ComboFix 08-03-05.1 - Owner 2008-03-06 19:13:05.4 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.187 [GMT -5:00] Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((( Files Created from 2008-02-07 to 2008-03-07 ))))))))))))))))))))))))))))))) . 2008-03-05 22:03 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-03-05 20:35 . 2008-03-05 20:35 279 --a------ C:\Shortcut to Local Disk (C).lnk 2008-02-28 22:22 . 2008-02-28 22:22 d-------- C:\VundoFix Backups 2008-02-27 07:54 . 2008-02-27 07:54 d-------- C:\Program Files\Trend Micro 2008-02-26 23:58 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS 2008-02-26 23:42 . 2008-02-27 01:22 d-------- C:\WINDOWS\system32\ActiveScan 2008-02-26 23:42 . 2008-02-26 23:42 30,590 --a------ C:\WINDOWS\system32\pavas.ico 2008-02-26 23:42 . 2008-02-26 23:42 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico 2008-02-26 23:42 . 2008-02-26 23:42 1,406 --a------ C:\WINDOWS\system32\Help.ico 2008-02-26 19:27 . 2008-02-26 19:27 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2008-02-26 19:26 . 2008-03-06 07:50 d-------- C:\Program Files\SUPERAntiSpyware 2008-02-26 19:26 . 2008-02-26 19:26 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-02-26 19:26 . 2008-02-26 19:26 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com 2008-02-26 00:30 . 2008-02-26 00:30 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft 2008-02-26 00:19 . 2008-02-26 00:19 d-------- C:\Documents and Settings\Owner\Application Data\Grisoft 2008-02-26 00:18 . 2007-05-30 07:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-02-23 21:36 . 2008-02-23 21:40 d-------- C:\Documents and Settings\Administrator\Application Data\AVG7 2008-02-23 18:26 . 2008-02-23 18:25 691,545 --a------ C:\WINDOWS\unins000.exe 2008-02-23 18:26 . 2008-02-23 18:26 2,541 --a------ C:\WINDOWS\unins000.dat 2008-02-08 15:16 . 2008-03-05 21:41 d-------- C:\WINDOWS\OIS . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-06 13:00 --------- d-----w C:\Documents and Settings\Owner\Application Data\AVG7 2008-03-06 03:03 --------- d-----w C:\Program Files\Java 2008-03-05 22:03 --------- d-----w C:\Program Files\LimeWire 2008-02-29 04:55 --------- d-----w C:\Program Files\Viewpoint 2008-02-29 04:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint 2008-02-27 06:07 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-02-27 06:06 --------- d-----w C:\Program Files\QuickTime 2008-02-27 05:58 --------- d-----w C:\Program Files\Microsoft ActiveSync 2008-02-27 05:52 --------- d-----w C:\Program Files\Google 2008-02-26 05:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2008-02-25 21:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-25 19:41 --------- d-----w C:\Program Files\Samsung 2008-02-23 22:19 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-07 02:40 --------- d-----w C:\Program Files\Corel 2008-02-07 02:40 --------- d-----w C:\Documents and Settings\Owner\Application Data\InstallShield 2008-02-06 21:24 --------- d-----w C:\Documents and Settings\Owner\Application Data\AdobeUM 2007-12-07 01:07 659,456 ----a-w C:\WINDOWS\system32\wininet.dll 2007-06-22 01:38 10,220 ----a-w C:\Documents and Settings\Owner\Application Data\ViewerApp.dat 2004-12-06 00:21 0 -csh--r C:\Program Files\q330994.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\cvchost.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\dl.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\dlm.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\msstasks.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\mssys.com 2004-12-06 00:21 0 -csh--r C:\WINDOWS\mstasks1.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\mstaskss.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\ntldr.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\rocky.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\seksdialer.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\system\system.exe 2004-12-06 00:21 0 -csh--r C:\WINDOWS\system\wmscrop.exe 2007-08-06 02:59 1,205,040 --sha-w C:\WINDOWS\system32\cuukntgs.ini2 2007-09-11 21:20 7,720 --sha-w C:\WINDOWS\system32\ghkmp.bak2 2007-09-11 22:17 6,929 --sha-w C:\WINDOWS\system32\ghkmp.ini2 2004-12-06 00:21 0 -csha-r C:\WINDOWS\system32\jac.dll 2004-12-06 00:21 0 -csha-r C:\WINDOWS\system32\mcc.exe 2007-10-05 18:37 693,721 --sha-w C:\WINDOWS\system32\mrdrvxrb.ini2 2007-08-03 05:52 1,205,350 --sha-w C:\WINDOWS\system32\nmgthfuv.ini2 2007-06-09 22:32 1,808,519 --sha-w C:\WINDOWS\system32\qtstv.bak1 2007-06-10 01:17 1,817,826 --sha-w C:\WINDOWS\system32\qtstv.ini2 2007-06-10 02:10 1,808,675 --sha-w C:\WINDOWS\system32\srqss.bak1 2007-10-15 18:38 456,639 --sha-w C:\WINDOWS\system32\vyadd.bak1 2007-11-14 18:22 469,473 --sh--w C:\WINDOWS\system32\vyadd.bak2 2007-11-15 01:17 474,359 --sh--w C:\WINDOWS\system32\vyadd.ini2 2007-07-20 17:11 1,137,044 --sha-w C:\WINDOWS\system32\wfqiiows.ini2 . ------- Sigcheck ------- 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe ----a-w 14,336 2004-08-12 14:06:49 C:\WINDOWS\system32\svchost.exe -c--a-w 14,336 2004-08-12 14:06:49 C:\WINDOWS\system32\dllcache\svchost.exe 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\ws2_32.dll ----a-w 82,944 2004-08-12 14:10:27 C:\WINDOWS\system32\ws2_32.dll -c--a-w 82,944 2004-08-12 14:10:27 C:\WINDOWS\system32\dllcache\ws2_32.dll 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe ----a-w 502,272 2004-08-12 14:09:30 C:\WINDOWS\system32\winlogon.exe -c--a-w 502,272 2004-08-12 14:09:30 C:\WINDOWS\system32\dllcache\winlogon.exe 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys -c--a-w 182,912 2004-08-12 14:01:38 C:\WINDOWS\system32\dllcache\ndis.sys -c--a-w 182,912 2004-08-12 14:01:38 C:\WINDOWS\system32\drivers\ndis.sys 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys -c--a-w 29,056 2004-08-12 13:58:08 C:\WINDOWS\system32\dllcache\ip6fw.sys ----a-w 29,056 2004-08-12 13:58:08 C:\WINDOWS\system32\drivers\ip6fw.