ C:\WINDOWS\SYSTEM32\nview.dll
2006-10-22 12:22 1339392 --a------ C:\WINDOWS\SYSTEM32\nvdspsch.exe
2006-10-22 12:22 1236992 --a------ C:\WINDOWS\SYSTEM32\nvwss.dll
2006-10-22 12:22 1019904 --a------ C:\WINDOWS\SYSTEM32\nvwimg.dll
2006-10-22 12:22 1011712 --a------ C:\WINDOWS\SYSTEM32\nvcpluir.dll
2006-10-22 09:58 147456 --a------ C:\WINDOWS\SYSTEM32\vbzip10.dll
2006-10-16 13:10 -------- d-------- C:\Documents and Settings\computer\Application Data\Apple Computer
2006-09-28 15:05 2414360 --a------ C:\WINDOWS\SYSTEM32\d3dx9_31.dll
2006-09-28 15:05 237848 --a------ C:\WINDOWS\SYSTEM32\xactengine2_4.dll
2006-09-28 15:04 68888 --a------ C:\WINDOWS\SYSTEM32\xinput1_3.dll
2006-09-28 15:03 15128 --a------ C:\WINDOWS\SYSTEM32\x3daudio1_1.dll
2006-09-19 15:43 109360 --a------ C:\WINDOWS\SYSTEM32\GEARAspi.dll
2006-09-12 22:09 1110528 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll
2006-09-09 15:31 0 --a------ C:\WINDOWS\SYSTEM32\taskkill.exe

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"DwlClient"="C:\\Program Files\\Common Files\\Dell\\EUSW\\Support.exe"
"nwiz"="nwiz.exe /install"
"Logitech Utility"="Logi_MwX.Exe"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb04.exe"
"BCMSMMSG"="BCMSMMSG.exe"
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"PWRISOVM.EXE"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:000000ff

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"CDRAutoRun"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"CXMon"="\"C:\\Program Files\\Hewlett-Packard\\PhotoSmart\\Photo Imaging\\Hpi_Monitor.exe\""
"p2p networking"="p2pnetworking.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"p2p networking"="p2pnetworking.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DirectCD"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Roxio\\Easy CD Creator 5\\DirectCD\\DirectCD.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IW_ControlCenter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iwctrl"
"hkey"="HKLM"
"command"="C:\\Program Files\\Pinnacle\\InstantCDDVD\\InstantWrite\\iwctrl.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcagent"
"hkey"="HKLM"
"command"="C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="McUpdate"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\McAfee.com\\Agent\\McUpdate.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WkUFind"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvMcTray"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PSDrvCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\System32\\PSDrvCheck.exe "
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="hpgs2wnd"
"hkey"="HKLM"
"command"="C:\\Program Files\\Hewlett-Packard\\PhotoSmart\\HP Share-to-Web\\hpgs2wnd.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcvsshld"
"hkey"="HKLM"
"command"="c:\\program files\\mcafee.com\\vso\\mcvsshld.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VOBID]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InstantDrive"
"hkey"="HKLM"
"command"="C:\\Program Files\\Pinnacle\\InstantCDDVD\\\\InstantDrive\\InstantDrive.exe /remount"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zBrowser Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTouch"
"hkey"="HKLM"
"command"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Disk Cleanup.job
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (1) (NGOFAMILY-computer).job
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (NGOFAMILY-computer).job
C:\WINDOWS\tasks\McAfee.com Update Check (D4CDK231-Owner).job
C:\WINDOWS\tasks\McAfee.com Update Check (computer).job
C:\WINDOWS\tasks\McAfee.com Update Check (computer).job
C:\WINDOWS\tasks\McAfee.com Update Check (computer).job

Completion time: 06-12-04 21:40:49.26

12-04-2006, 09:42 PM	#4 (permalink)
Chow Registered User Join Date: Nov 2006 Posts: 116 OS: WinXP	Okies computer - 06-12-04 21:36:11.54 Service Pack 1 ComboFix 06-12-01W-BetaE - Running from: "C:\Documents and Settings\computer\Desktop" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\p2pnetworking.exe C:\WINDOWS\b.exe d:\autorun.inf . . . . failed to delete ((((((((((((((((((((((((((((((( Files Created from 2006-11-04 to 2006-12-04 )))))))))))))))))))))))))))))))))) 2006-12-04 21:39 <DIR> d-------- C:\WINNT 2006-12-04 21:38 <DIR> d-------- C:\WINDOWS\erdnt 2006-12-04 03:00 <DIR> d-------- C:\WINDOWS\LastGood.Tmp 2006-12-03 03:17 593,408 --a------ C:\WINDOWS\SYSTEM32\h323msp.dll 2006-12-03 03:17 548,352 --a------ C:\WINDOWS\SYSTEM32\rtcdll.dll 2006-12-03 03:17 439,808 --a------ C:\WINDOWS\SYSTEM32\ipnathlp.dll 2006-12-02 22:09 <DIR> d-------- C:\Documents and Settings\computer\Application Data\vlc 2006-12-02 22:07 <DIR> d-------- C:\Program Files\VideoLAN 2006-12-02 19:05 98,816 --a------ C:\WINDOWS\SYSTEM32\dmstyle.dll 2006-12-02 19:05 974,848 --a------ C:\WINDOWS\SYSTEM32\dxdiag.exe 2006-12-02 19:05 83,968 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nabtsfec.sys 2006-12-02 19:05 80,896 --a------ C:\WINDOWS\SYSTEM32\dpvsetup.exe 2006-12-02 19:05 8,192 --a------ C:\WINDOWS\SYSTEM32\d3d8thk.dll 2006-12-02 19:05 797,184 --a------ C:\WINDOWS\SYSTEM32\d3dim700.dll 2006-12-02 19:05 76,800 --a------ C:\WINDOWS\SYSTEM32\dmscript.dll 2006-12-02 19:05 733,184 --a------ C:\WINDOWS\SYSTEM32\qedwipes.dll 2006-12-02 19:05 7,424 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mskssrv.sys 2006-12-02 19:05 68,096 --a------ C:\WINDOWS\SYSTEM32\dsdmoprp.dll 2006-12-02 19:05 68,096 --a------ C:\WINDOWS\SYSTEM32\dpnhupnp.dll 2006-12-02 19:05 64,512 --a------ C:\WINDOWS\SYSTEM32\amstream.dll 2006-12-02 19:05 63,768 --a------ C:\WINDOWS\SYSTEM32\dxdllreg.exe 2006-12-02 19:05 602,624 --a------ C:\WINDOWS\SYSTEM32\dx7vb.dll 2006-12-02 19:05 58,368 --a------ C:\WINDOWS\SYSTEM32\dmcompos.dll 2006-12-02 19:05 57,856 --a------ C:\WINDOWS\SYSTEM32\dpwsockx.dll 2006-12-02 19:05 53,248 --a------ C:\WINDOWS\SYSTEM32\devenum.dll 2006-12-02 19:05 524,800 --a------ C:\WINDOWS\SYSTEM32\qedit.dll 2006-12-02 19:05 5,248 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mspclock.sys 2006-12-02 19:05 48,512 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\stream.sys 2006-12-02 19:05 47,104 --a------ C:\WINDOWS\SYSTEM32\wstdecod.dll 2006-12-02 19:05 4,096 --a------ C:\WINDOWS\SYSTEM32\ksuser.dll 2006-12-02 19:05 4,096 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\swenum.sys 2006-12-02 19:05 382,976 --a------ C:\WINDOWS\SYSTEM32\qdvd.dll 2006-12-02 19:05 377,856 --a------ C:\WINDOWS\SYSTEM32\dpnet.dll 2006-12-02 19:05 363,520 --a------ C:\WINDOWS\SYSTEM32\dsound.dll 2006-12-02 19:05 354,816 --a------ C:\WINDOWS\SYSTEM32\psisdecd.dll 2006-12-02 19:05 34,304 --a------ C:\WINDOWS\SYSTEM32\mciqtz32.dll 2006-12-02 19:05 33,280 --a------ C:\WINDOWS\SYSTEM32\dmloader.dll 2006-12-02 19:05 32,768 --a------ C:\WINDOWS\SYSTEM32\dpnhpast.dll 2006-12-02 19:05 3,072 --a------ C:\WINDOWS\SYSTEM32\dpnlobby.dll 2006-12-02 19:05 3,072 --a------ C:\WINDOWS\SYSTEM32\dpnaddr.dll 2006-12-02 19:05 28,160 --a------ C:\WINDOWS\SYSTEM32\dplaysvr.exe 2006-12-02 19:05 276,480 --a------ C:\WINDOWS\SYSTEM32\qdv.dll 2006-12-02 19:05 27,136 --a------ C:\WINDOWS\SYSTEM32\dmband.dll 2006-12-02 19:05 265,728 --a------ C:\WINDOWS\SYSTEM32\ddraw.dll 2006-12-02 19:05 24,064 --a------ C:\WINDOWS\SYSTEM32\ddrawex.dll 2006-12-02 19:05 230,400 --a------ C:\WINDOWS\SYSTEM32\dplayx.dll 2006-12-02 19:05 22,016 --a------ C:\WINDOWS\SYSTEM32\dpmodemx.dll 2006-12-02 19:05 203,264 --a------ C:\WINDOWS\SYSTEM32\dpvoice.dll 2006-12-02 19:05 194,560 --a------ C:\WINDOWS\SYSTEM32\mswebdvd.dll 2006-12-02 19:05 19,968 --a------ C:\WINDOWS\SYSTEM32\dpvacm.dll 2006-12-02 19:05 186,880 --a------ C:\WINDOWS\SYSTEM32\dsdmo.dll 2006-12-02 19:05 181,248 --a------ C:\WINDOWS\SYSTEM32\dmime.dll 2006-12-02 19:05 18,944 --a------ C:\WINDOWS\SYSTEM32\encapi.dll 2006-12-02 19:05 18,688 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\wstcodec.sys 2006-12-02 19:05 18,432 --a------ C:\WINDOWS\SYSTEM32\dswave.dll 2006-12-02 19:05 177,152 --a------ C:\WINDOWS\SYSTEM32\qcap.dll 2006-12-02 19:05 16,896 --a------ C:\WINDOWS\SYSTEM32\msyuv.dll 2006-12-02 19:05 16,896 --a------ C:\WINDOWS\SYSTEM32\dpnsvr.exe 2006-12-02 19:05 16,384 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ccdecode.sys 2006-12-02 19:05 15,104 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mpe.sys 2006-12-02 19:05 14,976 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\streamip.sys 2006-12-02 19:05 130,304 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ks.sys 2006-12-02 19:05 13,312 --a------ C:\WINDOWS\SYSTEM32\msdmo.dll 2006-12-02 19:05 112,128 --a------ C:\WINDOWS\SYSTEM32\dpvvox.dll 2006-12-02 19:05 11,392 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\bdasup.sys 2006-12-02 19:05 104,448 --a------ C:\WINDOWS\SYSTEM32\dmusic.dll 2006-12-02 19:05 100,864 --a------ C:\WINDOWS\SYSTEM32\dmsynth.dll 2006-12-02 19:05 10,880 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\slip.sys 2006-12-02 19:05 10,112 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ndisip.sys 2006-12-02 19:05 1,294,336 --a------ C:\WINDOWS\SYSTEM32\dsound3d.dll 2006-12-02 19:05 1,230,336 --a------ C:\WINDOWS\SYSTEM32\msvidctl.dll 2006-12-02 19:05 1,227,776 --a------ C:\WINDOWS\SYSTEM32\quartz.dll 2006-12-02 19:05 1,189,888 --a------ C:\WINDOWS\SYSTEM32\dx8vb.dll 2006-12-02 19:05 1,179,648 --a------ C:\WINDOWS\SYSTEM32\d3d8.dll 2006-12-02 17:16 971,264 --a------ C:\WINDOWS\SYSTEM32\msgina.dll 2006-12-02 17:16 681,984 --a------ C:\WINDOWS\SYSTEM32\lsasrv.dll 2006-12-02 17:16 51,712 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll 2006-12-02 17:16 260,608 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll 2006-12-02 17:16 136,704 --a------ C:\WINDOWS\SYSTEM32\schannel.dll 2006-12-02 17:15 947,472 --a------ C:\WINDOWS\SYSTEM32\msjava.dll 2006-12-02 17:15 63,248 --a------ C:\WINDOWS\SYSTEM32\javaprxy.dll 2006-12-02 17:15 49,424 --a------ C:\WINDOWS\SYSTEM32\clspack.exe 2006-12-02 17:15 46,352 --a------ C:\WINDOWS\setdebug.exe 2006-12-02 17:15 404,752 --a------ C:\WINDOWS\SYSTEM32\javart.dll 2006-12-02 17:15 313,856 --a------ C:\WINDOWS\SYSTEM32\dx3j.dll 2006-12-02 17:15 286,992 --a------ C:\WINDOWS\SYSTEM32\vmhelper.dll 2006-12-02 17:15 21,264 --a------ C:\WINDOWS\SYSTEM32\msjdbc10.dll 2006-12-02 17:15 187,152 --a------ C:\WINDOWS\SYSTEM32\javacypt.dll 2006-12-02 17:15 172,304 --a------ C:\WINDOWS\SYSTEM32\jview.exe 2006-12-02 17:15 171,792 --a------ C:\WINDOWS\SYSTEM32\wjview.exe 2006-12-02 17:15 171,280 --a------ C:\WINDOWS\SYSTEM32\jit.dll 2006-12-02 17:15 154,384 --a------ C:\WINDOWS\SYSTEM32\msawt.dll 2006-12-02 17:15 15,120 --a------ C:\WINDOWS\SYSTEM32\jdbgmgr.exe 2006-12-02 17:15 139,536 --a------ C:\WINDOWS\SYSTEM32\javaee.dll 2006-12-02 17:15 113 --a------ C:\WINDOWS\SYSTEM32\zonedon.reg 2006-12-02 17:15 113 --a------ C:\WINDOWS\SYSTEM32\zonedoff.reg 2006-12-02 17:08 991,232 --a------ C:\WINDOWS\SYSTEM32\esent.dll 2006-12-02 16:43 <DIR> d-------- C:\bios update 2006-12-02 16:03 331,776 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll 2006-12-02 16:03 17,408 --a------ C:\WINDOWS\SYSTEM32\qmgrprxy.dll 2006-12-02 15:44 <DIR> d-------- C:\WINDOWS\Prefetch 2006-12-02 15:22 361,984 --a------ C:\WINDOWS\SYSTEM32\qmgr.dll 2006-12-02 15:22 159,232 --a------ C:\WINDOWS\SYSTEM32\schedsvc.dll 2006-12-02 15:11 89,600 --a------ C:\WINDOWS\SYSTEM32\comrepl.dll 2006-12-02 15:11 124,184 --a------ C:\WINDOWS\SYSTEM32\wuauclt.exe 2006-12-02 15:11 1,343,768 --a------ C:\WINDOWS\SYSTEM32\wuaueng.dll 2006-12-02 15:11 <DIR> d--h----- C:\Program Files\WindowsUpdate 2006-12-02 15:05 24,661 --a------ C:\WINDOWS\SYSTEM32\spxcoins.dll 2006-12-02 15:05 13,312 --a------ C:\WINDOWS\SYSTEM32\irclass.dll 2006-11-27 20:00 <DIR> d-------- C:\Program Files\uTorrent 2006-11-27 20:00 <DIR> d-------- C:\Documents and Settings\computer\Application Data\uTorrent 2006-11-26 10:22 <DIR> d-------- C:\Program Files\Serious Sam 2 2006-11-25 22:18 127,208 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll 2006-11-25 20:26 <DIR> d-------- C:\Program Files\ACW 2006-11-25 15:49 <DIR> d-------- C:\WINDOWS\ServicePackFiles (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-12-04 15:34 -------- d-------- C:\Program Files\Mozilla Firefox 2006-12-03 03:10 -------- d-------- C:\Program Files\Windows Media Player 2006-12-02 20:42 -------- d-------- C:\Program Files\World of Warcraft 2006-12-02 20:37 -------- d-------- C:\Program Files\hijackthis 2006-12-02 18:34 -------- d-------- C:\Program Files\Warcraft III 2006-12-02 16:16 -------- d-a------ C:\Program Files\Common Files 2006-12-02 15:24 -------- d-------- C:\Program Files\Movie Maker 2006-11-29 17:14 -------- d-------- C:\Program Files\Internet Explorer 2006-11-25 15:51 -------- d-------- C:\Program Files\Messenger 2006-11-25 15:49 -------- d-------- C:\Program Files\Windows NT 2006-11-25 15:49 -------- d-------- C:\Program Files\Outlook Express 2006-11-25 15:49 -------- d-------- C:\Program Files\NetMeeting 2006-11-25 15:49 -------- d-------- C:\Program Files\Common Files\System 2006-11-01 19:23 -------- d-------- C:\Program Files\iTunes 2006-11-01 19:22 -------- d-------- C:\Program Files\iPod 2006-11-01 19:21 -------- d-------- C:\Program Files\QuickTime 2006-11-01 19:19 -------- d-------- C:\Program Files\Apple Software Update 2006-10-25 13:10 -------- d--h----- C:\Program Files\Uninstall Information 2006-10-25 13:10 -------- d-------- C:\Program Files\Ubisoft 2006-10-24 21:35 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-24 21:30 -------- d-------- C:\Program Files\SCCT 2006-10-24 21:04 -------- d-------- C:\Program