Start Time= Mon 03/19/2007 20:42:00.09 QuickScan did not find any signs of infected files (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-03-14 12:08:04 ( .D... ) "C:\Program Files\Common Files\AnswerWorks 4.0" 2007-03-08 13:00:54 ( .D... ) "C:\Program Files\iLinc" 2007-03-07 16:36:32 12619736 ( A.... ) "C:\WINDOWS\system32\MRT.exe" 2007-02-06 21:32:36 ( .D... ) "C:\Program Files\Spybot - Search & Destroy" 2007-02-05 21:32:54 ( .D... ) "C:\Documents and Settings\Compaq_Owner\Application Data\AVG7" 2007-02-05 21:32:14 ( .D... ) "C:\Program Files\Grisoft" 2007-02-05 14:37:18 ( .D... ) "C:\Program Files\Reference Assemblies" 2007-02-05 13:35:38 ( .D... ) "C:\Program Files\CCleaner" 2007-02-05 13:30:00 ( .D... ) "C:\Program Files\Belarc" 2007-01-30 10:58:20 ( .D... ) "C:\Program Files\Adams Business Forms" 2007-01-29 16:22:18 ( .D... ) "C:\Program Files\Accessories" 2007-01-29 16:00:30 ( .D... ) "C:\Program Files\MSSOAP" 2007-01-29 04:58:06 60416 ( ..... ) "C:\WINDOWS\system32\tzchange.exe" 2007-01-12 10:27:42 6054400 ( A.... ) "C:\WINDOWS\system32\ieframe.dll" 2007-01-12 10:27:42 3580416 ( A.... ) "C:\WINDOWS\system32\mshtml.dll" 2007-01-12 10:27:42 1149952 ( A.... ) "C:\WINDOWS\system32\urlmon.dll" 2007-01-12 10:27:42 822784 ( A.... ) "C:\WINDOWS\system32\wininet.dll" 2007-01-12 10:27:42 670720 ( A.... ) "C:\WINDOWS\system32\mstime.dll" 2007-01-12 10:27:42 477696 ( A.... ) "C:\WINDOWS\system32\mshtmled.dll" 2007-01-12 10:27:42 458752 ( ..... ) "C:\WINDOWS\system32\msfeeds.dll" 2007-01-12 10:27:42 232960 ( A.... ) "C:\WINDOWS\system32\webcheck.dll" 2007-01-12 10:27:42 132608 ( A.... ) "C:\WINDOWS\system32\extmgr.dll" 2007-01-12 10:27:42 51712 ( ..... ) "C:\WINDOWS\system32\msfeedsbs.dll" 2007-01-12 10:27:42 27136 ( A.... ) "C:\WINDOWS\system32\jsproxy.dll" 2007-01-08 20:04:54 105984 ( A.... ) "C:\WINDOWS\system32\url.dll" 2007-01-08 20:04:08 102400 ( A.... ) "C:\WINDOWS\system32\occache.dll" 2007-01-08 20:03:02 193024 ( A.... ) "C:\WINDOWS\system32\msrating.dll" 2007-01-08 20:02:04 266752 ( A.... ) "C:\WINDOWS\system32\iertutil.dll" 2007-01-08 20:02:04 44544 ( A.... ) "C:\WINDOWS\system32\iernonce.dll" 2007-01-08 20:02:02 384000 ( A.... ) "C:\WINDOWS\system32\iedkcs32.dll" 2007-01-08 20:02:02 383488 ( ..... ) "C:\WINDOWS\system32\ieapfltr.dll" 2007-01-08 20:02:02 230400 ( A.... ) "C:\WINDOWS\system32\ieaksie.dll" 2007-01-08 20:02:02 161792 ( A.... ) "C:\WINDOWS\system32\ieakui.dll" 2007-01-08 20:02:02 153088 ( A.... ) "C:\WINDOWS\system32\ieakeng.dll" 2007-01-08 20:01:14 17408 ( A.... ) "C:\WINDOWS\system32\corpol.dll" 2007-01-08 20:00:48 124928 ( A.... ) "C:\WINDOWS\system32\advpack.dll" 2007-01-08 19:08:14 56832 ( A.... ) "C:\WINDOWS\system32\ie4uinit.exe" 2007-01-08 19:08:10 13824 ( A.... ) "C:\WINDOWS\system32\ieudinit.exe" 2006-12-19 17:52:18 8453632 ( A.... ) "C:\WINDOWS\system32\shell32.dll" 2006-12-19 17:52:18 134656 ( A.... ) "C:\WINDOWS\system32\shsvcs.dll" 2006-12-19 14:16:48 333824 ( A.... ) "C:\WINDOWS\system32\wiaservc.dll" 2006-12-19 10:17:20 2180352 ( A.... ) "C:\WINDOWS\system32\ntoskrnl.exe" 2006-12-19 08:55:40 2057600 ( A.... ) "C:\WINDOWS\system32\ntkrnlpa.exe" ((((((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=dword:00000000 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXDllRegExe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dxdllreg" "hkey"="HKLM" "command"="dxdllreg.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="hpcmpmgr" "hkey"="HKLM" "command"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPwuSchd2" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPwuSchd2.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPBootOp" "hkey"="HKLM" "command"="\"C:\\Program Files\\Hewlett-Packard\\HP Boot Optimizer\\HPBootOp.exe\" /run" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrProfiler] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="" "hkey"="HKLM" "command"="" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RECGUARD" "hkey"="HKLM" "command"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Remind_XP" "hkey"="HKLM" "command"="\"C:\\Windows\\Creator\\Remind_XP.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDCPL" "hkey"="HKLM" "command"="RTHDCPL.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoogleToolbarNotifier" "hkey"="HKCU" "command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "ose"=dword:00000003 "MDM"=dword:00000002 "Ati HotKey Poller"=dword:00000002 Contents of the 'Scheduled Tasks' folder Completion time: Mon 03/19/2007 20:43:23.26 ComboFix ver 06.06.17 - This logfile is located at C:\ComboFix.txt