Sorry - they got cutoff
ComboFix befor running the antispyware
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\_user1.cab
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\_user1.hdr
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\DATA.TAG
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\data1.cab
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\data1.hdr
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\lang.dat
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\layout.bin
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\os.dat
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\Setup.exe
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\SETUP.INI
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\setup.ins
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\setup.lid
C:\Temp\HP_WebRelease\Drivers\dot4\wrapper\Wrapper.exe
C:\Temp\HP_WebRelease\Drivers\Scanner\hpgtpusd.dll
C:\Temp\HP_WebRelease\Drivers\Scanner\hpgwiamd.dll
C:\Temp\HP_WebRelease\Drivers\Scanner\hpotscl.dll
C:\Temp\HP_WebRelease\Drivers\Scanner\hpovst08.dll
C:\Temp\HP_WebRelease\Drivers\Scanner\hpqgends.tmp
C:\Temp\HP_WebRelease\Drivers\Scanner\usbscan.sy_
C:\Temp\HP_WebRelease\Drivers\Uninst\enu\hpomdl04.dat
C:\Temp\HP_WebRelease\dxprl.dat
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpfmom10.hl_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof2410.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof2510.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof2610.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof2710.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof4010.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof4110.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof4210.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof5510.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof6210.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof7210.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof7310.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpof7410.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpofax08.dll
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop1010.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop1110.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop1210.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop1310.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop1610.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop2010.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop2110.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop2210.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop2310.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop2410.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop2510.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop2610.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop2710.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop4010.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop4110.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop4210.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop5510.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop6110.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop6210.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop7210.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop7310.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop7410.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpop8310.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpopd910.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpopeb10.da_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpqish09.dat
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpzr3210.dl_
C:\Temp\HP_WebRelease\enu\drivers\com_lang\hpzrm310.dl_
C:\Temp\HP_WebRelease\enu\drivers\win9x_me\hpoupdrx.inf
C:\Temp\HP_WebRelease\enu\drivers\win9x_me\HPZimn12.dll
C:\Temp\HP_WebRelease\enu\drivers\win9x_me\hpzrm110.dl_
