Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

spyware and maliciouse maleware

Started by shiggawhite , Jan 07 2009 03:22 AM

  • Please log in to reply

#1
shiggawhite
Posted 07 January 2009 - 03:22 AM

shiggawhite

    New Member

  • Member
  • Pip
  • 2 posts
i did a hijack this log and then a buddy of mine told me that my problems might get solved with a program geekstogo offers named combo fix so i also ran that and have a log from both. first i am posting most recent hijack this log



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:20:18 AM, on 1/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Vongo\VongoService.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Vongo\Tray.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Documents and Settings\Jason\Desktop\hjack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.h...a...o&pf=laptop
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1230688838687
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zon...ro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6C1E82D5-D227-47A5-9457-5840DAFD89F0}: NameServer = 4.2.2.2,4.2.2.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{6C1E82D5-D227-47A5-9457-5840DAFD89F0}: NameServer = 4.2.2.2,4.2.2.3
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe

--
End of file - 12456 bytes
  • 0

Advertisements

#2
shiggawhite
Posted 07 January 2009 - 03:23 AM

shiggawhite

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
combo fix log


ComboFix 09-01-06.02 - Jason 2009-01-07 2:43:48.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.704 [GMT -6:00]
Running from: c:\documents and settings\Jason\Desktop\ComboFix.exe
AV: Norton 360 *On-access scanning disabled* (Updated)
FW: Norton 360 *enabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Jason\Application Data\inst.exe
c:\documents and settings\Jason\Desktop\BD4CF7BA599A8510\
c:\documents and settings\Jason\Desktop\BD4CF7BA599A8510\BD4CF7BA599A8510
c:\documents and settings\Jason\My Documents\My Documents.url
c:\documents and settings\Jason\My Documents\My Music\My Music.url
c:\documents and settings\Jason\My Documents\My Pictures\My Pictures.url
c:\documents and settings\Jason\My Documents\My Videos\My Video.url
c:\program files\webmediaviewer
c:\program files\webmediaviewer\qttask.exe
c:\windows\system32\Pncrt.dll

.
((((((((((((((((((((((((( Files Created from 2008-12-07 to 2009-01-07 )))))))))))))))))))))))))))))))
.

