ComboFix 08-06-16.5 - Gang 2008-06-17 18:42:55.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.936.86.1033.18.58 [GMT -4:00]
Running from: C:\Documents and Settings\Gang\Desktop\Combo-Fix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CnsMin.zip
C:\Documents and Settings\Gang\Application Data\macromedia\Flash Player\#SharedObjects\TUZFUNDX\www.inter-focus.cn
C:\Documents and Settings\Gang\Application Data\macromedia\Flash Player\#SharedObjects\TUZFUNDX\www.inter-focus.cn\flashad-v5-stop_firstput_mute.swf\IFFLASHAD.sol
C:\Documents and Settings\Gang\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.inter-focus.cn
C:\Documents and Settings\Gang\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.inter-focus.cn\settings.sol
C:\Documents and Settings\Gang\Local Settings\Temporary Internet Files\Tvm.log
C:\WINDOWS\inf\MSView.inf
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\Cache
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\289921.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdm.exe
C:\WINDOWS\system32\uninstall.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SROSA
((((((((((((((((((((((((( Files Created from 2008-05-17 to 2008-06-17 )))))))))))))))))))))))))))))))
.
2008-06-16 17:48 . 2004-08-04 03:56 116,224 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxwiadr.dll
2008-06-16 17:48 . 2001-08-17 22:37 99,865 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xlog.exe
2008-06-16 17:48 . 2001-08-17 22:37 27,648 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxftplt.exe
2008-06-16 17:48 . 2001-08-17 22:36 23,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxwbtmp.dll
2008-06-16 17:48 . 2001-08-17 22:36 17,408 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxscnui.dll
2008-06-16 17:48 . 2001-08-17 22:37 4,608 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xrxflnch.exe
2008-06-16 17:47 . 2001-08-17 13:28 771,581 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\winacisa.sys
2008-06-16 17:47 . 2002-08-29 01:59 154,624 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wlluc48.sys
2008-06-16 17:47 . 2001-08-17 22:36 87,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wiafbdrv.dll
2008-06-16 17:47 . 2001-08-17 22:36 53,760 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wiamsmud.dll
2008-06-16 17:47 . 2001-08-17 12:12 34,890 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wlandrv2.sys
2008-06-16 17:47 . 2004-08-04 01:29 19,455 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wvchntxx.sys
2008-06-16 17:47 . 2001-08-17 12:11 16,970 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xem336n5.sys
2008-06-16 17:47 . 2004-08-04 01:29 12,063 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wsiintxx.sys
2008-06-16 17:47 . 2004-08-04 02:07 8,832 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wmiacpi.sys
2008-06-16 17:47 . 2004-08-04 03:56 8,192 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\wshirda.dll
2008-06-16 17:45 . 2001-08-17 13:28 765,884 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usrti.sys
2008-06-16 17:45 . 2001-08-17 13:28 687,999 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usrwdxjs.sys
2008-06-16 17:45 . 2001-08-17 13:28 604,253 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\vmodem.sys
2008-06-16 17:45 . 2001-08-17 13:28 397,502 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\vpctcom.sys
2008-06-16 17:45 . 2001-08-17 12:14 249,402 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\vinwm.sys
2008-06-16 17:45 . 2001-08-17 13:28 224,802 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usr1807a.sys
2008-06-16 17:45 . 2001-08-17 13:28 113,762 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usrpda.sys
2008-06-16 17:45 . 2001-08-17 13:49 24,576 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\viairda.sys
2008-06-16 17:45 . 2001-08-17 13:28 7,556 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\usroslba.sys
2008-06-16 17:43 . 2001-08-17 22:36 525,568 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tridxp.dll
2008-06-16 17:43 . 2001-08-17 14:56 440,576 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tridkb.dll
2008-06-16 17:43 . 2001-08-17 22:36 216,064 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\um34scan.dll
2008-06-16 17:43 . 2001-08-17 22:36 211,968 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\um54scan.dll
2008-06-16 17:43 . 2001-08-17 12:51 166,784 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tridxpm.sys
2008-06-16 17:43 . 2001-08-17 12:51 159,232 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tridkbm.sys
2008-06-16 17:43 . 2001-08-17 22:36 50,176 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\umaxp60.dll
2008-06-16 17:43 . 2001-08-17 22:36 47,616 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\umaxcam.dll
2008-06-16 17:43 . 2001-08-17 13:58 22,912 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\umaxpcls.sys
2008-06-16 17:43 . 2001-08-17 13:48 11,520 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\twotrack.sys
2008-06-16 17:42 . 2001-08-17 14:56 315,520 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\trid3d.dll
2008-06-16 17:42 . 2001-08-17 14:01 241,664 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tosdvd02.sys
