it froze the first time but i ran it again and it worked but took a really long time to delete all the files.... i just shortened the log up by taking out the endless amounts of pos***.tmp files. If you need to see them just let me know but there is thousands of them.
ComboFix 08-01-23.1 - Tobi 2008-01-23 12:45:13.2 - NTFSx86
Running from: C:\Documents and Settings\Tobi\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Tobi\Application Data\CROSOF~1.NET
C:\Documents and Settings\Tobi\Application Data\macromedia\Flash Player\#SharedObjects\7N3ZDMWU\www.broadcaster.com
C:\Documents and Settings\Tobi\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Tobi\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\Tobi\Application Data\MCROSO~1.NET
C:\Documents and Settings\Tobi\Application Data\PPATCH~1
C:\Documents and Settings\Tobi\Application Data\RACLE~1
C:\Documents and Settings\Tobi\Application Data\SMANTE~1
C:\Documents and Settings\Tobi\Application Data\SSTEM3~1
C:\Documents and Settings\Tobi\Application Data\YSTEM3~1
C:\Documents and Settings\Tobi\My Documents\ICROSO~1.NET
C:\Documents and Settings\Tobi\My Documents\MCROSO~1.NET
C:\Documents and Settings\Tobi\My Documents\pos3FF.tmp
C:\Documents and Settings\Tobi\My Documents\pos400.tmp
C:\Documents and Settings\Tobi\My Documents\pos401.tmp
C:\Documents and Settings\Tobi\My Documents\pos402.tmp
C:\Documents and Settings\Tobi\My Documents\pos403.tmp
C:\posFD.tmp
C:\posFE.tmp
C:\posFF.tmp
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart .exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files\ATI\CatalystRegistration\dolce .exe
C:\Program Files\ATI\CatalystRegistration\dolce.exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent .exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Common Files\{1C9D6~1
C:\Program Files\Common Files\{3C9D6~1
C:\Program Files\Common Files\{3C9D6~1\Bar888.dll.lzma
C:\Program Files\Common Files\{3C9D6~1\UnInstall.exe
C:\Program Files\Common Files\asembl~1
C:\Program Files\Common Files\dobe~1
C:\Program Files\Common Files\InstallShield\UpdateService\issch .exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Common Files\mcroso~1.net
C:\Program Files\Common Files\racle~1
C:\Program Files\Common Files\Real\Update_OB\realsched .exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\scurit~1
C:\Program Files\Common Files\smante~1
C:\Program Files\Common Files\smbols~1
C:\Program Files\Common Files\ssembl~1
C:\Program Files\Common Files\tsks~1
C:\Program Files\Common Files\uninstall information
C:\Program Files\Common Files\wnsxs~1
C:\Program Files\Common Files\ymante~1
C:\Program Files\Common Files\ystem~1
C:\Program Files\Common Files\ystem3~1
C:\Program Files\CyberLink\PowerDVD\DVDLauncher .exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\DAEMON Tools\daemon .exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\iTunes\iTunesHelper .exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr .exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\pedevice
C:\Program Files\pedevice\tmp\tmp.html
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\smante~1
C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spyware Doctor\pctsTray .exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\sstem3~1
C:\Program Files\wnsxs~1
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\asembl~1
C:\WINDOWS\crosof~1.net
C:\WINDOWS\mbols~1
C:\WINDOWS\ppatch~1
C:\WINDOWS\pppatc~1
C:\WINDOWS\smante~1
C:\WINDOWS\stem~1
C:\WINDOWS\system32\asks~1
C:\WINDOWS\system32\catkprle.dll
C:\WINDOWS\system32\catkprle.dllbox
C:\WINDOWS\system32\crosof~1.net
C:\WINDOWS\system32\dobe~1
C:\WINDOWS\system32\drivers\fad.sys
C:\WINDOWS\system32\ecurit~1
C:\WINDOWS\system32\fnts~1
C:\WINDOWS\system32\icroso~1
C:\WINDOWS\system32\mantec~1
C:\WINDOWS\system32\mbols~1
C:\WINDOWS\SYSTEM32\nqstv.ini
C:\WINDOWS\SYSTEM32\nqstv.ini2
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\RCX7E.tmp
C:\WINDOWS\system32\RCX7F.tmp
C:\WINDOWS\system32\RCX80.tmp
C:\WINDOWS\system32\RCXB0.tmp
C:\WINDOWS\system32\vbfgjfqg.dll
C:\WINDOWS\system32\vtsqn.dll
C:\WINDOWS\system32\vtsqn.exe
C:\WINDOWS\system32\wnsinti32.exe
C:\WINDOWS\system32\wnsintsv.exe
C:\WINDOWS\system32\yfwbtyru.dll
Code:
<pre>
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl .exe ---> QooBox
C:\Program Files\ATI\CatalystRegistration\dolce .exe ---> QooBox
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart .exe ---> QooBox
C:\Program Files\BitTorrent\bittorrent .exe ---> QooBox
C:\Program Files\Common Files\InstallShield\UpdateService\issch .exe ---> QooBox
C:\Program Files\Common Files\Real\Update_OB\realsched .exe ---> QooBox
C:\Program Files\CyberLink\PowerDVD\DVDLauncher .exe ---> QooBox
C:\Program Files\DAEMON Tools\daemon .exe ---> QooBox
C:\Program Files\iTunes\iTunesHelper .exe ---> QooBox
C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe ---> QooBox
C:\Program Files\MSN Messenger\msnmsgr .exe ---> QooBox
C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe ---> QooBox
C:\Program Files\Spyware Doctor\pctsTray .exe ---> QooBox
</pre>
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_CLIENT_IP-IPX
-------\nm
((((((((((((((((((((((((( Files Created from 2007-12-23 to 2008-01-23 )))))))))))))))))))))))))))))))
.