2009-01-07 01:39 . 2009-01-07 01:39 5,632 --a------ c:\windows\fd.dll
2009-01-06 01:54 . 2009-01-06 01:54 <DIR> d-------- c:\documents and settings\Jason\Application Data\WildTangent
2009-01-06 01:53 . 2009-01-06 01:53 <DIR> d-------- c:\program files\WildGames
2009-01-04 22:07 . 2009-01-04 23:36 <DIR> d-------- c:\documents and settings\Maggie.orig
2009-01-04 19:16 . 2009-01-04 19:17 1,085,440 --a------ c:\windows\system32\rn.tmp
2009-01-03 13:09 . 2009-01-03 13:09 <DIR> d-------- c:\program files\VSO
2009-01-03 13:09 . 2009-01-05 20:24 <DIR> d-------- c:\documents and settings\Jason\Application Data\Vso
2009-01-03 13:09 . 2004-05-04 11:53 1,645,320 --a------ c:\windows\gdiplus.dll
2009-01-03 13:09 . 2006-05-20 16:16 1,184,984 --a------ c:\windows\system32\wvc1dmod.dll
2009-01-03 13:09 . 2006-05-11 19:21 626,688 --a------ c:\windows\system32\vp7vfw.dll
2009-01-03 13:09 . 2006-09-29 12:24 217,127 --a------ c:\windows\system32\drv43260.dll
2009-01-03 13:09 . 2006-09-29 12:25 208,935 --a------ c:\windows\system32\drv33260.dll
2009-01-03 13:09 . 2006-09-29 12:26 176,165 --a------ c:\windows\system32\drv23260.dll
2009-01-03 13:09 . 2007-03-18 20:37 65,602 --a------ c:\windows\system32\cook3260.dll
2009-01-03 13:09 . 2009-01-03 13:09 47,360 --a------ c:\windows\system32\drivers\pcouffin.sys
2009-01-03 13:09 . 2009-01-03 13:09 47,360 --a------ c:\documents and settings\Jason\Application Data\pcouffin.sys
2009-01-02 17:21 . 2009-01-02 17:21 <DIR> d-------- c:\documents and settings\Jason\Application Data\AdobeUM
2009-01-02 16:54 . 2009-01-02 16:54 <DIR> d-------- c:\windows\system32\scripting
2009-01-02 16:54 . 2009-01-02 16:54 <DIR> d-------- c:\windows\system32\en
2009-01-02 16:54 . 2009-01-02 16:54 <DIR> d-------- c:\windows\system32\bits
2009-01-02 16:54 . 2009-01-02 16:54 <DIR> d-------- c:\windows\l2schemas
2009-01-02 16:51 . 2009-01-02 16:54 <DIR> d-------- c:\windows\ServicePackFiles
2009-01-02 15:44 . 2008-04-13 12:46 121,984 --------- c:\windows\system32\drivers\usbvideo.sys
2009-01-02 15:44 . 2008-04-13 18:12 69,120 --------- c:\windows\system32\wlanapi.dll
2009-01-02 15:44 . 2008-04-13 18:12 28,672 --------- c:\windows\system32\vidcap.ax
2009-01-02 15:44 . 2004-08-03 22:29 25,471 --------- c:\windows\system32\drivers\watv10nt.sys
2009-01-02 15:44 . 2004-08-03 22:29 22,271 --------- c:\windows\system32\drivers\watv06nt.sys
2009-01-02 15:44 . 2008-04-13 12:43 14,208 --------- c:\windows\system32\drivers\wacompen.sys
2009-01-02 15:44 . 2008-04-13 12:56 12,800 --------- c:\windows\system32\drivers\usb8023x.sys
2009-01-02 15:44 . 2004-08-03 22:29 11,935 --------- c:\windows\system32\drivers\wadv11nt.sys
2009-01-02 15:44 . 2004-08-03 22:29 11,871 --------- c:\windows\system32\drivers\wadv09nt.sys
2009-01-02 15:44 . 2004-08-03 22:29 11,807 --------- c:\windows\system32\drivers\wadv07nt.sys
2009-01-02 15:44 . 2008-04-13 18:12 11,325 --------- c:\windows\system32\drivers\vchnt5.dll
2009-01-02 15:44 . 2004-08-03 22:29 11,295 --------- c:\windows\system32\drivers\wadv08nt.sys
2009-01-02 15:42 . 2008-04-13 18:11 397,312 --------- c:\windows\system32\mmcex.dll
2009-01-02 15:42 . 2008-04-13 18:11 184,320 --------- c:\windows\system32\microsoft.managementconsole.dll
2009-01-02 15:42 . 2008-04-13 18:12 155,136 --------- c:\windows\system32\mssha.dll
2009-01-02 15:42 . 2008-04-13 18:11 106,496 --------- c:\windows\system32\mmcfxcommon.dll
2009-01-02 15:42 . 2008-04-13 12:14 76,800 --------- c:\windows\system32\msshavmsg.dll
2009-01-02 15:42 . 2008-04-13 18:12 33,792 --------- c:\windows\system32\mmcperf.exe
2009-01-02 15:41 . 2008-04-13 18:11 61,440 --------- c:\windows\system32\kmsvc.dll
2009-01-02 15:41 . 2008-04-13 18:11 37,376 --------- c:\windows\system32\l2gpstore.dll
2009-01-02 15:41 . 2008-04-13 18:09 6,144 --------- c:\windows\system32\kbdpash.dll
2009-01-02 15:41 . 2008-04-13 18:09 6,144 --------- c:\windows\system32\kbdnepr.dll
2009-01-02 15:41 . 2008-04-13 18:09 6,144 --------- c:\windows\system32\kbdiultn.dll
2009-01-02 15:41 . 2008-04-13 18:09 6,144 --------- c:\windows\system32\kbdbhc.dll
2009-01-02 15:39 . 2008-04-13 18:11 1,888,992 --------- c:\windows\system32\ati3duag.dll
2009-01-01 22:52 . 2009-01-01 22:52 <DIR> d-------- C:\Combo-Fix
2009-01-01 21:29 . 2009-01-01 21:29 <DIR> d-------- c:\program files\Windows Sidebar
2009-01-01 21:28 . 2009-01-02 17:07 <DIR> d-------- c:\program files\Norton 360
2009-01-01 21:22 . 2009-01-01 21:47 123,952 --a------ c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-01 21:22 . 2009-01-01 21:47 60,800 --a------ c:\windows\system32\S32EVNT1.DLL
2009-01-01 21:22 . 2009-01-01 21:47 10,671 --a------ c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-01 21:22 . 2009-01-01 21:47 805 --a------ c:\windows\system32\drivers\SYMEVENT.INF
2009-01-01 21:21 . 2009-01-01 21:47 <DIR> d-------- c:\program files\Symantec
2009-01-01 21:12 . 2009-01-01 21:14 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-01-01 21:12 . 2009-01-01 22:47 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-01 15:36 . 2008-10-16 14:38 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll
2009-01-01 15:36 . 2007-04-17 03:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2009-01-01 15:36 . 2007-03-07 23:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2009-01-01 15:36 . 2008-10-16 14:38 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2009-01-01 15:36 . 2008-10-16 14:38 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2009-01-01 15:36 . 2008-10-16 14:38 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2009-01-01 15:36 . 2008-10-03 04:02 247,326 --------- c:\windows\system32\dllcache\strmdll.dll
2009-01-01 15:36 . 2008-10-16 14:38 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2009-01-01 15:36 . 2008-10-16 14:38 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-01-01 15:36 . 2008-10-16 07:11 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2009-01-01 15:31 . 2008-09-04 11:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
2009-01-01 15:31 . 2008-05-01 08:33 331,776 --------- c:\windows\system32\dllcache\msadce.dll
2009-01-01 15:31 . 2008-06-13 05:05 272,128 --------- c:\windows\system32\drivers\bthport.sys
2008-12-31 22:08 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2008-12-31 22:08 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2008-12-31 22:08 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2008-12-31 15:31 . 2008-12-31 15:31 <DIR> d-------- c:\documents and settings\Jason\Application Data\Symantec
2008-12-31 13:29 . 2008-12-31 13:29 0 --ah----- c:\windows\system32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf
2008-12-31 13:29 . 2008-12-31 13:29 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2008-12-31 13:22 . 2008-12-31 13:22 0 --ah----- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2008-12-31 00:08 . 2008-12-31 00:08 <DIR> d-------- c:\windows\system32\XPSViewer
2008-12-31 00:08 . 2008-12-31 00:08 <DIR> d-------- c:\program files\Reference Assemblies
2008-12-31 00:08 . 2008-12-31 00:08 <DIR> d-------- c:\program files\MSBuild
2008-12-31 00:08 . 2008-12-31 00:08 <DIR> d-------- c:\documents and settings\Jason\Application Data\Nero
2008-12-31 00:07 . 2008-12-31 00:08 <DIR> d-------- C:\441b7657ea1ff5da755247ca10
2008-12-31 00:07 . 2008-07-06 06:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll
2008-12-31 00:07 . 2008-07-06 06:06 1,676,288 --------- c:\windows\system32\dllcache\xpssvcs.dll
2008-12-31 00:07 . 2008-07-06 04:50 597,504 --------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2008-12-31 00:07 . 2008-07-06 06:06 575,488 --------- c:\windows\system32\xpsshhdr.dll
2008-12-31 00:07 . 2008-07-06 06:06 575,488 --------- c:\windows\system32\dllcache\xpsshhdr.dll
2008-12-31 00:07 . 2008-07-06 06:06 117,760 --------- c:\windows\system32\prntvpt.dll
2008-12-31 00:07 . 2008-07-06 06:06 89,088 --------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2008-12-30 23:38 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2008-12-30 23:38 . 2008-12-30 23:38 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-12-30 23:38 . 2008-12-30 23:38 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_zumbus_01007.Wdf
2008-12-30 23:37 . 2008-05-02 07:25 465,920 --------- c:\windows\system32\imapi2fs.dll
2008-12-30 23:37 . 2008-05-02 07:25 465,920 --------- c:\windows\system32\dllcache\imapi2fs.dll
2008-12-30 23:37 . 2008-05-02 07:25 317,952 --------- c:\windows\system32\imapi2.dll
2008-12-30 23:37 . 2008-05-02 07:25 317,952 --------- c:\windows\system32\dllcache\imapi2.dll
2008-12-30 23:23 . 2008-12-30 23:23 <DIR> d-------- c:\program files\Windows Media Connect 2
2008-12-30 23:22 . 2008-12-30 23:22 <DIR> d-------- c:\windows\system32\LogFiles
2008-12-30 23:22 . 2008-12-31 13:20 <DIR> d-------- c:\windows\system32\drivers\UMDF
2008-12-30 23:04 . 2008-12-30 23:04 410,984 --a------ c:\windows\system32\deploytk.dll
2008-12-30 23:04 . 2008-12-30 23:04 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-12-30 21:59 . 2008-12-30 21:59 <DIR> d-------- c:\documents and settings\Jason\Contacts
2008-12-30 21:58 . 2008-12-30 21:58 <DIR> d-------- c:\program files\Windows Live Favorites
2008-12-30 21:46 . 2008-12-30 21:46 <DIR> d-------- c:\documents and settings\Jason\Application Data\Yahoo!
2008-12-30 20:43 . 2008-12-30 20:43 1,719 -rahs---- c:\windows\system32\drivers\103C_HP_NTBK_Presario C300 (RH211UA#ABA)_YN_0Pres_QCND637346F_E433358001_46_I30C6_SHP_V78.08_BF.05_T060814_
WXH2_L409_M1015_J60_7Intel_8Celeron M 420_91.6_#081230_N10EC8139_(RH211UA#ABA)_XMOBILE_CN10_Z_2F.05.MRK
2008-12-30 20:42 . 2006-08-19 04:08 <DIR> d-------- c:\documents and settings\Jason\Application Data\Intuit
2008-12-30 20:42 . 2009-01-06 22:58 <DIR> d-------- c:\documents and settings\Jason
2008-12-30 20:41 . 2006-08-19 04:08 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\Intuit
2008-12-30 20:38 . 2004-08-04 07:00 185,344 --a------ c:\windows\system32\Thawbrkr.dll
2008-12-30 20:38 . 2004-08-04 07:00 66,594 --a------ c:\windows\system32\c_864.nls
2008-12-30 20:38 . 2004-08-04 07:00 66,594 --a------ c:\windows\system32\c_862.nls
2008-12-30 20:38 . 2004-08-04 07:00 66,594 --a------ c:\windows\system32\c_720.nls
2008-12-30 20:38 . 2004-08-04 07:00 66,082 --a------ c:\windows\system32\c_708.nls
2008-12-30 20:38 . 2004-08-04 07:00 66,082 --a------ c:\windows\system32\C_28596.NLS
2008-12-30 20:38 . 2004-08-04 07:00 66,082 --a------ c:\windows\system32\c_10021.nls
2008-12-30 20:38 . 2004-08-04 07:00 66,082 --a------ c:\windows\system32\c_10005.nls
2008-12-30 20:38 . 2004-08-04 07:00 66,082 --a------ c:\windows\system32\c_10004.nls
2008-12-30 20:38 . 2004-08-04 07:00 10,752 --a------ c:\windows\system32\c_iscii.dll
2008-12-30 20:38 . 2004-08-04 07:00 6,144 --a------ c:\windows\system32\ftlx041e.dll
2008-12-30 20:38 . 2004-08-04 07:00 5,632 --a------ c:\windows\system32\kbdusa.dll
2008-12-30 20:05 . 2008-10-16 14:09 43,544 --a------ c:\windows\system32\wups2.dll
2008-12-30 20:05 . 2008-10-16 14:09 31,768 --a------ c:\windows\system32\wucltui.dll.mui
2008-12-30 20:05 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuaucpl.cpl.mui
2008-12-30 20:05 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2008-12-30 20:05 . 2008-10-16 14:07 18,456 --a------ c:\windows\system32\wuaueng.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-07 08:49 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-01-06 07:54 --------- d-----w c:\documents and settings\All Users\Application Data\WildTangent
2009-01-06 07:38 --------- d-----w c:\program files\BitComet
2009-01-04 18:23 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-12-31 05:40 --------- d-----w c:\program files\Zune
2008-12-31 05:04 --------- d-----w c:\program files\Java
2008-12-31 03:58 --------- d-----w c:\program files\Windows Live
2008-12-31 03:57 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2008-12-31 03:55 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-12-31 03:54 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-12-31 03:46 --------- d-----w c:\documents and settings\All Users\Application Data\yahoo!
2008-12-31 02:17 --------- d-----w c:\program files\Vongo
2008-12-31 02:16 --------- d-----w c:\program files\Quickensetup
2008-12-31 02:16 --------- d-----w c:\program files\Quicken
2008-12-31 02:14 --------- d-----w c:\program files\NetWaiting
2008-12-31 02:13 --------- d-----w c:\program files\Microsoft Works
2008-12-31 02:12 --------- d-----w c:\program files\Microsoft Office Trial Wizard
2008-12-31 02:11 --------- d-----w c:\program files\Microsoft Money 2006
2008-12-31 02:11 --------- d-----w c:\program files\Microsoft ActiveSync
2008-12-31 02:11 --------- d-----w c:\program files\HP Rhapsody
2008-12-31 02:04 --------- d-----w c:\program files\Hewlett-Packard
2008-12-31 02:04 --------- d-----w c:\program files\Encarta Online
2008-12-31 02:04 --------- d-----w c:\program files\DivX
2008-12-31 02:04 --------- d-----w c:\program files\CONEXANT
2008-12-31 02:04 --------- d-----w c:\program files\Common Files\TiVo Shared
2008-12-31 02:03 --------- d-----w c:\program files\Common Files\SureThing Shared
2008-12-31 02:03 --------- d-----w c:\program files\Common Files\Sonic Shared
2008-12-31 02:03 --------- d-----w c:\program files\Common Files\Palo Alto Software
2008-12-31 02:02 --------- d-----w c:\program files\Common Files\HP
2008-12-31 01:57 --------- d-----w c:\documents and settings\All Users\Application Data\Sonic
2008-12-27 07:29 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-17 04:52 --------- d-----w c:\documents and settings\All Users\Application Data\Pure Networks
2008-12-17 01:54 --------- d-----w c:\program files\Winamp
2008-12-15 20:57 --------- d-----w c:\program files\Corel
2008-12-02 11:09 --------- d-----w c:\documents and settings\All Users\Application Data\Pure Networks(2)
2008-11-30 07:53 57,220 ----a-w c:\windows\RGI6.tmp
2008-11-30 04:08 --------- d-----w c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2008-11-26 05:28 --------- d-----w c:\documents and settings\All Users\Application Data\Trymedia
2008-11-26 05:28 --------- d-----w c:\documents and settings\All Users\Application Data\NeoEdge Networks
2008-11-10 18:09 40,832 ----a-w c:\windows\system32\drivers\zumbus.sys
2008-04-15 20:13 0 -c--a-w c:\program files\temp01
2007-02-14 20:53 166,180 ----a-w c:\program files\RipIt4Me.zip
2007-02-14 18:38 32,134 ----a-w c:\program files\FixVTS1.602.zip
2007-02-14 00:21 32,944 ----a-w c:\program files\FixVTS1.603.zip
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 458752]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-30 136600]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-16 794713]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-06-23 102400]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-02 135168]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 40960]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2008-11-10 157312]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 c:\windows\system32\CHDAudPropShortcut.exe]

c:\documents and settings\Administrator.LAPTOP.001\Start Menu\Programs\Startup\
Vongo Tray.lnk - c:\program files\Vongo\Tray.exe [2006-05-09 73728]

c:\documents and settings\Jason\Start Menu\Programs\Startup\
Vongo Tray.lnk - c:\program files\Vongo\Tray.exe [2006-05-09 73728]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 73728]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25297:TCP"= 25297:TCP:BitComet 25297 TCP
"25297:UDP"= 25297:UDP:BitComet 25297 UDP

R1 navigator;navigator;\systemroot\fd.dll --> \systemroot\fd.dll [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-01-02 99376]
R4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2008-02-18 149352]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-12 23888]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a79e0901-d6de-11dd-b8e5-0014a5f08b7d}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com j:
\Shell\Open\command - resycled\boot.com j:
.
- - - - ORPHANS REMOVED - - - -

HKLM-Explorer_Run-QuickTime Task - c:\program files\WebMediaViewer\qttask.exe
SharedTaskScheduler-{2ecca339-c274-40e3-a582-ef4c0e917639} - c:\windows\system32\ijofmsu.dll


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=presario&pf=laptop
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
TCP: {6C1E82D5-D227-47A5-9457-5840DAFD89F0} = 4.2.2.2,4.2.2.3
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-07 02:50:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????[??????`?@?????L?@

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Vongo\VongoService.exe
c:\windows\system32\ZuneBusEnum.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\progra~1\HPQ\Shared\HPQTOA~1.EXE
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
.
**************************************************************************
.
Completion time: 2009-01-07 2:59:04 - machine was rebooted
ComboFix-quarantined-files.txt 2009-01-07 08:58:53
ComboFix2.txt 2009-01-01 22:07:08

Pre-Run: 12,721,692,672 bytes free
Post-Run: 12,829,671,424 bytes free

324 --- E O F --- 2009-01-04 09:03:34
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP