User 1 - 06-10-15 15:21:32.78 Service Pack 2 ComboFix 06.10.14.1 - Running from: "C:\Documents and Settings\Kevin Parrish\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2006-09-15 to 2006-10-15 )))))))))))))))))))))))))))))))))) 2006-10-14 13:10 218,112 --a------ C:\HijackThis.exe 2006-10-14 05:56 3,968 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys 2006-10-14 02:04 106,496 --a------ C:\WINDOWS\SYSTEM32\dpfwu.dll 2006-10-10 19:44 98,304 --a------ C:\WINDOWS\SYSTEM32\lffax13n.dll 2006-10-10 19:44 155,648 --a------ C:\WINDOWS\SYSTEM32\lftif13n.dll 2006-10-10 19:44 1,693,696 --a------ C:\WINDOWS\SYSTEM32\ltclr13n.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-15 04:51 -------- d-------- C:\Program Files\LogMeIn 2006-10-14 14:42 -------- d-------- C:\Program Files\Windows Media Player 2006-10-14 14:42 -------- d-------- C:\Program Files\Winamp 2006-10-14 14:40 -------- d-------- C:\Program Files\QuickTime 2006-10-14 14:40 -------- d-------- C:\Program Files\MSN Messenger 2006-10-14 14:40 -------- d-------- C:\Program Files\MMediaCodec 2006-10-14 14:38 -------- d-------- C:\Program Files\Messenger 2006-10-14 14:37 -------- d-------- C:\Program Files\Lexmark 6200 Series 2006-10-14 14:36 -------- d-------- C:\Program Files\iTunes 2006-10-14 14:36 -------- d-------- C:\Program Files\Internet Explorer 2006-10-14 14:34 -------- d-------- C:\Program Files\Google 2006-10-14 14:34 -------- d-------- C:\Program Files\eFax Messenger 4.1 2006-10-14 14:34 -------- d-------- C:\Program Files\Dell Support 2006-10-14 14:33 -------- d-------- C:\Program Files\BearShare 2006-10-14 06:05 -------- d-a------ C:\Program Files\Common Files 2006-10-14 05:56 -------- d-------- C:\Program Files\Grisoft 2006-10-14 05:13 -------- d-------- C:\Documents and Settings\Kevin Parrish\Application Data\Lavasoft 2006-10-14 05:11 -------- d-------- C:\Program Files\Lavasoft 2006-10-14 04:32 -------- d-------- C:\Program Files\Enigma Software Group 2006-10-11 22:06 -------- d-------- C:\Program Files\ZangoToolbar 2006-10-01 23:42 -------- d-------- C:\Program Files\AC3Filter 2006-09-13 06:01 1084416 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll 2006-09-01 18:08 -------- d-------- C:\Program Files\WinRAR 2006-09-01 18:08 -------- d-------- C:\Documents and Settings\Kevin Parrish\Application Data\Help 2006-08-27 13:35 -------- d-------- C:\Program Files\Google Video 2006-08-26 09:41 -------- d-------- C:\Program Files\PeerCast 2006-08-25 16:45 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll 2006-08-22 21:25 -------- d-------- C:\Program Files\MyGlobalSearch 2006-08-21 13:21 16896 --a------ C:\WINDOWS\SYSTEM32\fltlib.dll 2006-08-21 10:14 23040 --a------ C:\WINDOWS\SYSTEM32\fltmc.exe 2006-08-21 10:14 128896 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\fltmgr.sys 2006-08-16 12:58 100352 --a------ C:\WINDOWS\SYSTEM32\6to4svc.dll 2006-08-16 10:37 225664 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\tcpip6.sys 2006-08-15 18:56 -------- d-------- C:\Program Files\DivX 2006-08-04 16:37 73728 --a------ C:\WINDOWS\SYSTEM32\dpl100.dll 2006-08-04 16:37 196608 --a------ C:\WINDOWS\SYSTEM32\dtu100.dll 2006-07-29 19:32 48936 --a------ C:\WINDOWS\SYSTEM32\sirenacm.dll 2006-07-27 14:24 679424 --a------ C:\WINDOWS\SYSTEM32\inetcomm.dll 2006-07-27 03:05 3596288 --a------ C:\WINDOWS\SYSTEM32\qt-dx331.dll 2006-07-21 13:15 9576 --a--c--- C:\WINDOWS\SYSTEM32\LMImirr2.dll 2006-07-21 13:15 23016 --a--c--- C:\WINDOWS\SYSTEM32\LMImirr.dll 2006-07-21 13:15 11496 --a------ C:\WINDOWS\SYSTEM32\LMIinit.dll 2006-07-21 11:54 7920 --a--c--- C:\WINDOWS\SYSTEM32\ractrlkeyhook.dll 2006-07-21 09:24 72704 --a------ C:\WINDOWS\SYSTEM32\hlink.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "DellSupport"="\"C:\\Program Files\\Dell Support\\DSAgnt.exe\" /startup" "Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.0.711.1664\\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /installquiet" "BCMSMMSG"="BCMSMMSG.exe" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe" "DadApp"="C:\\Program Files\\Dell\\AccessDirect\\dadapp.exe" "Dell QuickSet"="C:\\Program Files\\Dell\\QuickSet\\quickset.exe" "SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe" "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\"" "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\"" "VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask" "MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe" "MCUpdateExe"="C:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe" "RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER" "UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r" "VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe" "lxbumon.exe"="\"C:\\Program Files\\Lexmark 6200 Series\\lxbumon.exe\"" "FaxCenterServer"="\"C:\\Program Files\\Lexmark Fax Solutions\\fm3032.exe\" /s" "EzPrint"="\"C:\\Program Files\\Lexmark 6200 Series\\ezprint.exe\"" "dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe" "eFax 4.1"="\"C:\\Program Files\\eFax Messenger 4.1\\J2GDllCmd.exe\" /R" "BearShare"="\"C:\\Program Files\\BearShare\\BearShare.exe\" /pause" "LogMeIn GUI"="\"C:\\Program Files\\LogMeIn\\LogMeInSystray.exe\"" "iTunesHelper"="C:\\Program Files\\iTunes\\iTunesHelper.exe" "WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe" "SpyHunter"="C:\\Program Files\\Enigma Software Group\\SpyHunter\\SpyHunter.exe" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" "{dfa61db1-388e-4c87-8d56-540fa229bcb4}"="contrabandists" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoCDBurning"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] "isamonitor.exe"="C:\\Program Files\\MMediaCodec\\isamonitor.exe" [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "contrabandists"="{dfa61db1-388e-4c87-8d56-540fa229bcb4}" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1147246356.job Completion time: 06-10-15 15:22:51.75 C:\ComboFix.txt ... 06-10-15 15:22