C:\Temp\HP_WebRelease\enu\drivers\win9x_me\usbmon.dll
C:\Temp\HP_WebRelease\enu\drivers\win9x_me\usbprint.sys
C:\Temp\HP_WebRelease\hpoapd01.dat
C:\Temp\HP_WebRelease\hpoglu08.inf
C:\Temp\HP_WebRelease\hpohub08.inf
C:\Temp\HP_WebRelease\hpomdl04.dat
C:\Temp\HP_WebRelease\hpoprl01.dat
C:\Temp\HP_WebRelease\hpoprl02.dat
C:\Temp\HP_WebRelease\hpoprl03.dat
C:\Temp\HP_WebRelease\hpoprl04.dat
C:\Temp\HP_WebRelease\hpoprl05.dat
C:\Temp\HP_WebRelease\hpoprl07.dat
C:\Temp\HP_WebRelease\hpoprl08.dat
C:\Temp\HP_WebRelease\hpoprn08.cat
C:\Temp\HP_WebRelease\hpoprn08.inf
C:\Temp\HP_WebRelease\hposcu08.cat
C:\Temp\HP_WebRelease\hposcu08.inf
C:\Temp\HP_WebRelease\hpound08.inf
C:\Temp\HP_WebRelease\HPOunp08.cat
C:\Temp\HP_WebRelease\hpounp08.inf
C:\Temp\HP_WebRelease\hpousb08.inf
C:\Temp\HP_WebRelease\hpousc08.inf
C:\Temp\HP_WebRelease\hpqprl01.dat
C:\Temp\HP_WebRelease\hpzc3212.dll
C:\Temp\HP_WebRelease\hpzglu10.exe
C:\Temp\HP_WebRelease\HPZid412.cat
C:\Temp\HP_WebRelease\hpzid412.inf
C:\Temp\HP_WebRelease\hpzid413.cat
C:\Temp\HP_WebRelease\hpzid413.inf
C:\Temp\HP_WebRelease\HPZipr12.cat
C:\Temp\HP_WebRelease\hpzipr12.inf
C:\Temp\HP_WebRelease\hpzipr13.cat
C:\Temp\HP_WebRelease\hpzipr13.inf
C:\Temp\HP_WebRelease\hpzist12.cat
C:\Temp\HP_WebRelease\hpzist12.inf
C:\Temp\HP_WebRelease\hpzist13.cat
C:\Temp\HP_WebRelease\hpzist13.inf
C:\Temp\HP_WebRelease\HPZius12.cat
C:\Temp\HP_WebRelease\hpzius12.inf
C:\Temp\HP_WebRelease\hpzius13.cat
C:\Temp\HP_WebRelease\hpzius13.inf
C:\Temp\HP_WebRelease\hpzjlog.dll
C:\Temp\HP_WebRelease\hpzjpp01.dll
C:\Temp\HP_WebRelease\hpzjut01.dll
C:\Temp\HP_WebRelease\hpzjvp01.dll
C:\Temp\HP_WebRelease\hpzpnp10.dll
C:\Temp\HP_WebRelease\hpzprl01.dat
C:\Temp\HP_WebRelease\hpzprl02.dat
C:\Temp\HP_WebRelease\hpzscr10.dll
C:\Temp\HP_WebRelease\HPZUCI12.DLL
C:\Temp\HP_WebRelease\license.txt
C:\Temp\HP_WebRelease\msvcirt.dll
C:\Temp\HP_WebRelease\msvcrt.dll
C:\Temp\HP_WebRelease\Readme.html
C:\Temp\HP_WebRelease\readme.txt
C:\Temp\HP_WebRelease\Setup.exe
C:\Temp\HP_WebRelease\Setup\1_thank_you.bmp
C:\Temp\HP_WebRelease\Setup\10_tour.bmp
C:\Temp\HP_WebRelease\Setup\2_better_together.bmp
C:\Temp\HP_WebRelease\Setup\3_director.bmp
C:\Temp\HP_WebRelease\Setup\4_manage_images.bmp
C:\Temp\HP_WebRelease\Setup\5_edit_photos.bmp
C:\Temp\HP_WebRelease\Setup\6_share_photos.bmp
C:\Temp\HP_WebRelease\Setup\7_supplies.bmp
C:\Temp\HP_WebRelease\Setup\8_support.bmp
C:\Temp\HP_WebRelease\Setup\9_register.bmp
C:\Temp\HP_WebRelease\Setup\AiO_Scan\AiO_Scan.cab
C:\Temp\HP_WebRelease\Setup\AiO_Scan\AiO_Scan.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1000_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1000_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1000Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1000Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1033.mst
C:\Temp\HP_WebRelease\Setup\AiOHelp\1100_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1100_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1100Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1100Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1200_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1200_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1200Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1200Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1300_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1300_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1300Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1300Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1310_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1310_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\1310Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\1310Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\21_22_Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\21_22_Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2100_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2100_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2150_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2150_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2170_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2170_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2200_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2200_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2300_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2300_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2300Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2300Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2350_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2350_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2350Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2350Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2400_2500Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2400_2500Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2400_2500Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2400_2500Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2600_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2600_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\2600Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\2600Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\4100_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\4100_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\4100Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\4100Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\4200_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\4200_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\4200Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\4200Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\5500_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\5500_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\5500Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\5500Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\6100_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\6100_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\6100Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\6100Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\6200_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\6200_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\6200Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\6200Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\7300_Help.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\7300_Help.msi
C:\Temp\HP_WebRelease\Setup\AiOHelp\7300Trb.cab
C:\Temp\HP_WebRelease\Setup\AiOHelp\7300Trb.msi
C:\Temp\HP_WebRelease\Setup\AiOInstallBannerCrop.bmp
C:\Temp\HP_WebRelease\Setup\AIOMinimal\AIOMinimal.cab
C:\Temp\HP_WebRelease\Setup\AIOMinimal\AIOMinimal.msi
C:\Temp\HP_WebRelease\Setup\AiOSoftware\AIOSoftware.cab
C:\Temp\HP_WebRelease\Setup\AiOSoftware\AIOSoftware.msi
C:\Temp\HP_WebRelease\Setup\BufferChm\BufferChm.cab
C:\Temp\HP_WebRelease\Setup\BufferChm\BufferChm.msi
C:\Temp\HP_WebRelease\Setup\CCC\collect.bat
C:\Temp\HP_WebRelease\Setup\CCC\HpRegSecChkFix_v1_1_10.sig.exe
C:\Temp\HP_WebRelease\Setup\CCC\hpzlgc01.dat
C:\Temp\HP_WebRelease\Setup\CCC\HPZlgc01.exe
C:\Temp\HP_WebRelease\Setup\CCC\HPZprs01.exe
C:\Temp\HP_WebRelease\Setup\copy\Copy.cab
C:\Temp\HP_WebRelease\Setup\copy\Copy.msi
C:\Temp\HP_WebRelease\Setup\creativeprojects\CreativeProjects.cab
C:\Temp\HP_WebRelease\Setup\creativeprojects\CreativeProjects.msi
C:\Temp\HP_WebRelease\Setup\CreativeProjectsTemplates\CreativeProjectsTemplates.cab
C:\Temp\HP_WebRelease\Setup\CreativeProjectsTemplates\CreativeProjectsTemplates.msi
C:\Temp\HP_WebRelease\Setup\CSDialogBanner.bmp
C:\Temp\HP_WebRelease\Setup\CSDialogBannerRTL.bmp
C:\Temp\HP_WebRelease\Setup\CueTour\CueTour.cab
C:\Temp\HP_WebRelease\Setup\CueTour\CueTour.msi
C:\Temp\HP_WebRelease\Setup\Destinations\Destinations.cab
C:\Temp\HP_WebRelease\Setup\Destinations\Destinations.msi
