ComboFix 10-04-26.05 - Nix 27/04/2010 20:20:27.3.2 - x86 NETWORK Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1761 [GMT 1:00] Running from: c:\documents and settings\Nix\Desktop\ComboFix.exe AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((( Files Created from 2010-03-27 to 2010-04-27 ))))))))))))))))))))))))))))))) . 2010-04-27 18:00 . 2008-04-13 16:44 2560 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\USMT\iconlib.dll 2010-04-27 17:39 . 2010-04-27 17:39 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-04-26 19:24 . 2008-06-12 10:09 33088 ----a-w- c:\documents and settings\Nix\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-04-26 18:56 . 2010-04-27 18:45 -------- d-----w- c:\program files\Microsoft Silverlight 2010-04-26 16:46 . 2010-04-26 16:46 -------- d-----w- c:\documents and settings\Nix\Application Data\AVG8 2010-04-26 09:37 . 2010-04-26 09:37 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2010-04-26 07:51 . 2010-04-26 17:50 5542592 ----a-w- c:\documents and settings\All Users\Application Data\Comodo Downloader\hopsurf.exe 2010-04-26 07:46 . 2010-04-27 17:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo Downloader 2010-04-24 07:32 . 2010-04-24 07:32 -------- d-----w- c:\documents and settings\Nix\Application Data\Nokia Ovi Suite 2010-04-24 07:23 . 2010-04-24 07:30 -------- d-----w- c:\documents and settings\Nix\Local Settings\Application Data\Nokia 2010-04-24 07:22 . 2010-04-27 19:12 -------- d-----w- c:\documents and settings\Nix\Local Settings\Application Data\NokiaAccount 2010-04-24 07:03 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2010-04-24 07:03 . 2010-04-24 07:03 -------- d-----w- c:\program files\PC Connectivity Solution 2010-04-24 07:03 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys 2010-04-24 07:03 . 2009-12-30 10:30 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys 2010-04-24 07:03 . 2009-12-30 10:30 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys 2010-04-24 07:03 . 2010-01-21 13:53 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys 2010-04-24 07:03 . 2009-12-30 10:30 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll 2010-04-24 07:03 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll 2010-04-24 06:57 . 2010-04-24 07:26 -------- d-----w- c:\windows\system32\drivers\UMDF 2010-04-24 06:57 . 2010-04-24 06:57 -------- d-----w- c:\windows\system32\LogFiles 2010-04-24 06:56 . 2010-04-24 06:56 12212040 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe 2010-04-24 06:56 . 2010-04-24 06:56 13930312 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe 2010-04-24 06:56 . 2010-04-24 06:56 77824 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe 2010-04-24 06:56 . 2010-04-24 06:56 61440 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx86.exe 2010-04-24 06:56 . 2010-04-24 06:56 58880 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\WMF11Runx64.exe 2010-04-24 06:56 . 2010-04-24 06:56 50000 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe 2010-04-24 06:56 . 2010-04-24 06:55 98366952 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Nokia_Ovi_Suite_webinstaller_ALL.exe 2010-04-24 06:56 . 2010-04-24 06:56 -------- d-----w- c:\documents and settings\All Users\Application Data\OviInstallerCache 2010-04-22 05:36 . 2010-04-22 05:36 242696 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtdix.sys 2010-04-22 05:36 . 2010-04-22 05:36 1689952 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll 2010-04-22 05:26 . 2010-04-22 05:26 -------- d-----w- c:\documents and settings\Nix\Application Data\AVG9 2010-04-19 22:15 . 2010-04-19 22:15 -------- d-----w- c:\program files\ParetoLogic 2010-04-19 22:15 . 2010-04-19 22:15 -------- d-----w- c:\documents and settings\All Users\Application Data\FileCure 2010-04-08 23:36 . 2010-04-08 23:36 2633728 ---ha-w- C:\SZKGFS.dat 2010-04-08 18:23 . 2010-04-08 18:23 -------- d-----w- c:\program files\Common Files\Adobe 2010-04-04 07:15 . 2010-04-04 07:15 4255072 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll 2010-04-02 23:44 . 2010-04-13 07:49 -------- d-----w- c:\documents and settings\All Users\Application Data\SITEguard 2010-04-02 23:42 . 2010-04-02 23:42 -------- d-----w- c:\program files\STOPzilla! 2010-04-02 23:42 . 2010-04-02 23:42 -------- d-----w- c:\program files\Common Files\iS3 2010-04-02 23:42 . 2010-04-27 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\STOPzilla! 2010-04-02 19:17 . 