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4BBB5BBF-B79B-4635-94C3-9B5B629C3FC3}] 2004-08-12 08:56 105983 --a------ C:\WINDOWS\system32\dmcompo.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-12 08:56 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-12 22:24 68856] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-20 21:36 1207080] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-02-27 11:39 1310720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-09-20 08:35 94208] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-09-20 08:36 114688] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-09-20 08:32 77824] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-26 21:43 282624] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-01-16 09:39 579072] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25 6731312] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [ ] "MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-05-29 20:34 5419008] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-23 21:18 219136] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SRUUninstall"="C:\WINDOWS\system32\msiexec.exe" [2005-03-21 14:00 78848] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-02-27 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=4y1j82lpsrdecdr.dll.dll.dll.dll.dll.dll.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package Menu.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^winlogin.exe] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\winlogin.exe backup=C:\WINDOWS\pss\winlogin.exeCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Adobe Gamma.lnk] path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] --a------ 2005-06-06 22:46 57344 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADUserMon] --a------ 2002-09-24 15:39 147456 C:\Program Files\Iomega\AutoDisk\ADUserMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6] --a------ 2006-05-09 19:24 50760 C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsioReg] --a------ 2004-08-12 09:04 11776 C:\WINDOWS\system32\regsvr32.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDet] --a------ 2002-09-30 01:00 45056 C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] --a------ 2003-02-20 17:45 28672 C:\WINDOWS\system32\CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol] --a------ 2002-10-29 09:18 49152 C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell AIO Printer A920] --a------ 2004-04-15 03:32 270336 C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla] --a--c--- 2004-08-13 01:05 122939 C:\WINDOWS\system32\dla\tfswctrl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher] --------- 2004-08-23 18:19 57344 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] --a------ 2007-05-12 22:25 1831424 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] --a------ 2006-06-20 21:36 1207080 C:\Program Files\Microsoft ActiveSync\wcescomm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] --a------ 2006-05-09 19:24 50760 C:\Program Files\Common Files\AOL\1139706769\ee\AOLSoftware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPHSend] --a------ 2006-02-17 11:59 124520 C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iPodManager] C:\Program Files\iPod\bin\iPodManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2005-12-20 20:54 278528 C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask] --a------ 2006-01-17 12:03 53248 C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM] --a------ 2007-05-29 20:34 5419008 C:\Program Files\MySpace\IM\MySpaceIM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE_OEM] C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe] C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] --------- 2004-04-11 20:15 290816 C:\Program Files\Dell\Media Experience\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2006-09-26 21:43 282624 C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMDeviceManager] C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SB Audigy 2 Startup Menu] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray] C:\Program Files\Spyware Doctor\SDTrayApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2007-05-12 22:24 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor] --a------ 2004-11-15 19:40 95456 C:\PROGRA~1\SYMNET~1\SNDMon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager] --a------ 2004-01-07 01:01 110592 C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] --------- 2000-05-11 00:00 90112 C:\WINDOWS\UpdReg.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "SymWSC"=2 (0x2) "SNDSrvc"=2 (0x2) "SBService"=2 (0x2) "SAVScan"=3 (0x3) "ose"=3 (0x3) "navapsvc"=3 (0x3) "MDM"=2 (0x2) "LexBceS"=2 (0x2) "iPodService"=3 (0x3) "Creative Service for CDROM Access"=2 (0x2) "ccSetMgr"=2 (0x2) "ccProxy"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\LimeWire\\LimeWire 4.0.8\\LimeWire.exe"= "C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "C:\\Program Files\\Common Files\\AOL\\1139706769\\ee\\aolsoftware.exe"= "C:\\Program Files\\Common Files\\AOL\\1139706769\\ee\\aim6.exe"= "C:\\StubInstaller.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"= "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 noittukv;noittukv;C:\WINDOWS\system32\drivers\snkwevbj.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbb48502-36a6-11d9-8ad4-0011114656b0}] \Shell\AutoRun\command - LinksysConnectPC.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-06 19:16:02 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet002\Services\Iomega Activity Disk2] "ImagePath"="\"\"" . Completion time: 2008-03-06 19:17:44 ComboFix-quarantined-files.txt 2008-03-07 00:17:37 ComboFix2.txt 2008-03-06 02:13:32 ComboFix3.txt 2008-03-06 01:49:47 ComboFix4.txt 2008-02-29 05:25:36 . 2008-02-23 22:19:59 --- E O F ---