C:\Temp\HP_WebRelease\Setup\director\Director.cab
C:\Temp\HP_WebRelease\Setup\director\Director.msi
C:\Temp\HP_WebRelease\Setup\DocProc\Data1.cab
C:\Temp\HP_WebRelease\Setup\DocProc\DocProc.msi
C:\Temp\HP_WebRelease\Setup\DocumentViewer\DocumentViewer.cab
C:\Temp\HP_WebRelease\Setup\DocumentViewer\DocumentViewer.msi
C:\Temp\HP_WebRelease\Setup\fax\Fax.cab
C:\Temp\HP_WebRelease\Setup\fax\Fax.msi
C:\Temp\HP_WebRelease\Setup\fsshutdown.dat
C:\Temp\HP_WebRelease\Setup\hpoapd01.exe
C:\Temp\HP_WebRelease\Setup\Hpodircu.exe
C:\Temp\HP_WebRelease\Setup\hpofax.reg
C:\Temp\HP_WebRelease\Setup\hpoGA.dat
C:\Temp\HP_WebRelease\Setup\hpoGJ.dat
C:\Temp\HP_WebRelease\Setup\hpoGRe.dat
C:\Temp\HP_WebRelease\Setup\hpok1.dat
C:\Temp\HP_WebRelease\Setup\hpok2.dat
C:\Temp\HP_WebRelease\Setup\hpomdl04.dat
C:\Temp\HP_WebRelease\Setup\hponac.dat
C:\Temp\HP_WebRelease\Setup\hponac01.exe
C:\Temp\HP_WebRelease\Setup\hponicifs01.exe
C:\Temp\HP_WebRelease\Setup\hponiscan01.exe
C:\Temp\HP_WebRelease\Setup\hponiscp01.exe
C:\Temp\HP_WebRelease\Setup\hporfd01.exe
C:\Temp\HP_WebRelease\Setup\hpoRW.dat
C:\Temp\HP_WebRelease\Setup\hposcr04.dat
C:\Temp\HP_WebRelease\Setup\hposcr3rdp.dat
C:\Temp\HP_WebRelease\Setup\hposcrd4.dat
C:\Temp\HP_WebRelease\Setup\hpoVG.dat
C:\Temp\HP_WebRelease\Setup\hpowfs01.exe
C:\Temp\HP_WebRelease\Setup\hpqscr01.dat
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1028.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1029.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1030.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1031.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1032.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1033.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1034.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1035.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1036.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1038.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1040.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1041.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1042.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1043.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1044.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1045.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1046.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1049.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1053.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\1055.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\2052.mst
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\Data1.cab
C:\Temp\HP_WebRelease\Setup\HPSoftwareUpdate\HPSoftwareUpdate.msi
C:\Temp\HP_WebRelease\Setup\HPZarp01.exe
C:\Temp\HP_WebRelease\Setup\HPZcdl01.exe
C:\Temp\HP_WebRelease\Setup\HPZchk01.exe
C:\Temp\HP_WebRelease\Setup\HPZddv01.exe
C:\Temp\HP_WebRelease\Setup\HPZdui01.exe
C:\Temp\HP_WebRelease\Setup\HPZdxs01.exe
C:\Temp\HP_WebRelease\Setup\HPZgat01.exe
C:\Temp\HP_WebRelease\Setup\HPZmsi01.exe
C:\Temp\HP_WebRelease\Setup\HPZnet01.exe
C:\Temp\HP_WebRelease\Setup\HPZnfx01.exe
C:\Temp\HP_WebRelease\Setup\HPZnop01.exe
C:\Temp\HP_WebRelease\Setup\HPZopt01.exe
C:\Temp\HP_WebRelease\Setup\HPZpnp01.exe
C:\Temp\HP_WebRelease\Setup\HPZprl01.exe
C:\Temp\HP_WebRelease\Setup\HPZpsc01.exe
C:\Temp\HP_WebRelease\Setup\HPZpsl01.exe
C:\Temp\HP_WebRelease\Setup\HPZrcv01.exe
C:\Temp\HP_WebRelease\Setup\HPZrein01.exe
C:\Temp\HP_WebRelease\Setup\HPZsaf01.exe
C:\Temp\HP_WebRelease\Setup\HPZscr01.exe
C:\Temp\HP_WebRelease\Setup\HPZshl01.exe
C:\Temp\HP_WebRelease\Setup\HPZsui01.exe
C:\Temp\HP_WebRelease\Setup\HPZtim01.exe
C:\Temp\HP_WebRelease\Setup\HPZwis01.exe
C:\Temp\HP_WebRelease\Setup\HPZwrp01.exe
C:\Temp\HP_WebRelease\Setup\install1.bmp
C:\Temp\HP_WebRelease\Setup\InstantShare\Data1.cab
C:\Temp\HP_WebRelease\Setup\InstantShare\InstantShare.msi
C:\Temp\HP_WebRelease\Setup\MDAC\advpack.dll
C:\Temp\HP_WebRelease\Setup\MDAC\bidinter.inf
C:\Temp\HP_WebRelease\Setup\MDAC\bidintrx.cab