2010-04-02 19:17 74760 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\UniversalDD.sys 2010-04-02 19:17 . 2010-04-02 19:17 333192 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgldx86.sys 2010-04-02 19:17 . 2010-04-02 19:17 30216 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\AVGIDSFilter.sys 2010-04-02 19:17 . 2010-04-02 19:17 28424 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgmfx86.sys 2010-04-02 19:17 . 2010-04-02 19:17 25736 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\AVGIDSShim.sys 2010-04-02 19:17 . 2010-04-02 19:17 25608 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\AVGIDSxx.sys 2010-04-02 19:17 . 2010-04-02 19:17 122376 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\AVGIDSDriver.sys 2010-04-02 19:16 . 2010-04-02 19:16 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-04-02 19:09 . 2010-04-02 18:47 1007896 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe 2010-04-02 19:09 . 2010-04-02 18:47 800536 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avginet.dll 2010-04-02 19:09 . 2010-04-02 18:47 613656 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgiproxy.exe 2010-04-02 18:48 . 2010-04-02 19:22 -------- d-----w- C:\$AVG 2010-04-02 18:47 . 2010-04-02 19:16 25096 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys 2010-04-02 18:46 . 2010-04-02 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9 2010-04-02 18:46 . 2010-04-02 18:50 -------- d-----w- c:\windows\SxsCaPendDel 2010-04-02 18:40 . 2010-01-25 13:28 3777816 ----a-w- c:\documents and settings\All Users\Application Data\Temp\AVG\setup.exe 2010-04-02 18:39 . 2010-04-02 18:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Temp . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-27 19:07 . 2010-03-27 18:15 1324 ----a-w- c:\windows\system32\d3d9caps.dat 2010-04-27 19:00 . 2009-07-18 08:24 -------- d-----w- c:\documents and settings\Nix\Application Data\Spotify 2010-04-27 17:39 . 2008-08-10 13:49 -------- d-----w- c:\documents and settings\Nix\Application Data\Comodo 2010-04-26 08:00 . 2008-08-10 13:49 -------- d-----w- c:\program files\COMODO 2010-04-24 07:32 . 2009-03-11 08:53 -------- d-----w- c:\documents and settings\Nix\Application Data\Nokia 2010-04-24 07:05 . 2009-03-11 08:27 -------- d-----w- c:\program files\Common Files\Nokia 2010-04-24 07:04 . 2009-03-11 08:27 -------- d-----w- c:\program files\Nokia 2010-04-22 05:36 . 2009-09-14 22:54 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-04-02 19:16 . 2008-08-12 18:03 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-04-02 19:16 . 2008-08-12 18:03 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-04-02 18:46 . 2008-08-12 18:03 -------- d-----w- c:\program files\AVG 2010-04-02 17:47 . 2009-03-11 08:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2010-04-02 11:13 . 2009-07-11 12:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2010-03-31 23:25 . 2009-07-11 12:58 -------- d-----w- c:\program files\Common Files\Symantec Shared 2010-03-10 20:37 . 2008-08-10 14:32 65016 -c--a-w- c:\documents and settings\Nix\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-03-10 16:58 . 2010-03-10 16:50 -------- d-----w- c:\program files\Microsoft 2010-03-10 16:58 . 2008-08-13 19:07 -------- d-----w- c:\program files\Windows Live 2010-03-10 16:57 . 2010-03-10 16:57 -------- d-----w- c:\program files\Microsoft Sync Framework 2010-03-10 16:56 . 2010-03-10 16:56 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-03-10 16:50 . 2010-03-10 16:50 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-03-10 16:44 . 2010-03-10 16:44 -------- d-----w- c:\program files\Common Files\Windows Live 2010-03-10 06:15 . 2004-08-04 10:00 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-03-05 17:16 . 2010-03-05 17:16 17408 ----a-r- c:\windows\system32\SZIO5.dll 2010-03-05 17:14 . 2010-03-05 17:14 442368 ----a-r- c:\windows\system32\SZBase5.dll 2010-03-05 17:13 . 2010-03-05 17:13 540672 ----a-r- c:\windows\system32\SZComp5.dll 2010-02-25 06:24 . 2006-03-04 03:33 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 14:06 . 2010-02-24 14:06 173328 ----a-r- c:\windows\system32\drivers\SZKGFS.sys 2010-02-24 13:11 . 2004-08-04 10:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-02-16 14:08 . 2005-03-30 01:21 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-02-16 13:25 . 2005-03-30 01:01 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-02-12 10:03 . 2010-03-23 18:29 293376 ------w- c:\windows\system32\browserchoice.exe 2010-02-12 04:33 . 2004-08-04 10:00 100864 ----a-w- c:\windows\system32\6to4svc.dll 2010-02-11 12:02 . 2004-08-04 10:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys 2010-01-28 20:20 . 2010-01-28 20:20 664 -c--a-w- c:\documents and settings\joe\Local Settings\Application Data\d3d9caps.dat . ((((((((((((((((((((((((((((( SnapShot@2010-04-26_09.30.23 ))))))))))))))))))))))))))))))))))))))))) . + 2008-08-10 21:16 . 2010-04-26 18:59 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2008-08-10 21:16 . 2010-04-24 22:49 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2010-04-26 09:37 . 2010-04-26 09:37 16384 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT + 2010-04-26 09:37 . 2010-04-26 09:37 65016 c:\windows\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT + 2010-04-26 09:37 . 2010-04-26 09:37 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat - 2008-08-10 21:16 . 2010-04-24 22:49 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2010-04-26 19:06 . 2010-04-26 18:59 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat + 2010-04-26 18:56 . 2010-04-26 18:56 51712 c:\windows\Installer\5ceed9.msi + 2010-04-27 17:32 . 2010-04-27 17:39 1382608 c:\windows\system32\Restore\rstrlog.dat + 2009-01-15 02:35 . 2009-01-15 02:35 4830720 c:\windows\Installer\5ceedf.msp + 2010-04-27 18:45 . 2010-04-27 18:45 15710720 c:\windows\Installer\2b791b.msp . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-11-25 12:02 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-23 68856] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-02-24 385928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-16 142104] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-16 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-16 138008] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2005-07-08 176128] "HPHUPD05"="c:\program files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe" [2005-07-08 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2003-12-05 49152] "HPHmon05"="c:\windows\system32\hphmon05.exe" [2005-07-08 491520] "RTHDCPL"="RTHDCPL.EXE" [2007-04-26 16132608] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Nix\Start Menu\Programs\Startup\ Mamut Teamwork.lnk - c:\documents and settings\Nix\Application Data\Microsoft\Installer\{B1A0C792-C497-44AD-8030-A46A9D4A2792}\_2cd672ae.exe [2008-8-10 3638] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-04-02 19:16 12464 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-07-26 16:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Spotify\\spotify.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG9\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"= "c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"= "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"= R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [02/04/2010 19:47 25096] R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [07/12/2009 17:59 61328] R0 szkgfs;szkgfs;c:\windows\system32\drivers\SZKGFS.sys [24/02/2010 15:06 173328] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [14/09/2009 23:54 242896] R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [19/02/2010 17:00 148744] S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [07/12/2009 17:59 61328] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/08/2008 19:03 216200] S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [02/04/2010 20:16 308064] S2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [02/04/2010 20:16 5888008] S3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [02/04/2010 19:47 122376] S3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [02/04/2010 19:47 30216] S3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [02/04/2010 19:46 26120] . Contents of the 'Scheduled Tasks' folder 2010-04-27 c:\windows\Tasks\HP Usg Daily.job - c:\program files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\pexpress\hphped05.exe [2008-08-12 04:55] 2010-04-27 c:\windows\Tasks\User_Feed_Synchronization-{18A24862-B84A-4F07-9466-8E73564ED41C}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-27 20:24 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(364) c:\windows\system32\WININET.dll . Completion time: 2010-04-27 20:26:15 ComboFix-quarantined-files.txt 2010-04-27 19:26 ComboFix2.txt 2010-04-26 17:08 ComboFix3.txt 2010-04-26 09:31 Pre-Run: 294,967,214,080 bytes free Post-Run: 295,241,351,168 bytes free - - End Of File - - 85DE5B9A1166FE5A0B1E612DB16C5054