Files\PowerISO 2006-10-23 09:38 -------- d-------- C:\Program Files\LimeWire 2006-10-23 09:14 43520 --a------ C:\WINDOWS\SYSTEM32\CmdLineExt03.dll 2006-10-23 08:32 611064 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sptd.sys 2006-10-22 21:52 -------- d-------- C:\Documents and Settings\computer\Application Data\Sun 2006-10-22 12:22 888832 --a------ C:\WINDOWS\SYSTEM32\nvmobls.dll 2006-10-22 12:22 86016 --a------ C:\WINDOWS\SYSTEM32\nvmctray.dll 2006-10-22 12:22 81920 --a------ C:\WINDOWS\SYSTEM32\nvwddi.dll 2006-10-22 12:22 794624 --a------ C:\WINDOWS\SYSTEM32\nvcplui.exe 2006-10-22 12:22 7700480 --a------ C:\WINDOWS\SYSTEM32\nvcpl.dll 2006-10-22 12:22 581632 --a------ C:\WINDOWS\SYSTEM32\nvhwvid.dll 2006-10-22 12:22 5644288 --a------ C:\WINDOWS\SYSTEM32\nvoglnt.dll 2006-10-22 12:22 5619712 --a------ C:\WINDOWS\SYSTEM32\nvdisps.dll 2006-10-22 12:22 5255168 --a------ C:\WINDOWS\SYSTEM32\nvdispsr.dll 2006-10-22 12:22 466944 --a------ C:\WINDOWS\SYSTEM32\nvshell.dll 2006-10-22 12:22 458752 --a------ C:\WINDOWS\SYSTEM32\nvmccssr.dll 2006-10-22 12:22 4527488 --a------ C:\WINDOWS\SYSTEM32\nv4_disp.dll 2006-10-22 12:22 45056 --a------ C:\WINDOWS\SYSTEM32\nvmccsrs.dll 2006-10-22 12:22 442368 --a------ C:\WINDOWS\SYSTEM32\nvappbar.exe 2006-10-22 12:22 425984 --a------ C:\WINDOWS\SYSTEM32\keystone.exe 2006-10-22 12:22 3994624 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys 2006-10-22 12:22 35840 --a------ C:\WINDOWS\SYSTEM32\nvcodins.dll 2006-10-22 12:22 35840 --a------ C:\WINDOWS\SYSTEM32\nvcod.dll 2006-10-22 12:22 3203072 --a------ C:\WINDOWS\SYSTEM32\nvgamesr.dll 2006-10-22 12:22 311296 --a------ C:\WINDOWS\SYSTEM32\nvexpbar.dll 2006-10-22 12:22 3047424 --a------ C:\WINDOWS\SYSTEM32\nvgames.dll 2006-10-22 12:22 2973696 --a------ C:\WINDOWS\SYSTEM32\nvvitvsr.dll 2006-10-22 12:22 2924544 --a------ C:\WINDOWS\SYSTEM32\nvvitvs.dll 2006-10-22 12:22 286720 --a------ C:\WINDOWS\SYSTEM32\nvnt4cpl.dll 2006-10-22 12:22 2859008 --a------ C:\WINDOWS\SYSTEM32\nvmoblsr.dll 2006-10-22 12:22 229376 --a------ C:\WINDOWS\SYSTEM32\nvmccs.dll 2006-10-22 12:22 212992 --a------ C:\WINDOWS\SYSTEM32\nvapi.dll 2006-10-22 12:22 188416 --a------ C:\WINDOWS\SYSTEM32\nvmccss.dll 2006-10-22 12:22 1732608 --a------ C:\WINDOWS\SYSTEM32\nvwssr.dll 2006-10-22 12:22 1662976 --a------ C:\WINDOWS\SYSTEM32\nvwdmcpl.dll 2006-10-22 12:22 1622016 --a------ C:\WINDOWS\SYSTEM32\nwiz.exe 2006-10-22 12:22 159810 --a------ C:\WINDOWS\SYSTEM32\nvsvc32.exe 2006-10-22 12:22 147456 --a------ C:\WINDOWS\SYSTEM32\nvcolor.exe 2006-10-22 12:22 1470464 --a------ C:\WINDOWS\SYSTEM32\nview.dll 2006-10-22 12:22 1339392 --a------ C:\WINDOWS\SYSTEM32\nvdspsch.exe 2006-10-22 12:22 1236992 --a------ C:\WINDOWS\SYSTEM32\nvwss.dll 2006-10-22 12:22 1019904 --a------ C:\WINDOWS\SYSTEM32\nvwimg.dll 2006-10-22 12:22 1011712 --a------ C:\WINDOWS\SYSTEM32\nvcpluir.dll 2006-10-22 09:58 147456 --a------ C:\WINDOWS\SYSTEM32\vbzip10.dll 2006-10-16 13:10 -------- d-------- C:\Documents and Settings\computer\Application Data\Apple Computer 2006-09-28 15:05 2414360 --a------ C:\WINDOWS\SYSTEM32\d3dx9_31.dll 2006-09-28 15:05 237848 --a------ C:\WINDOWS\SYSTEM32\xactengine2_4.dll 2006-09-28 15:04 68888 --a------ C:\WINDOWS\SYSTEM32\xinput1_3.dll 2006-09-28 15:03 15128 --a------ C:\WINDOWS\SYSTEM32\x3daudio1_1.dll 2006-09-19 15:43 109360 --a------ C:\WINDOWS\SYSTEM32\GEARAspi.dll 2006-09-12 22:09 1110528 