C:\Temp\HP_WebRelease\Setup\MDAC\bidintrx.cat
C:\Temp\HP_WebRelease\Setup\MDAC\bidintrx.inf
C:\Temp\HP_WebRelease\Setup\MDAC\cabinet.dll
C:\Temp\HP_WebRelease\Setup\MDAC\dasetup.cab
C:\Temp\HP_WebRelease\Setup\MDAC\dasetup.cat
C:\Temp\HP_WebRelease\Setup\MDAC\dasetup.exe
C:\Temp\HP_WebRelease\Setup\MDAC\dasetup.inf
C:\Temp\HP_WebRelease\Setup\MDAC\dasetup.ini
C:\Temp\HP_WebRelease\Setup\MDAC\dasetupd.inf
C:\Temp\HP_WebRelease\Setup\MDAC\dasetupr.dll
C:\Temp\HP_WebRelease\Setup\MDAC\jetfiles.cab
C:\Temp\HP_WebRelease\Setup\MDAC\jetfiles.inf
C:\Temp\HP_WebRelease\Setup\MDAC\mdaccore.rsp
C:\Temp\HP_WebRelease\Setup\MDAC\mdaceula.rtf
C:\Temp\HP_WebRelease\Setup\MDAC\mdacsafe.exe
C:\Temp\HP_WebRelease\Setup\MDAC\mdacsafe.inf
C:\Temp\HP_WebRelease\Setup\MDAC\mdacxpak.cab
C:\Temp\HP_WebRelease\Setup\MDAC\mdacxpak.cat
C:\Temp\HP_WebRelease\Setup\MDAC\mdacxpak.inf
C:\Temp\HP_WebRelease\Setup\MDAC\mdacxpdl.inf
C:\Temp\HP_WebRelease\Setup\MDAC\mdacxpkm.cat
C:\Temp\HP_WebRelease\Setup\MDAC\mdacxpkm.inf
C:\Temp\HP_WebRelease\Setup\MDAC\msdamg9x.dll
C:\Temp\HP_WebRelease\Setup\MDAC\msvcrt.cab
C:\Temp\HP_WebRelease\Setup\MDAC\msvcrt.inf
C:\Temp\HP_WebRelease\Setup\MDAC\msxml.inf
C:\Temp\HP_WebRelease\Setup\MDAC\msxmlx.cab
C:\Temp\HP_WebRelease\Setup\MDAC\msxmlx.cat
C:\Temp\HP_WebRelease\Setup\MDAC\msxmlx.inf
C:\Temp\HP_WebRelease\Setup\MDAC\mtxfiles.cab
C:\Temp\HP_WebRelease\Setup\MDAC\mtxfiles.inf
C:\Temp\HP_WebRelease\Setup\MDAC\muisetup.exe
C:\Temp\HP_WebRelease\Setup\MDAC\newmui.inf
C:\Temp\HP_WebRelease\Setup\MDAC\noop.inf
C:\Temp\HP_WebRelease\Setup\MDAC\odbcconf.dll
C:\Temp\HP_WebRelease\Setup\MDAC\odbcconf.exe
C:\Temp\HP_WebRelease\Setup\MDAC\psapi.dll
C:\Temp\HP_WebRelease\Setup\MDAC\redist.rsp
C:\Temp\HP_WebRelease\Setup\MDAC\rspfiled.inf
C:\Temp\HP_WebRelease\Setup\MDAC\rspfiles.cab
C:\Temp\HP_WebRelease\Setup\MDAC\rspfiles.cat
C:\Temp\HP_WebRelease\Setup\MDAC\rspfiles.inf
C:\Temp\HP_WebRelease\Setup\MDAC\setup.exe
C:\Temp\HP_WebRelease\Setup\MDAC\setupapi.cab
C:\Temp\HP_WebRelease\Setup\MDAC\setupapi.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqlclnt.rsp
C:\Temp\HP_WebRelease\Setup\MDAC\sqlnet.cab
C:\Temp\HP_WebRelease\Setup\MDAC\sqlnet.cat
C:\Temp\HP_WebRelease\Setup\MDAC\sqlnet.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqlnetdl.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqlnetm.cat
C:\Temp\HP_WebRelease\Setup\MDAC\sqlnetm.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqlod_dl.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqlodbc.cab
C:\Temp\HP_WebRelease\Setup\MDAC\sqlodbc.cat
C:\Temp\HP_WebRelease\Setup\MDAC\sqlodbc.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqlodbcm.cat
C:\Temp\HP_WebRelease\Setup\MDAC\sqlodbcm.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqlol_dl.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqloldb.cab
C:\Temp\HP_WebRelease\Setup\MDAC\sqloldb.cat
C:\Temp\HP_WebRelease\Setup\MDAC\sqloldb.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqloldbm.cat
C:\Temp\HP_WebRelease\Setup\MDAC\sqloldbm.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqlxmlx.inf
C:\Temp\HP_WebRelease\Setup\MDAC\sqlxmlxp.cab
C:\Temp\HP_WebRelease\Setup\MDAC\sqlxmlxp.cat
C:\Temp\HP_WebRelease\Setup\MDAC\sqlxmlxp.inf
C:\Temp\HP_WebRelease\Setup\MDAC\w95inf16.dll
C:\Temp\HP_WebRelease\Setup\MDAC\w95inf32.dll
C:\Temp\HP_WebRelease\Setup\MDAC\wdset_dl.inf
C:\Temp\HP_WebRelease\Setup\MDAC\wdsetup.cab
C:\Temp\HP_WebRelease\Setup\MDAC\wdsetup.cat
C:\Temp\HP_WebRelease\Setup\MDAC\wdsetup.inf
C:\Temp\HP_WebRelease\Setup\MDAC\wdsetupm.cat
C:\Temp\HP_WebRelease\Setup\MDAC\wdsetupm.inf
C:\Temp\HP_WebRelease\Setup\mdfix01.exe
C:\Temp\HP_WebRelease\Setup\msvcp60.dll
C:\Temp\HP_WebRelease\Setup\netfx.msi
C:\Temp\HP_WebRelease\Setup\netfx1.cab
C:\Temp\HP_WebRelease\Setup\Old_1_thank_you.bmp
C:\Temp\HP_WebRelease\Setup\Overland\Overland.msi
C:\Temp\HP_WebRelease\Setup\photogallery\PhotoGallery.cab
C:\Temp\HP_WebRelease\Setup\photogallery\PhotoGallery.msi
