ComboFix 08-04-01.2 - Crisp Beatz 2008-04-02 15:45:38.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1115 [GMT -8:00]
Running from: E:\Documents and Settings\Crisp Beatz\Desktop\ComboFix.exe
Command switches used :: E:\Documents and Settings\Crisp Beatz\Desktop\CFScript.txt
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
FILE ::
E:\WINDOWS\system32\awttrst.dll.vir
E:\WINDOWS\system32\cpnprt2.cid
E:\WINDOWS\system32\gebyx.Vdll
E:\WINDOWS\system32\tmp530F4.FOT
E:\WINDOWS\system32\tmp610F4.FOT
E:\WINDOWS\system32\tmp991C5.FOT
E:\WINDOWS\system32\tmpA71C5.FOT
E:\WINDOWS\system32\tmpAECB4.FOT
E:\WINDOWS\system32\tmpBCCB4.FOT
E:\WINDOWS\unvise32qt.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
E:\Documents and Settings\All Users\Application Data\Trymedia
E:\Documents and Settings\All Users\Application Data\Trymedia\data\{17FDE588-25BD-DFDE-A8A2-B536EFFD65CA}
E:\Documents and Settings\All Users\Application Data\Trymedia\data\{240598A8-6B27-00B8-C8E7-3E0EEDD4BBFB}
E:\Documents and Settings\All Users\Application Data\Trymedia\data\{38E09088-A2DD-5CC6-F1CB-708920473D78}
E:\Documents and Settings\All Users\Application Data\Trymedia\data\{5F2B522E-71AA-5198-26E3-2104CF3476AD}
E:\Documents and Settings\All Users\Application Data\Trymedia\data\{7EEDF575-897D-D200-B22C-9FD1D08026BD}
E:\Documents and Settings\All Users\Application Data\Trymedia\data\{857292A7-0175-57AD-8855-0F19611B3511}
E:\Documents and Settings\All Users\Application Data\Trymedia\data\{928A04C6-2A22-9626-DC19-B6934ED34D2E}
E:\Documents and Settings\All Users\Application Data\Trymedia\data\{D4A30079-717B-538D-FEE1-3D50EB3413A2}
E:\Documents and Settings\Crisp Beatz\Application Data\inst.exe
E:\Program Files\Coupons
E:\Program Files\Coupons\Coupons.com.url
E:\Program Files\Coupons\uninstall.exe
E:\Program Files\Coupons\Uninstall\IRIMG1.JPG
E:\Program Files\Coupons\Uninstall\IRIMG2.JPG
E:\Program Files\Coupons\Uninstall\IRIMG3.JPG
E:\Program Files\Coupons\Uninstall\IRIMG4.JPG
E:\Program Files\Coupons\Uninstall\IRIMG5.JPG
E:\Program Files\Coupons\Uninstall\IRIMG6.JPG
E:\Program Files\Coupons\Uninstall\IRIMG7.JPG
E:\Program Files\Coupons\Uninstall\IRIMG8.JPG
E:\Program Files\Coupons\Uninstall\uninstall.dat
E:\Program Files\Coupons\Uninstall\uninstall.xml
E:\WINDOWS\system32\awttrst.dll.vir
E:\WINDOWS\system32\cpnprt2.cid
E:\WINDOWS\system32\gebyx.Vdll
E:\WINDOWS\system32\msvcsv60.dll
E:\WINDOWS\system32\tmp530F4.FOT
E:\WINDOWS\system32\tmp610F4.FOT
E:\WINDOWS\system32\tmp991C5.FOT
E:\WINDOWS\system32\tmpA71C5.FOT
E:\WINDOWS\system32\tmpAECB4.FOT
E:\WINDOWS\system32\tmpBCCB4.FOT
E:\WINDOWS\unvise32qt.exe
.
((((((((((((((((((((((((( Files Created from 2008-03-02 to 2008-04-02 )))))))))))))))))))))))))))))))
.
2008-04-02 07:21 . 2008-04-02 07:21
d-------- E:\Program Files\VSO
2008-04-02 07:21 . 2008-04-02 07:25 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Vso
2008-04-02 07:21 . 2004-05-04 11:53 1,645,320 --a------ E:\WINDOWS\gdiplus.dll
2008-04-02 07:21 . 2006-05-20 16:16 1,184,984 --a------ E:\WINDOWS\system32\wvc1dmod.dll
2008-04-02 07:21 . 2006-05-11 19:21 626,688 --a------ E:\WINDOWS\system32\vp7vfw.dll
2008-04-02 07:21 . 2006-09-29 12:24 217,127 --a------ E:\WINDOWS\system32\drv43260.dll
2008-04-02 07:21 . 2006-09-29 12:25 208,935 --a------ E:\WINDOWS\system32\drv33260.dll
2008-04-02 07:21 . 2006-09-29 12:26 176,165 --a------ E:\WINDOWS\system32\drv23260.dll
2008-04-02 07:21 . 2007-03-18 20:37 65,602 --a------ E:\WINDOWS\system32\cook3260.dll
2008-04-02 07:21 . 2008-04-02 07:21 47,360 --a------ E:\WINDOWS\system32\drivers\pcouffin.sys
2008-04-02 07:21 . 2008-04-02 07:21 47,360 --a------ E:\Documents and Settings\Crisp Beatz\Application Data\pcouffin.sys
2008-04-01 20:13 . 2008-04-01 20:15 d-------- E:\Program Files\Common Files\Ahead
2008-04-01 19:04 . 2008-04-01 19:04 d-------- E:\Program Files\M-Audio
2008-04-01 15:05 . 2008-04-02 12:05 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Ahead
2008-04-01 15:02 . 2008-04-01 15:02 d-------- E:\Program Files\Nero
2008-03-31 18:51 . 2008-02-22 02:33 69,632 --a------ E:\WINDOWS\system32\javacpl.cpl
2008-03-31 18:50 . 2008-03-31 18:51 d-------- E:\Program Files\Java
2008-03-31 18:50 . 2008-03-31 18:50 d-------- E:\Program Files\Common Files\Java
2008-03-31 05:51 . 2008-03-31 05:51 d--hs---- E:\WINDOWS\ftpcache
2008-03-31 05:50 . 2008-03-31 05:51 d-------- E:\Program Files\Diego`s Wolf Pup Rescue
2008-03-30 06:09 . 2008-03-30 06:09 d-------- E:\Program Files\Trend Micro
2008-03-29 20:34 . 2008-04-02 07:28 69 --a------ E:\WINDOWS\NeroDigital.ini
2008-03-27 07:30 . 2008-03-27 07:30 1,181,022 --a------ E:\WINDOWS\system32\TmpA11162781
2008-03-27 05:27 . 2008-03-27 05:27 d---s---- E:\Documents and Settings\Crisp Beatz\UserData
2008-03-25 12:59 . 2008-03-25 12:59 d-------- E:\Program Files\WildGames
2008-03-25 12:59 . 2008-03-25 12:59 d-------- E:\Documents and Settings\All Users\Application Data\WildTangent
2008-03-24 03:26 . 2008-03-24 03:26 d-------- E:\VundoFix Backups
2008-03-21 13:02 . 2008-03-21 13:02 53 --a------ E:\WINDOWS\WININIT.INI
2008-03-21 13:02 . 2008-03-21 13:02 0 --a------ E:\WINDOWS\SETUP32.INI
2008-03-17 17:34 . 2008-03-17 17:34 d-------- E:\Program Files\WinAVIVideoConverter
2008-03-17 07:18 . 2008-03-17 07:18 d-------- E:\WINDOWS\Cache
2008-03-15 15:03 . 2008-03-15 15:03 d-------- E:\Program Files\Flux
2008-03-15 14:45 . 2008-03-15 14:45 d-------- E:\Documents and Settings\All Users\Application Data\Yahoo!
2008-03-15 14:44 . 2008-03-15 14:44 d-------- E:\Program Files\Yahoo!
