Marvin - 06-10-18 3:39:42.35 Service Pack 2 ComboFix 06.10.16 - Running from: "C:\Program Files\Opera" ((((((((((((((((((((((((((((((( Files Created from 2006-09-18 to 2006-10-18 )))))))))))))))))))))))))))))))))) 2006-10-15 18:05 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2006-09-27 20:35 83,752 --a------ C:\WINDOWS\system32\PDS.DLL 2006-09-27 20:35 83,752 --a------ C:\WINDOWS\system32\NTS.DLL 2006-09-27 20:35 46,896 --a------ C:\WINDOWS\system32\Msgsys.dll 2006-09-27 20:35 34,600 --a------ C:\WINDOWS\system32\CBA.DLL (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-18 03:45 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\Azureus 2006-10-18 03:39 -------- d-------- C:\Program Files\Opera 2006-10-18 03:34 -------- d-------- C:\Program Files\Sports Interactive 2006-10-18 03:33 -------- d-a------ C:\Program Files\Common Files 2006-10-18 03:26 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\MetaCafe 2006-10-17 20:33 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\Skype 2006-10-17 20:33 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\Hamachi 2006-10-17 14:47 -------- d-------- C:\Program Files\pspvideo9 2006-10-17 13:59 -------- d-------- C:\Program Files\Common Files\Symantec Shared 2006-10-17 13:58 -------- d-------- C:\Program Files\Symantec 2006-10-15 17:51 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-15 17:51 -------- d-------- C:\Program Files\Electronic Arts 2006-10-15 17:29 -------- d-------- C:\Program Files\BitComet 2006-10-15 13:06 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\Help 2006-10-13 20:08 15440 --a------ C:\WINDOWS\system32\drivers\hamachi.sys 2006-10-10 22:18 -------- d-------- C:\Program Files\LimeWire 2006-10-06 21:05 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\Sports Interactive 2006-10-06 20:55 -------- d-------- C:\Program Files\Common Files\InstallShield 2006-09-29 19:17 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\LimeWire 2006-09-28 16:55 778656 --a------ C:\WINDOWS\system32\drivers\avg7core.sys 2006-09-25 17:04 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\AVG7 2006-09-23 21:57 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\Ahead 2006-09-17 16:16 -------- d-------- C:\Program Files\InterVideo Information Service 2006-09-17 16:16 -------- d-------- C:\Program Files\Common Files\Ulead 2006-09-17 16:13 -------- d-------- C:\Program Files\InterVideo 2006-09-14 16:13 -------- d-------- C:\Documents and Settings\Marvin.MD-24\Application Data\Canon 2006-09-13 18:41 -------- d-------- C:\Program Files\iTunes 2006-09-13 18:41 -------- d-------- C:\Program Files\iPod 2006-09-13 18:39 -------- d-------- C:\Program Files\QuickTime 2006-09-13 18:35 -------- d-------- C:\Program Files\Apple Software Update 2006-09-13 04:09 -------- d-------- C:\Program Files\TVUPlayer 2006-09-12 15:25 -------- d-------- C:\Program Files\Hamachi 2006-09-10 14:17 27904 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys 2006-09-10 14:11 4992 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys 2006-09-10 14:11 4288 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys 2006-09-10 14:11 23424 --a------ C:\WINDOWS\system32\drivers\avgmfrs.sys 2006-09-10 14:11 -------- d-------- C:\Program Files\Grisoft 2006-09-08 14:35 -------- d-------- C:\Program Files\MSN Messenger 2006-08-26 10:17 -------- d-------- C:\Program Files\Unlocker 2006-08-23 21:42 -------- d-------- C:\Program Files\Azureus 2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll 2006-07-27 21:24 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2006-07-23 18:35 2508 --a------ C:\Documents and Settings\Marvin.MD-24\Application Data\$_hpcst$.hpc 2006-07-21 16:24 72704 --a------ C:\WINDOWS\system32\hlink.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "L06AXLRD_15815640"="\"C:\\Program Files\\Microsoft Student\\Microsoft Student 2006 DVD\\EDICT.EXE\" -m" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "SSS2006"="\"C:\\Program Files\\Steganos Security Suite 2006\\SSS2006.exe\" -boot" "LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot" "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe" "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe\"" "ares"="\"C:\\Program Files\\Ares\\Ares.exe\" -h" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_07\\bin\\jusched.exe" "DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033" "SoundMan"="SOUNDMAN.EXE" "zBrowser Launcher"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe" "Logitech Utility"="Logi_MwX.Exe" "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe" "HydraVisionDesktopManager"="C:\\Program Files\\ATI Technologies\\ATI HYDRAVISION\\HydraDM.exe" "HydraVisionViewport"="C:\\Program Files\\ATI Technologies\\ATI HYDRAVISION\\HydraMD.exe" "BJLaunchEXE"="C:\\Program Files\\Canon\\BJCard\\BJLaunch.exe" "VideoraiPodConverter"="C:\\Program Files\\VideoraiPodConverter\\VideoraConverter.exe -t" "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay" "NWEReboot"="" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "InCD"="C:\\Program Files\\Nero\\Nero 7\\InCD\\InCD.exe" "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE" "LogitechCameraAssistant"="C:\\Program Files\\Logitech\\Video\\CameraAssistant.exe" "LogitechVideo[inspector]"="C:\\Program Files\\Logitech\\Video\\InstallHelper.exe /inspect" "LogitechCameraService(E)"="C:\\WINDOWS\\system32\\ElkCtrl.exe /automation" "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "UnlockerAssistant"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\"" "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "LanguageShortcut"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\"" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" "PSPVideo9"="C:\\Program Files\\pspvideo9\\pspvideo9.exe -t" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,00,02,00,00,00,00,00,00,00,02,00,00,c4,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,13,02,00,00,25,00,00,00,da,00,00,00,c6,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "SSS2006"="\"C:\\Program Files\\Steganos Security Suite 2006\\SSS2006.exe\" -firstboot" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce] "SSS2006"="\"C:\\Program Files\\Steganos Security Suite 2006\\SSS2006.exe\" -firstboot" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "NoDispAppearancePage"=dword:00000000 "NoColorChoice"=dword:00000000 "NoSizeChoice"=dword:00000000 "NoDispBackgroundPage"=dword:00000000 "NoDispScrSavPage"=dword:00000000 "NoDispCPL"=dword:00000000 "NoVisualStyleChoice"=dword:00000000 "NoDispSettingsPage"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoActiveDesktop"=dword:00000000 "NoSaveSettings"=dword:00000000 "ClassicShell"=dword:00000000 "NoThemesTab"=dword:00000000 "ForceActiveDesktopOn"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "undockwithoutlogon"=dword:00000001 "DisableTaskMgr"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoActiveDesktopChanges"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\AppleSoftwareUpdate.job Completion time: 06-10-18 3:46:21.57 C:\ComboFix.txt ... 06-10-18 03:46