C:\Temp\HP_WebRelease\Setup\printscreen\PrintScreen.cab
C:\Temp\HP_WebRelease\Setup\printscreen\PrintScreen.msi
C:\Temp\HP_WebRelease\Setup\product\1000.cab
C:\Temp\HP_WebRelease\Setup\product\1000.msi
C:\Temp\HP_WebRelease\Setup\product\1033.mst
C:\Temp\HP_WebRelease\Setup\product\1100.cab
C:\Temp\HP_WebRelease\Setup\product\1100.msi
C:\Temp\HP_WebRelease\Setup\product\1200.cab
C:\Temp\HP_WebRelease\Setup\product\1200.msi
C:\Temp\HP_WebRelease\Setup\product\1300.cab
C:\Temp\HP_WebRelease\Setup\product\1300.msi
C:\Temp\HP_WebRelease\Setup\product\1310.cab
C:\Temp\HP_WebRelease\Setup\product\1310.msi
C:\Temp\HP_WebRelease\Setup\product\2100.cab
C:\Temp\HP_WebRelease\Setup\product\2100.msi
C:\Temp\HP_WebRelease\Setup\product\2150.cab
C:\Temp\HP_WebRelease\Setup\product\2150.msi
C:\Temp\HP_WebRelease\Setup\product\2170.cab
C:\Temp\HP_WebRelease\Setup\product\2170.msi
C:\Temp\HP_WebRelease\Setup\product\2200.cab
C:\Temp\HP_WebRelease\Setup\product\2200.msi
C:\Temp\HP_WebRelease\Setup\product\2300.cab
C:\Temp\HP_WebRelease\Setup\product\2300.msi
C:\Temp\HP_WebRelease\Setup\product\2350.cab
C:\Temp\HP_WebRelease\Setup\product\2350.msi
C:\Temp\HP_WebRelease\Setup\product\2400.cab
C:\Temp\HP_WebRelease\Setup\product\2400.msi
C:\Temp\HP_WebRelease\Setup\product\2500.cab
C:\Temp\HP_WebRelease\Setup\product\2500.msi
C:\Temp\HP_WebRelease\Setup\product\2600.cab
C:\Temp\HP_WebRelease\Setup\product\2600.msi
C:\Temp\HP_WebRelease\Setup\product\2700.cab
C:\Temp\HP_WebRelease\Setup\product\2700.msi
C:\Temp\HP_WebRelease\Setup\product\4100.cab
C:\Temp\HP_WebRelease\Setup\product\4100.msi
C:\Temp\HP_WebRelease\Setup\product\4105.cab
C:\Temp\HP_WebRelease\Setup\product\4105.msi
C:\Temp\HP_WebRelease\Setup\product\4200.cab
C:\Temp\HP_WebRelease\Setup\product\4200.msi
C:\Temp\HP_WebRelease\Setup\product\5500.cab
C:\Temp\HP_WebRelease\Setup\product\5500.msi
C:\Temp\HP_WebRelease\Setup\product\6100.cab
C:\Temp\HP_WebRelease\Setup\product\6100.msi
C:\Temp\HP_WebRelease\Setup\product\6200.cab
C:\Temp\HP_WebRelease\Setup\product\6200.msi
C:\Temp\HP_WebRelease\Setup\product\7300.cab
C:\Temp\HP_WebRelease\Setup\product\7300.msi
C:\Temp\HP_WebRelease\Setup\product\7400.cab
C:\Temp\HP_WebRelease\Setup\product\7400.msi
C:\Temp\HP_WebRelease\Setup\ProductContext\ProductContext.cab
C:\Temp\HP_WebRelease\Setup\ProductContext\ProductContext.msi
C:\Temp\HP_WebRelease\Setup\QFolder\QFolder.msi
C:\Temp\HP_WebRelease\Setup\QuickProjects\QuickProjects.cab
C:\Temp\HP_WebRelease\Setup\QuickProjects\QuickProjects.msi
C:\Temp\HP_WebRelease\Setup\Readme\Readme.cab
C:\Temp\HP_WebRelease\Setup\Readme\Readme.msi
C:\Temp\HP_WebRelease\Setup\Readme\readme\1033\Readme.html
C:\Temp\HP_WebRelease\Setup\RedBox\Data1.cab
C:\Temp\HP_WebRelease\Setup\RedBox\Redbox.msi
C:\Temp\HP_WebRelease\Setup\redisco\hpzjrd01.dll
C:\Temp\HP_WebRelease\Setup\redisco\hpzjsn01.dll
C:\Temp\HP_WebRelease\Setup\redisco\test.txt
C:\Temp\HP_WebRelease\Setup\redisco\wsnmp32.dll
C:\Temp\HP_WebRelease\Setup\Scan\Data1.cab
C:\Temp\HP_WebRelease\Setup\Scan\Scan.msi
C:\Temp\HP_WebRelease\Setup\Sherlock\1028.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1029.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1030.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1031.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1032.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1033.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1034.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1035.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1036.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1038.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1040.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1041.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1042.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1043.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1044.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1045.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1046.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1049.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1053.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\1055.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\2052.mst