2008-03-14 18:00 . 2002-07-07 14:14 1,294,336 --a------ E:\WINDOWS\system32\vorbis.acm
2008-03-14 17:58 . 2008-03-17 17:40 d-------- E:\Program Files\Image-Line
2008-03-13 06:35 . 2008-03-13 06:35 d-------- E:\Documents and Settings\All Users\Application Data\LightScribe
2008-03-13 06:29 . 2008-03-17 21:31 d-------- E:\Program Files\Common Files\LightScribe
2008-03-13 06:24 . 2008-03-13 06:24 d-------- E:\Documents and Settings\All Users\Application Data\Ahead
2008-03-10 17:42 . 2008-03-10 17:42 d-------- E:\Program Files\The Rosetta Stone
2008-03-10 17:41 . 2008-03-10 17:41 d--h----- E:\WINDOWS\PIF
2008-03-10 06:53 . 2008-03-12 13:21 54,156 --ah----- E:\WINDOWS\QTFont.qfn
2008-03-10 06:53 . 2008-03-12 13:21 1,409 --a------ E:\WINDOWS\QTFont.for
2008-03-10 06:01 . 2008-03-10 14:14 d-------- E:\Documents and Settings\All Users\Application Data\Apple Computer
2008-03-09 21:43 . 2008-03-09 21:43 427 --a------ E:\WINDOWS\system32\QuickTimeFavorites.qtr
2008-03-09 21:42 . 2008-03-10 17:44 9,792 --a------ E:\WINDOWS\system32\QuickTime.qtp
2008-03-09 19:26 . 2008-03-14 14:39 1,256 --a------ E:\WINDOWS\teachpno.ini
2008-03-09 19:26 . 2008-03-09 19:26 839 --a------ E:\WINDOWS\jamkeys.ini
2008-03-09 19:26 . 2008-03-09 19:26 310 --a------ E:\WINDOWS\ARCADE.INI
2008-03-09 19:26 . 2008-03-09 19:26 297 --a------ E:\WINDOWS\recorsta.ini
2008-03-09 19:26 . 2008-03-09 19:26 24 --a------ E:\WINDOWS\jam.ini
2008-03-09 19:25 . 2008-03-09 19:25 d-------- E:\Program Files\Voyetra
2008-03-09 12:09 . 2008-03-09 12:24 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Apple Computer
2008-03-09 12:03 . 2008-03-09 12:54 d----c--- E:\WINDOWS\system32\DRVSTORE
2008-03-09 11:38 . 2008-03-09 11:38 d-------- E:\Documents and Settings\All Users\Application Data\QuickTime
2008-03-09 11:16 . 2008-03-09 11:16 d-------- E:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-03-05 22:22 . 2008-03-05 22:22 d-------- E:\Program Files\Recycle
2008-03-05 22:22 . 2004-02-07 01:48 331,263 --a------ E:\WINDOWS\LOOP.exe
2008-03-04 15:37 . 2008-03-04 15:37 d-------- E:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-03-03 05:32 . 2008-03-03 05:32 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Media Player Classic
2008-03-03 05:30 . 2008-03-03 05:30 d-------- E:\Program Files\K-Lite Codec Pack
2008-03-02 13:12 . 2008-03-02 13:12 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Hewlett-Packard
2008-03-02 13:10 . 2004-08-03 22:58 15,104 --a------ E:\WINDOWS\system32\drivers\usbscan.sys
2008-03-02 13:10 . 2004-08-03 22:58 15,104 --a--c--- E:\WINDOWS\system32\dllcache\usbscan.sys
2008-03-02 12:46 . 2008-03-02 12:46 d-------- E:\Program Files\Common Files\Hewlett-Packard
2008-03-02 12:44 . 2008-03-02 12:45 d-------- E:\Program Files\Hewlett-Packard
2008-03-02 12:42 . 2008-03-02 13:11 19,558 --a------ E:\WINDOWS\hpoins01.dat
2008-03-02 12:42 . 2003-04-22 10:24 16,606 --------- E:\WINDOWS\hpomdl01.dat
2008-03-02 12:41 . 2008-03-02 12:42 d-------- E:\temp\HP All-in-One Series Web Release
2008-03-02 12:41 . 2008-03-02 12:41 d-------- E:\temp
2008-03-02 10:37 . 2008-03-09 21:55 d-------- E:\Program Files\BFG
2008-03-02 06:43 . 2008-03-02 06:43 d-------- E:\Documents and Settings\Crisp Beatz\Application Data\Comodo
2008-03-02 06:43 . 2008-03-02 06:43 d-------- E:\Documents and Settings\All Users\Application Data\Comodo
2008-03-02 06:40 . 2008-03-05 21:40 d-------- E:\Program Files\Comodo
2008-03-02 06:39 . 2004-08-03 23:01 25,856 --a------ E:\WINDOWS\system32\drivers\usbprint.sys
2008-03-02 06:39 . 2004-08-03 23:01 25,856 --a--c--- E:\WINDOWS\system32\dllcache\usbprint.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-02 16:21 --------- d-----w E:\Program Files\Ableton
2008-04-02 16:04 --------- d-----w E:\Documents and Settings\Crisp Beatz\Application Data\Ableton
2008-04-02 12:59 --------- d-----w E:\Documents and Settings\Crisp Beatz\Application Data\BitTorrent
2008-04-02 04:13 --------- d-----w E:\Documents and Settings\All Users\Application Data\Nero
2008-04-02 03:07 --------- d--h--w E:\Program Files\InstallShield Installation Information
2008-04-02 03:01 --------- d-----w E:\Program Files\M-Audio MA_CMIDI
2008-03-14 20:18 --------- d-----w E:\Program Files\Steinberg
2008-03-13 14:03 --------- d-----w E:\Program Files\Common Files\Adobe
2008-03-06 06:23 --------- d-----w E:\Documents and Settings\Crisp Beatz\Application Data\Propellerhead Software
2008-03-06 06:23 --------- d-----w E:\Documents and Settings\All Users\Application Data\Propellerhead Software
2008-03-02 15:10 --------- d-----w E:\Program Files\ESET
2008-03-02 04:57 --------- d-----w E:\Program Files\Kjaerhus Audio
2008-03-02 04:56 --------- d-----w E:\Program Files\VAZ Modular
2008-03-02 04:51 --------- d-----w E:\Program Files\URS Plugins
2008-03-02 04:05 --------- d-----w E:\Program Files\DNA
2008-03-02 04:01 --------- d-----w E:\Documents and Settings\Crisp Beatz\Application Data\DNA
2008-03-02 03:58 512,096 ----a-w E:\WINDOWS\system32\drivers\amon.sys
2008-03-02 03:58 298,104 ----a-w E:\WINDOWS\system32\imon.dll
2008-03-02 03:58 15,424 ----a-w E:\WINDOWS\system32\drivers\nod32drv.sys
2008-03-02 02:48 --------- d-----w E:\Documents and Settings\Crisp Beatz\Application Data\Steinberg
2008-03-01 22:47 --------- d-----w E:\Documents and Settings\Crisp Beatz\Application Data\Nero
2008-03-01 22:28 --------- d-----w E:\Program Files\KLC
2008-03-01 22:11 --------- d-----w E:\Program Files\Common Files\Nero
2008-03-01 21:37 --------- d-----w E:\Program Files\Syncrosoft
2008-03-01 21:28 --------- d-----w E:\Program Files\Native Instruments
2008-03-01 21:11 --------- d-----w E:\Program Files\Propellerhead
2008-03-01 21:08 --------- d-----w E:\Program Files\Creative
2008-03-01 20:59 --------- d-----w E:\Program Files\Common Files\InstallShield
2008-03-01 20:24 --------- d-----w E:\Program Files\MagicISO
2008-03-01 20:21 --------- d-----w E:\Program Files\microsoft frontpage
2008-03-01 20:14 --------- d-----w E:\Program Files\MagicDisc
2008-03-01 19:29 --------- d-----w E:\Program Files\AAS
2008-03-01 19:29 --------- d-----w E:\Documents and Settings\Crisp Beatz\Application Data\Applied Acoustics Systems
2008-03-01 19:28 --------- d-----w E:\Program Files\MU Technologies
2008-03-01 19:08 --------- d-----w E:\Program Files\IK Multimedia
2008-03-01 19:08 --------- d-----w E:\Program Files\Common Files\DigiDesign
2008-03-01 19:08 --------- d-----w E:\Documents and Settings\Crisp Beatz\Application Data\InstallShield
2008-03-01 19:08 --------- d-----w E:\Documents and Settings\All Users\Application Data\IK Multimedia
2008-03-01 18:54 --------- d-----w E:\Program Files\Common Files\Adobe Systems Shared
2008-03-01 18:47 368,640 ------w E:\WINDOWS\system32\ReWire.dll
2008-03-01 18:47 233,472 ------w E:\WINDOWS\system32\REX Shared Library.dll
2008-03-01 18:39 --------- d-----w E:\Program Files\BitTorrent
2008-01-10 21:16 159,839 ----a-w E:\WINDOWS\system32\xvidvfw.dll
2008-01-10 21:15 755,027 ----a-w E:\WINDOWS\system32\xvidcore.dll
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of E:\WINDOWS\system32\TmpA11162781 ----
E:\WINDOWS\system32\TmpA11162781\
((((((((((((((((((((((((((((( snapshot@2008-04-02_ 5.11.01.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 1998-03-09 04:28:54 273,408 ----a-w E:\WINDOWS\system32\Pncrt.dll
+ 2004-08-04 07:08:00 60,288 ----a-w E:\WINDOWS\system32\ReinstallBackups\[u]0[/u]006\DriverFiles\i386\drmk.sys
+ 2004-08-04 07:15:22 140,928 ----a-w E:\WINDOWS\system32\ReinstallBackups\[u]0[/u]006\DriverFiles\i386\ks.sys
+ 2004-08-04 08:56:44 4,096 ----a-w E:\WINDOWS\system32\ReinstallBackups\[u]0[/u]006\DriverFiles\i386\ksuser.dll
+ 2004-08-04 07:15:50 145,792 ----a-w E:\WINDOWS\system32\ReinstallBackups\[u]0[/u]006\DriverFiles\i386\portcls.sys
+ 2004-08-04 07:08:04 48,640 ----a-w E:\WINDOWS\system32\ReinstallBackups\[u]0[/u]006\DriverFiles\i386\stream.sys