2008-06-16 17:42 . 2001-08-17 14:02 230,912 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tosdvd03.sys
2008-06-16 17:42 . 2001-08-17 12:51 222,336 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\trid3dm.sys
2008-06-16 17:42 . 2001-08-17 12:14 123,995 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tjisdn.sys
2008-06-16 17:42 . 2004-08-04 03:56 82,432 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tp4mon.exe
2008-06-16 17:42 . 2001-08-17 22:35 42,496 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tp4res.dll
2008-06-16 17:42 . 2001-08-17 12:12 34,375 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tpro4.sys
2008-06-16 17:42 . 2001-08-17 22:36 31,744 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tp4.dll
2008-06-16 17:42 . 2001-08-17 12:10 28,232 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tos4mo.sys
2008-06-16 17:41 . 2004-08-04 02:00 149,376 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tffsport.sys
2008-06-16 17:41 . 2001-08-17 12:51 138,528 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tgiulnt5.sys
2008-06-16 17:41 . 2001-08-17 14:56 81,408 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tgiul50.dll
2008-06-16 17:41 . 2001-08-17 12:13 37,961 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tdk100b.sys
2008-06-16 17:41 . 2001-08-17 12:50 36,640 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\t2r4mini.sys
2008-06-16 17:41 . 2001-08-17 13:49 30,464 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tbatm155.sys
2008-06-16 17:41 . 2001-08-17 12:13 17,129 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tdkcd31.sys
2008-06-16 17:41 . 2001-08-17 13:52 7,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\tandqic.sys
2008-06-16 17:40 . 2001-08-17 14:56 172,768 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\t2r4disp.dll
2008-06-16 17:40 . 2001-08-17 22:36 155,648 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\stlnprop.dll
2008-06-16 17:40 . 2001-08-17 13:50 103,936 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sx.sys
2008-06-16 17:40 . 2001-08-17 22:36 94,293 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sxports.dll
2008-06-16 17:40 . 2001-08-17 22:36 53,760 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sw_wheel.dll
2008-06-16 17:40 . 2001-08-17 22:36 53,248 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\stlncoin.dll
2008-06-16 17:40 . 2001-08-17 22:36 41,472 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sw_effct.dll
2008-06-16 17:40 . 2001-08-17 22:36 10,240 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\swpidflt.dll
2008-06-16 17:40 . 2001-08-17 22:36 10,240 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\swpdflt2.dll
2008-06-16 17:40 . 2001-08-17 14:02 3,968 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\swusbflt.sys
2008-06-16 17:39 . 2001-08-17 12:18 285,760 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\stlnata.sys
2008-06-16 17:39 . 2001-08-17 22:36 106,584 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\spdports.dll
2008-06-16 17:39 . 2001-08-17 22:36 99,328 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\srusd.dll
2008-06-16 17:39 . 2001-08-17 13:51 61,824 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\speed.sys
2008-06-16 17:39 . 2001-08-17 12:11 48,736 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\srwlnd5.sys
2008-06-16 17:39 . 2001-08-17 22:36 24,660 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\spxupchk.dll
2008-06-16 17:39 . 2001-08-17 13:51 16,896 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\stcusb.sys
2008-06-16 17:39 . 2001-08-17 13:56 7,552 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonypvu1.sys
2008-06-16 17:38 . 2001-08-17 14:56 147,200 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\smidispb.dll
2008-06-16 17:38 . 2001-08-17 22:36 114,688 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonypi.dll
2008-06-16 17:38 . 2001-08-17 12:51 58,368 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\smiminib.sys
2008-06-16 17:38 . 2001-08-17 12:51 37,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonypi.sys
2008-06-16 17:38 . 2001-08-17 12:12 25,034 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\smcpwr2n.sys
2008-06-16 17:38 . 2001-08-17 12:51 20,752 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonync.sys
2008-06-16 17:38 . 2001-08-17 13:53 9,600 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonymc.sys
2008-06-16 17:38 . 2004-08-04 02:00 7,552 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sonyait.sys
2008-06-16 17:38 . 2001-08-17 13:53 7,040 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\snyaitmc.sys
2008-06-16 17:36 . 2001-08-17 14:56 252,032 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sis300iv.dll
2008-06-16 17:36 . 2001-08-17 22:36 238,592 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisgrv.dll
2008-06-16 17:36 . 2001-08-17 14:56 157,696 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisv256.dll
2008-06-16 17:36 . 2001-08-17 14:56 150,144 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sis6306v.dll
2008-06-16 17:36 . 2001-08-17 12:50 104,064 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisgrp.sys