C:\Temp\HP_WebRelease\Setup\Sherlock\HPSystemDiagnostics.msi
C:\Temp\HP_WebRelease\Setup\SkinsHP\SkinsHP1.cab
C:\Temp\HP_WebRelease\Setup\SkinsHP\SkinsHP1.msi
C:\Temp\HP_WebRelease\Setup\Tour\1000Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\1000Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\1300Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\1300Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\1310Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\1310Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\2100Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\2100Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\2150Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\2150Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\2170Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\2170Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\2200Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\2200Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\23_24_2500Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\23_24_2500Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\4100Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\4100Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\4200Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\4200Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\5500Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\5500Tour.msi
C:\Temp\HP_WebRelease\Setup\Tour\6100Tour.cab
C:\Temp\HP_WebRelease\Setup\Tour\6100Tour.msi
C:\Temp\HP_WebRelease\Setup\trayapp\TrayApp.cab
C:\Temp\HP_WebRelease\Setup\trayapp\TrayApp.msi
C:\Temp\HP_WebRelease\Setup\UnloadIntent\Data1.cab
C:\Temp\HP_WebRelease\Setup\UnloadIntent\Unload.msi
C:\Temp\HP_WebRelease\Setup\usbready.exe
C:\Temp\HP_WebRelease\Setup\webreg\WebReg.cab
C:\Temp\HP_WebRelease\Setup\webreg\WebReg.msi
C:\Temp\HP_WebRelease\Setup\wis\Win2K_XP\instmsi.exe
C:\Temp\HP_WebRelease\Setup\wis\Win9x\instmsi.exe
C:\Temp\HP_WebRelease\tls704d.dll
C:\Temp\HP_WebRelease\usbhub.sys
C:\Temp\HP_WebRelease\usbmon.dll
C:\Temp\HP_WebRelease\usbprint.sys
C:\Temp\HP_WebRelease\util\AIO\hpopdi05.exe
C:\Temp\HP_WebRelease\util\AIO\hpopin05.exe
C:\Temp\HP_WebRelease\util\CCC\1606fix.reg
C:\Temp\HP_WebRelease\util\CCC\240075.exe
C:\Temp\HP_WebRelease\util\CCC\270615USAM.EXE
C:\Temp\HP_WebRelease\util\CCC\afs2k_install.bat
C:\Temp\HP_WebRelease\util\CCC\afs2k_remove.bat
C:\Temp\HP_WebRelease\util\CCC\afsinst.exe
C:\Temp\HP_WebRelease\util\CCC\collect.bat
C:\Temp\HP_WebRelease\util\CCC\enu\Q283787_W2K_SP3_x86.EXE
C:\Temp\HP_WebRelease\util\CCC\enu\WindowsXP-KB822603-x86-ENU.exe
C:\Temp\HP_WebRelease\util\CCC\hposcrlr.bat
C:\Temp\HP_WebRelease\util\CCC\HpRegSecChkFix_v1_2_1.exe
C:\Temp\HP_WebRelease\util\CCC\HPZlgc01.exe
C:\Temp\HP_WebRelease\util\CCC\MediaSizeSettings.exe
C:\Temp\HP_WebRelease\util\CCC\Q256858_W2K_SP1_x86.EXE
C:\Temp\HP_WebRelease\util\CCC\Uninstall.bat
C:\Temp\HP_WebRelease\util\CCC\Uninstall_L1.bat
C:\Temp\HP_WebRelease\util\CCC\Uninstall_L2.bat
C:\Temp\HP_WebRelease\util\CCC\Uninstall_L3.bat
C:\Temp\HP_WebRelease\util\CCC\Uninstall_L4.bat
C:\Temp\HP_WebRelease\util\cfgmgr32.dll
C:\Temp\HP_WebRelease\util\common\hpfpdi10.exe
C:\Temp\HP_WebRelease\util\common\hpqisc09.exe
C:\Temp\HP_WebRelease\util\common\hpzghl10.exe
C:\Temp\HP_WebRelease\util\common\hpzpin10.exe
C:\Temp\HP_WebRelease\util\setupapi.dll
C:\Temp\HP_WebRelease\util\Support_Tools\MSI_Install_Cleanup\Win2000\msicuu.exe
C:\Temp\HP_WebRelease\util\Support_Tools\MSI_Install_Cleanup\Win9x\msicu.exe
C:\Temp\tOncha0119.exe
C:\WINDOWS\SYSTEM32\nGpxx01
C:\WINDOWS\SYSTEM32\nGpxx01\nGpxx011065.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-31 )))))))))))))))))))))))))))))))
.