+ 2004-08-04 07:07:56 59,264 ----a-w E:\WINDOWS\system32\ReinstallBackups\[u]0[/u]006\DriverFiles\i386\USBAUDIO.sys
+ 2004-08-04 08:56:58 23,552 ----a-w E:\WINDOWS\system32\ReinstallBackups\[u]0[/u]006\DriverFiles\i386\wdmaud.drv
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SB Audigy 2 Startup Menu"="E:\Program Files\Creative\SBAudigy2\Program\Startup Menu\Audigy.exe" [2002-09-23 01:08 2752822]
"BitTorrent DNA"="E:\Program Files\DNA\btdna.exe" [ ]
"LightScribe Control Panel"="E:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]
"Yahoo! Pager"="E:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 17:43 4670704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 03:00 33280 E:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2007-12-04 22:41 1626112 E:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 03:00 33280 E:\WINDOWS\system32\rundll32.exe]
"CTSysVol"="E:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-09-11 11:04 53248]
"CTDVDDet"="E:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-08-13 01:00 40960]
"CTHelper"="CTHELPER.EXE" [2002-09-02 18:55 24576 E:\WINDOWS\system32\CTHELPER.EXE]
"UpdReg"="E:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"CTStartup"="E:\Program Files\Creative\Splash Screen\CTEaxSpl.exe" [2002-09-13 01:04 49152]
"H2O"="E:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-12-18 14:18 307200]
"nod32kui"="E:\Program Files\Eset\nod32kui.exe" [2008-03-01 19:58 949376]
"COMODO Firewall Pro"="E:\Program Files\Comodo\Firewall\CPF.exe" [2008-03-05 21:40 1115728]
"Adobe Reader Speed Launcher"="E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SunJavaUpdateSched"="E:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"NeroFilterCheck"="E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
E:\Documents and Settings\Crisp Beatz\Start Menu\Programs\Startup\
Adobe Gamma.lnk - E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664]
MagicDisc.lnk - E:\Program Files\MagicDisc\MagicDisc.exe [2008-03-01 12:13:53 557568]
E:\Documents and Settings\All Users\Start Menu\Programs\Startup\
hp psc 2000 Series.lnk - E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2003-04-09 17:41:38 323646]
hpoddt01.exe.lnk - E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-09 18:11:12 28672]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"E:\\Program Files\\BitTorrent\\bittorrent.exe"=
"E:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"E:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
R3 CLEDX;Team H2O CLEDX service;E:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 20:08]
R3 ctgame;Game Port;E:\WINDOWS\system32\DRIVERS\ctgame.sys [2002-08-04 23:51]
R3 MA_CMIDI;M-Audio USB Driver;E:\WINDOWS\system32\drivers\ma_cmidi.sys [2006-08-16 09:23]
S3 SetupNTGLM7X;SetupNTGLM7X;F:\NTGLM7X.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3bb1007a-e77d-11dc-a4d6-806d6172696f}]
\Shell\AutoRun\command - D:\setup.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-04-02 21:12:02 E:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1204492288.job"
- E:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
"2008-04-02 23:05:49 E:\WINDOWS\Tasks\WebReg 20080402150549.job"
- E:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqwrg.exeS/TaskName 20080402150549 /N
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-02 15:46:53
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = "E:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE" /run?2??wd??????w?????????>??????h?@?x??????wD??????sx??s6s??????y??w????@@@????|D@@?????>??w?????82?H??????|???|???????|L(?s?82??????/?s????????D???????????????????,????????????+?s@@@?D???`|?w??????@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-04-02 15:47:25
ComboFix-quarantined-files.txt 2008-04-02 23:47:17
ComboFix2.txt 2008-04-02 13:11:20
Pre-Run: 94,227,267,584 bytes free
Post-Run: 94,214,115,328 bytes free