ComboFix 08-03-05.1 - user 2008-03-05 20:21:52.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1659 [GMT -5:00] Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((( Files Created from 2008-02-06 to 2008-03-06 ))))))))))))))))))))))))))))))) . 2008-03-05 15:55 . 2008-03-05 15:55 16 --a------ C:\WINDOWS\popcinfot.dat 2008-03-05 15:10 . 2008-03-05 17:22 d-------- C:\Program Files\SpywareBlaster 2008-03-05 14:15 . 2008-03-05 14:15 d-------- C:\Program Files\Trend Micro 2008-03-04 16:28 . 2007-12-04 09:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-03-04 16:28 . 2007-12-04 09:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-03-04 16:28 . 2007-12-04 09:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-03-04 16:27 . 2008-03-04 16:27 d-------- C:\Program Files\Alwil Software 2008-03-04 16:27 . 2007-12-04 08:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-03-04 16:27 . 2004-01-09 04:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2008-03-04 16:27 . 2007-12-04 07:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-03-04 16:27 . 2007-12-04 09:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-03-04 16:27 . 2007-12-04 09:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-02-27 17:15 . 2008-02-27 17:15 d-------- C:\Documents and Settings\user\Application Data\PC Tools 2008-02-27 17:15 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys 2008-02-27 17:15 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys 2008-02-27 17:15 . 2008-02-01 12:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys 2008-02-27 17:15 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys 2008-02-27 15:24 . 2008-02-27 15:24 d-------- C:\Program Files\Network Associates 2008-02-25 15:37 . 2008-02-25 15:37 d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-02-25 15:37 . 2008-02-25 15:37 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-02-17 21:14 . 2008-03-02 15:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-17 21:14 . 2008-02-17 21:14 1,409 --a------ C:\WINDOWS\QTFont.for 2008-02-17 10:29 . 2008-03-03 21:33 19,248 --a------ C:\WINDOWS\system32\drivers\rspsc32.sys 2008-02-16 22:46 . 2008-02-16 22:46 d-------- C:\Documents and Settings\user\Application Data\Uniblue 2008-02-16 22:01 . 2008-02-16 22:01 d-------- C:\Program Files\Spybot - Search & Destroy 2008-02-16 22:00 . 2008-03-05 16:57 d-------- C:\Program Files\CCleaner 2008-02-16 12:47 . 2008-02-16 12:47 1 --a------ C:\Documents and Settings\user\SI.bin 2008-02-13 19:25 . 2008-02-13 19:25 d-------- C:\Program Files\Midway Home Entertainment 2008-02-11 16:52 . 2008-02-11 16:52 d-------- C:\Documents and Settings\user\Application Data\InstallShield Installation Information 2008-02-11 16:51 . 2008-02-11 16:51 d-------- C:\Program Files\Unreal Tournament 3 Demo 2008-02-11 16:50 . 2008-02-11 16:50 d-------- C:\Program Files\DIFX 2008-02-11 16:50 . 2006-07-01 22:39 36,864 --a------ C:\WINDOWS\system32\drivers\AmdK8.sys 2008-02-10 15:20 . 2008-02-10 15:24 d-------- C:\Program Files\PuzzleExpress 2008-02-10 14:15 . 2008-02-10 14:17 d-------- C:\Program Files\Bejeweled 2 Deluxe 2008-02-10 14:15 . 2008-02-10 14:15 720,896 --a------ C:\WINDOWS\iun6002ev.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-05 22:22 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-03-03 21:57 --------- d-----w C:\Documents and Settings\user\Application Data\Xfire 2008-03-03 16:40 --------- d-----w C:\Documents and Settings\user\Application Data\Skype 2008-03-01 18:10 --------- d-s---w C:\Program Files\Xfire 2008-02-29 19:56 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-29 14:28 --------- d-----w C:\Program Files\eMule 2008-02-27 01:09 --------- d-----w C:\Documents and Settings\user\Application Data\teamspeak2 2008-02-26 22:19 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-02-26 22:19 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-02-17 04:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-17 04:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7 2008-02-17 02:41 --------- d-----w C:\Documents and Settings\user\Application Data\AVG7 2008-02-16 17:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft 2008-02-15 20:53 --------- d-----w C:\Program Files\Advanced Spyware Remover 2008-02-11 21:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-02-11 21:49 --------- d-----w C:\Program Files\AGEIA Technologies 2008-02-09 23:00 --------- d-----w C:\Program Files\Electronic Arts 2008-02-03 20:48 --------- d-----w C:\Documents and Settings\user\Application Data\Bioshock 2008-02-03 16:31 --------- d-----w C:\Program Files\Ubisoft 2008-02-02 17:05 --------- d-----w C:\Documents and Settings\user\Application Data\SystemRequirementsLab 2008-02-01 23:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles 2008-01-30 01:03 --------- d-----w C:\Documents and Settings\user\Application Data\Logitech 2008-01-30 01:01 --------- d-----w C:\Program Files\Logitech 2008-01-30 01:01 --------- d-----w C:\Program Files\Common Files\Logishrd 2008-01-30 01:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech 2008-01-25 16:27 --------- d-----w C:\Program Files\Game Cam v1.4 2008-01-25 16:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogiShrd 2008-01-18 22:26 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-01-18 22:26 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2008-01-14 12:52 81,920 ----a-w C:\WINDOWS\system32\frapsvid.dll 2008-01-13 16:05 --------- d-----w C:\Program Files\IObit 2008-01-09 17:28 76,304 ----a-w C:\WINDOWS\system32\KemXML.dll 2008-01-09 17:28 141,840 ----a-w C:\WINDOWS\system32\KemUtil.dll 2008-01-09 17:28 117,264 ----a-w C:\WINDOWS\system32\KemWnd.dll 2008-01-09 17:27 170,512 ----a-w C:\WINDOWS\system32\kemutb.dll 2008-01-09 17:26 301,656 ----a-w C:\WINDOWS\system32\BtCoreIf.dll 2007-12-27 17:25 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2007-12-26 21:01 22,328 -c--a-w C:\Documents and Settings\user\Application Data\PnkBstrK.sys 2007-12-07 02:21 824,832 ----a-w C:\WINDOWS\system32\wininet.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-06-02 15:03 1957888] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00 15360] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] "AOL Fast Start"="C:\Program Files\America Online 9.0\AOL.exe" [2005-07-12 06:17 50776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 08:41 282624] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-11-29 02:17 55824 C:\WINDOWS\KHALMNPR.Exe] "LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57 188416] "nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 08:00 79224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [ ] C:\Documents and Settings\user\Start Menu\Programs\Startup\ Webshots.lnk - C:\Program Files\Webshots\Launcher.exe [2005-09-10 14:46:55 45056] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-01-29 20:02:05 789008] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll 2008-01-09 12:30 72208 c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp.