"Eric" - 07-01-29 20:37:11    Service Pack 2
ComboFix 07-01-25 - Running from: "D:\DOWNLOADS"

((((((((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\drivers\npf.sys 


(((((((((((((((((((((((((((((((   Files Created from 2006-12-29 to 2007-01-29  ))))))))))))))))))))))))))))))))))
 
 
2007-01-29 20:24	<DIR>	d--------	C:\Program Files\CCleaner
2007-01-29 18:27	<DIR>	d--------	C:\!KillBox
2007-01-28 20:53	3,968	--a------	C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-01-25 09:42	<DIR>	d--------	C:\DOCUME~1\Eric\Contacts
2007-01-25 09:39	<DIR>	d----c---	C:\WINDOWS\system32\DRVSTORE
2007-01-25 09:39	<DIR>	d--------	C:\Program Files\MSN Messenger
2007-01-20 12:46	<DIR>	d--------	C:\Program Files\Google
2007-01-20 12:46	<DIR>	d--------	C:\DOCUME~1\Eric\Application Data\Google
2007-01-20 12:46	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\Application Data\Google
2007-01-14 12:14	<DIR>	d--------	C:\DOCUME~1\LOCALS~1\Application Data\Sony Corporation
2007-01-13 23:38	<DIR>	d--------	C:\Program Files\MSXML 4.0


((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-01-29 20:34	--------	d--------	C:\Program Files\mozilla firefox
2007-01-28 20:53	--------	d--------	C:\Program Files\grisoft
2007-01-25 09:40	--------	d---s----	C:\DOCUME~1\Eric\Application Data\microsoft
2007-01-19 08:08	--------	d--------	C:\DOCUME~1\Eric\Application Data\adobeum
2006-12-06 21:29	2374472	--a------	C:\WINDOWS\system32\wmvcore.dll
2006-11-07 21:06	679424	--a------	C:\WINDOWS\system32\inetcomm.dll
2006-11-04 14:14	1245696	--a------	C:\WINDOWS\system32\msxml4.dll
 
 
((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"SetDefaultMidi"="MIDIDEF.EXE"
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
  33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"SetDefaultMidi"="MIDIDEF.EXE"
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
  33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"SpecifyDefaultButtons"=dword:00000000
"Btn_Search"=dword:00000000
"NoBandCustomize"=dword:00000000
"NoToolbarCustomize"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService	REG_MULTI_SZ   	Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService	REG_MULTI_SZ   	DnsCache\0\0
rpcss	REG_MULTI_SZ   	RpcSs\0\0
imgsvc	REG_MULTI_SZ   	StiSvc\0\0
termsvcs	REG_MULTI_SZ   	TermService\0\0
HTTPFilter	REG_MULTI_SZ   	HTTPFilter\0\0
DcomLaunch	REG_MULTI_SZ   	DcomLaunch\0TermService\0\0
Usnsvc	REG_MULTI_SZ   	usnsvc\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Registration reminder 1.job
C:\WINDOWS\tasks\Registration reminder 2.job
C:\WINDOWS\tasks\Registration reminder 3.job

Completion time: 07-01-29 20:39:02