2008-06-16 17:36 . 2001-08-17 12:50 101,760 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sis300ip.sys
2008-06-16 17:36 . 2001-08-17 12:12 94,698 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sk98xwin.sys
2008-06-16 17:36 . 2001-08-17 12:50 68,608 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sis6306p.sys
2008-06-16 17:36 . 2001-08-17 12:50 50,432 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisv.sys
2008-06-16 17:36 . 2004-08-04 01:31 32,768 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sisnic.sys
2008-06-16 17:35 . 2001-08-17 22:36 386,560 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sgiul50.dll
2008-06-16 17:35 . 2001-07-21 14:29 161,568 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sgsmusb.sys
2008-06-16 17:35 . 2001-08-17 12:51 98,080 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sgiulnt5.sys
2008-06-16 17:35 . 2001-07-21 14:29 18,400 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sgsmld.sys
2008-06-16 17:35 . 2001-08-17 13:48 17,664 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sermouse.sys
2008-06-16 17:35 . 2001-08-17 13:53 10,880 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\scsiscan.sys
2008-06-16 17:35 . 2001-08-17 13:53 6,912 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\seaddsmc.sys
2008-06-16 17:35 . 2001-08-17 13:53 6,784 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\serscan.sys
2008-06-16 17:34 . 2001-08-17 14:56 245,632 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3savmx.dll
2008-06-16 17:34 . 2001-08-17 14:56 198,400 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3sav4.dll
2008-06-16 17:34 . 2001-08-17 12:50 77,824 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3sav4m.sys
2008-06-16 17:34 . 2001-08-17 12:50 75,392 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3savmxm.sys
2008-06-16 17:34 . 2004-08-04 01:59 43,136 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sbp2port.sys
2008-06-16 17:34 . 2001-08-17 13:51 23,936 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sccmusbm.sys
2008-06-16 17:34 . 2001-08-17 13:51 23,936 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\sccmn50m.sys
2008-06-16 17:34 . 2001-08-17 13:51 17,280 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\scr111.sys
2008-06-16 17:34 . 2001-08-17 13:51 16,640 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\scmstcs.sys
2008-06-16 17:34 . 2001-08-17 13:52 11,648 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\scsiprnt.sys
2008-06-16 17:33 . 2001-08-17 14:56 210,496 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3mvirge.dll
2008-06-16 17:33 . 2001-08-17 14:56 182,272 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3mt3d.dll
2008-06-16 17:33 . 2001-08-17 14:56 179,264 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3sav3d.dll
2008-06-16 17:33 . 2001-08-17 12:50 166,720 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3m.sys
2008-06-16 17:33 . 2001-08-17 22:36 82,432 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rwia450.dll
2008-06-16 17:33 . 2001-08-17 22:36 79,872 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rwia430.dll
2008-06-16 17:33 . 2001-08-17 13:57 65,664 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3legacy.sys
2008-06-16 17:33 . 2001-08-17 22:36 62,496 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3mtrio.dll
2008-06-16 17:33 . 2001-08-17 12:50 61,504 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3sav3dm.sys
2008-06-16 17:33 . 2001-08-17 12:50 41,216 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\s3mt3d.sys
2008-06-16 17:32 . 2004-08-04 01:59 79,104 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rocket.sys
2008-06-16 17:32 . 2001-08-17 12:12 37,563 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rlnet5.sys
2008-06-16 17:32 . 2001-08-17 12:19 30,720 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rthwcls.sys
2008-06-16 17:32 . 2001-08-17 22:36 26,624 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rw450ext.dll
2008-06-16 17:32 . 2001-08-17 22:36 24,576 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rw430ext.dll
2008-06-16 17:32 . 2001-08-17 12:12 19,017 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rtl8029.sys
2008-06-16 17:32 . 2001-08-17 22:36 9,216 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\rsmgrstr.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-15 05:13 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-06-07 20:45 --------- d-----w C:\Program Files\McAfee
2008-06-07 20:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-05-31 04:29 --------- d-----w C:\Program Files\Common Files\LogiShrd
2008-05-31 04:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd
2008-05-31 01:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-16 17:39 --------- d-----w C:\Program Files\eMule
2008-05-03 06:03 --------- d-----w C:\Program Files\Adobe Media Player
2008-05-03 06:02 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-04-18 23:41 --------- d-----w C:\Program Files\Java
2008-03-18 23:07 77,592 ----a-w C:\Documents and Settings\Gang\Application Data\GDIPFONTCACHEV1.DAT
2004-06-03 19:38 168,641 ----a-w C:\Documents and Settings\Gang\Application Data\tvmknwrd.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-24 18:22 1916928]
"Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [2006-02-24 10:06 704512]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56 15360]
"SUPERAntiSpyware"="C:\Downloads\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-02-27 11:39 1310720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dell|Alert"="C:\Program Files\Dell\Support\Alert\bin\DAMon.exe" [2002-07-11 16:15 270336]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
"UpdReg"="C:\WINDOWS\Updreg.exe" [2000-05-11 02:00 90112]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"StormCodec_Helper"="C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" [2006-09-30 03:25 96984]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58 282624]
"PHIME2002ASync"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [2002-08-29 00:39 455168]
"PHIME2002A"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [2002-08-29 00:39 455168]
"nwiz"="nwiz.exe" [2003-10-06 14:16 741376 C:\WINDOWS\SYSTEM32\nwiz.exe]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 14:16 5058560]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"MSPY2002"="C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe" [2002-08-29 00:39 59392]
"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 14:39 136768]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 01:13 774168]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-08 01:12 488984]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36 256576]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 01:31 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2001-08-18 07:00 44032]
"AHQInit"="C:\Program Files\Creative\SBLive\Program\AHQInit.exe" [2001-03-28 02:00 102400]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 17:44 679936]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 03:56 15360]
C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
WinStartUpDll.exe [2004-01-24 21:09:50 700385]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 01:19:50 217193]
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2002-11-25 21:01:21 114688]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2002-09-06 04:40:03 45056]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360]
Microsoft Works Calendar Reminders.lnk - C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2001-08-07 18:06:54 24633]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Downloads\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Downloads\SUPERAntiSpyware\SASWINLO.dll 2007-02-27 11:39 282624 C:\Downloads\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ctmp3"= C:\WINDOWS\System32\ctmp3.acm
"msacm.l3acm"= L3codecp.acm
"aux"= ctwdm32.dll
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"vidc.DIVF"= DivX412.dll
"VIDC.HFYU"= huffyuv.dll
"msacm.divxa32"= DivXa32.acm
"msacm.l3radius"= l3codecp.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Kingsoft\\PowerWord 2005\\XDICT.EXE"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Invitrogen\\Vector NTI Advance 10\\Vector NTI 10.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Documents and Settings\\Gang\\Desktop\\ivs\\ivs.exe"=
"C:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
S2 Ca533av;DV Cam(Video);C:\WINDOWS\system32\Drivers\Ca533av.sys []
S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\13.tmp []
S3 RegGuard;RegGuard;C:\WINDOWS\system32\Drivers\regguard.sys [2008-06-06 01:04]
S3 USBCamera;DSC Still Image Capture (CA533A);C:\WINDOWS\system32\Drivers\Bulk533.sys []
S4 hpt3xx;hpt3xx;C:\WINDOWS\system32\DRIVERS\hpt3xx.sys [2001-08-23 08:00]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0896b9c5-2d36-11dd-ab34-00038a000015}]
\Shell\AutoRun\command - G:\nideiect.com
\Shell\explore\Command - G:\nideiect.com
\Shell\open\Command - G:\nideiect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17500ee6-2ea6-11dc-a9b9-00038a000015}]
\Shell\AutoRun\command - H:\nideiect.com
\Shell\explore\Command - H:\nideiect.com
\Shell\open\Command - H:\nideiect.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99a92406-cef7-11da-a80a-00038a000015}]
\Shell\AutoRun\command - H:\nideiect.com
\Shell\explore\Command - H:\nideiect.com
\Shell\open\Command - H:\nideiect.com
.
Contents of the 'Scheduled Tasks' folder
"2008-02-12 17:54:07 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-17 18:56:36
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\C:\WINDOWS\system32\13.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\tsd32.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
C:\WINDOWS\SYSTEM32\INETSRV\inetinfo.exe
C:\WINDOWS\SYSTEM32\nvsvc32.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
C:\WINDOWS\SYSTEM32\devldr32.exe
C:\WINDOWS\SYSTEM32\conime.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
C:\Program Files\Kingsoft\PowerWord 2005\XDICT.EXE
.
**************************************************************************
.
Completion time: 2008-06-17 19:18:07 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-17 23:17:50
Pre-Run: 3,731,722,240 bytes free
Post-Run: 4,514,959,360 bytes free
311 --- E O F --- 2008-06-17 23:04:42