2008-01-30 10:22 . 2005-08-01 07:32 211 --a------ C:\Boot.bak
2008-01-30 10:21 . 2004-08-03 23:00 260,272 --a------ C:\cmldr
2007-12-11 11:21 . 2007-03-22 10:31 152,624 --a------ C:\WINDOWS\SYSTEM32\WIN2PDFS.DLL
2007-12-11 11:21 . 2007-03-22 10:31 21,552 --a------ C:\WINDOWS\SYSTEM32\WIN2PDFM.DLL
2007-12-11 11:21 . 2007-12-11 11:32 2,236 --a------ C:\WINDOWS\1way.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 22:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-12 22:20 884,736 ----a-w C:\Documents and Settings\__sbs_netsetup__\NTUSER.DAT
2007-12-12 22:20 1,048,576 ----a-w C:\Documents and Settings\__sbs_netsetup__.SERVICE\NTUSER.DAT
2007-12-12 22:20 1,048,576 ----a-w C:\Documents and Settings\__sbs_netsetup__.JOHNDOE01\NTUSER.DAT
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\SYSTEM32\lsasrv.dll
2007-11-07 09:26 721,920 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\lsasrv.dll
2007-10-30 23:42 3,590,656 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip.sys
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2007-10-29 22:43 1,287,680 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\quartz.dll
2007-10-27 22:40 227,328 ----a-w C:\WINDOWS\SYSTEM32\wmasf.dll
2007-10-27 22:40 227,328 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wmasf.dll
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\shell32.dll
2007-10-10 23:56 824,832 ----a-w C:\WINDOWS\SYSTEM32\wininet.dll
2007-10-10 23:56 824,832 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
2007-10-10 23:56 232,960 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\webcheck.dll
2007-10-10 23:56 1,159,680 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
2007-10-10 23:55 671,232 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
2007-10-10 23:55 63,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
2007-10-10 23:55 6,065,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
2007-10-10 23:55 52,224 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
2007-10-10 23:55 478,208 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
2007-10-10 23:55 459,264 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
2007-10-10 23:55 44,544 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iernonce.dll
2007-10-10 23:55 384,512 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iedkcs32.dll
2007-10-10 23:55 383,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
2007-10-10 23:55 27,648 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
2007-10-10 23:55 267,776 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
2007-10-10 23:55 230,400 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieaksie.dll
2007-10-10 23:55 214,528 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
2007-10-10 23:55 193,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
2007-10-10 23:55 153,088 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakeng.dll
2007-10-10 23:55 132,608 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
2007-10-10 23:55 124,928 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\advpack.dll
2007-10-10 23:55 105,984 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\url.dll
2007-10-10 23:55 102,400 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\occache.dll
2007-10-10 10:59 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2007-10-10 10:59 625,152 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2007-10-10 10:59 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2007-10-10 05:46 161,792 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-19 08:59 126976]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-04-19 23:25 77824]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2003-10-06 10:05 53248]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2004-08-04 02:56 143360]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 13:54 241664]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-06 01:07 61440]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11 49152]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-03-22 14:42 185784]
"OfficeScanNT Monitor"="C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" [2007-03-29 07:10 394952]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [2004-08-04 02:56 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DM_Server"=C:\PROGRA~1\COMETS~1\DM\bin\dmserver.exe /onreboot
"DwlClient"=C:\Program Files\Common Files\Dell\EUSW\Support.exe
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe
S3 crmhost;crmhost;c:\program files\evware\gravity crm\host\gravityhost.exe []
.
Contents of the 'Scheduled Tasks' folder
"2004-05-11 20:00:02 C:\WINDOWS\Tasks\ISP signup reminder 1.job"
- C:\WINDOWS\System32\OOBE\OOBEBALN.EXE
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-01-31 07:58:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-31 8:00:50
ComboFix-quarantined-files.txt 2008-01-31 13:00:42
ComboFix2.txt 2008-01-30 22:01:48
.
2008-01-09 08:03:01 --- E O F ---
HiJackthis after anti spyware
Logfile of HijackThis v1.99.1
Scan saved at 10:54, on 01/31/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\WINDOWS\TEMP\TL9A66.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://google.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
http://SERVER:80O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Gravity Monitor.lnk = C:\Program Files\EVware\Gravity CRM\Monitor\GravityMonitor.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://companyweb
O15 - Trusted Zone:
http://*.SERVERO16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) -
https://sbs2003.flor...ll/WinNTChk.cabO16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment SetupCtrl Class) -
https://sbs2003:4343...stall/setup.cabO16 - DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} (NSHelp Class) -
http://sbs2003/conne...uter/nshelp.dllO16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} (OfficeScan Corp Edition Web-Deployment ObjRemoveCtrl Class) -
https://sbs2003:4343.../RemoveCtrl.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1145130429038O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) -
https://h17000.www1....loadManager.ocxO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://fpdownload.m...ash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = FloridaIndustrialScaleCo.local
O17 - HKLM\Software\..\Telephony: DomainName = FloridaIndustrialScaleCo.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = FloridaIndustrialScaleCo.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = FloridaIndustrialScaleCo.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = FloridaIndustrialScaleCo.local
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: crmhost - Unknown owner - c:\program files\evware\gravity crm\host\gravityhost.exe (file missing)
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)