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll 2006-09-09 15:31 0 --a------ C:\WINDOWS\SYSTEM32\taskkill.exe (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) Note empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\System32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "DwlClient"="C:\\Program Files\\Common Files\\Dell\\EUSW\\Support.exe" "nwiz"="nwiz.exe /install" "Logitech Utility"="Logi_MwX.Exe" "HPDJ Taskbar Utility"="C:\\WINDOWS\\System32\\spool\\drivers\\w32x86\\3\\hpztsb04.exe" "BCMSMMSG"="BCMSMMSG.exe" "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033" "PWRISOVM.EXE"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32" "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ 65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,00,04,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:000000ff [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "CDRAutoRun"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "CXMon"="\"C:\\Program Files\\Hewlett-Packard\\PhotoSmart\\Photo Imaging\\Hpi_Monitor.exe\"" "p2p networking"="p2pnetworking.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-] "p2p networking"="p2pnetworking.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DirectCD" "hkey"="HKLM" "command"="\"C:\\Program Files\\Roxio\\Easy CD Creator 5\\DirectCD\\DirectCD.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IW_ControlCenter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iwctrl" "hkey"="HKLM" "command"="C:\\Program Files\\Pinnacle\\InstantCDDVD\\InstantWrite\\iwctrl.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mcagent" "hkey"="HKLM" "command"="C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="McUpdate" "hkey"="HKLM" "command"="C:\\PROGRA~1\\McAfee.com\\Agent\\McUpdate.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WkUFind" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Microsoft Shared\\Works Shared\\WkUFind.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvMcTray" "hkey"="HKLM" "command"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PSDrvCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\System32\\PSDrvCheck.exe " "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="hpgs2wnd" "hkey"="HKLM" "command"="C:\\Program Files\\Hewlett-Packard\\PhotoSmart\\HP Share-to-Web\\hpgs2wnd.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKCU" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mcvsshld" "hkey"="HKLM" "command"="c:\\program files\\mcafee.com\\vso\\mcvsshld.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VOBID] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="InstantDrive" "hkey"="HKLM" "command"="C:\\Program Files\\Pinnacle\\InstantCDDVD\\\\InstantDrive\\InstantDrive.exe /remount" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zBrowser Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTouch" "hkey"="HKLM" "command"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Disk Cleanup.job C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (1) (NGOFAMILY-computer).job C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (NGOFAMILY-computer).job C:\WINDOWS\tasks\McAfee.com Update Check (D4CDK231-Owner).job C:\WINDOWS\tasks\McAfee.com Update Check (computer).job C:\WINDOWS\tasks\McAfee.com Update Check (computer).job C:\WINDOWS\tasks\McAfee.com Update Check (computer).job Completion time: 06-12-04 21:40:49.26