2008-01-22 12:27 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-22 12:24 . 2008-01-23 12:39 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-22 12:24 . 2008-01-22 12:24 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-21 17:57 . 2008-01-21 17:57 1,089,316 ---hs---- C:\WINDOWS\SYSTEM32\fueknnwm.ini
2008-01-20 21:53 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\SYSTEM32\javacpl.cpl
2008-01-20 20:11 . 2008-01-20 20:11 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2008-01-20 18:39 . 2007-06-05 10:56 44,928 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SDTHOOK.SYS
2008-01-20 18:19 . 2008-01-20 18:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-20 18:17 . 2008-01-20 19:52 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2008-01-20 18:17 . 2008-01-20 18:17 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2008-01-20 18:17 . 2008-01-20 18:17 2,550 --a------ C:\WINDOWS\SYSTEM32\Uninstall.ico
2008-01-20 18:17 . 2008-01-20 18:17 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2008-01-19 13:51 . 2008-01-21 14:55 <DIR> d-------- C:\VundoFix Backups
2008-01-18 00:38 . 2008-01-18 00:38 1,075,130 ---hs---- C:\WINDOWS\SYSTEM32\hmnxctde.ini
2008-01-15 12:09 . 2008-01-15 12:09 330,752 --a------ C:\WINDOWS\SYSTEM32\RCX315.tmp
2008-01-15 09:30 . 2008-01-15 12:09 414 ---hs---- C:\WINDOWS\SYSTEM32\bfhgqssn.ini
2008-01-14 21:21 . 2008-01-15 11:49 <DIR> d-------- C:\WINDOWS\SYSTEM32\xv2
2008-01-14 21:21 . 2008-01-20 19:54 <DIR> d-------- C:\WINDOWS\SYSTEM32\edcA01
2008-01-14 21:21 . 2008-01-16 12:56 <DIR> d-------- C:\WINDOWS\SYSTEM32\ap3
2008-01-14 21:21 . 2008-01-14 21:21 <DIR> d-------- C:\Temp\Ryuan1
2008-01-14 21:21 . 2008-01-23 13:49 <DIR> d-------- C:\Temp
2008-01-14 21:21 . 2008-01-15 10:56 371,712 --a------ C:\WINDOWS\mrofinu572.exe.tmp
2007-12-31 16:11 . 2007-12-31 17:37 <DIR> d-------- C:\Program Files\Robster Productions
2007-12-27 18:48 . 2008-01-23 13:48 <DIR> d-------- C:\Program Files\iTunes
2007-12-27 18:48 . 2007-12-27 18:48 <DIR> d-------- C:\Program Files\iPod
2007-12-27 18:45 . 2007-10-31 14:09 30,464 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\usbaapl.sys
2007-12-27 18:34 . 2007-12-27 18:34 <DIR> d-------- C:\WINDOWS\SYSTEM32\NtmsData
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-23 19:48 --------- d-----w C:\Program Files\Spyware Doctor
2008-01-23 19:48 --------- d-----w C:\Program Files\QuickTime
2008-01-23 19:48 --------- d-----w C:\Program Files\MSN Messenger
2008-01-23 19:48 --------- d-----w C:\Program Files\DAEMON Tools
2008-01-23 19:48 --------- d-----w C:\Program Files\BitTorrent
2008-01-21 21:42 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-01-21 19:56 --------- d-----w C:\Program Files\Call of Duty Game of the Year Edition
2008-01-21 19:27 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-01-21 17:57 --------- d-----w C:\Program Files\Steam
2008-01-21 03:53 --------- d-----w C:\Program Files\Java
2008-01-21 01:26 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-16 18:56 --------- d-----w C:\Program Files\XBCD
2008-01-15 22:18 --------- d-----w C:\Program Files\Common Files\Groove Games Shared
2008-01-01 09:46 --------- d-----w C:\Program Files\Azureus
2007-12-28 00:46 --------- d-----w C:\Program Files\Apple Software Update
2007-12-19 04:05 --------- d-----w C:\Program Files\ATI Technologies
2007-12-19 02:34 --------- d-----w C:\Program Files\ATI
2007-12-18 02:18 --------- d-----w C:\Program Files\Activision
2007-12-18 01:54 --------- d-----w C:\Program Files\Mount&Blade
2007-12-18 01:19 --------- d-----w C:\Program Files\Diablo II
2007-12-17 19:50 --------- d-----w C:\Program Files\Atari
2007-12-10 20:53 81,288 ----a-w C:\WINDOWS\system32\drivers\iksyssec.sys
2007-12-10 20:53 66,952 ----a-w C:\WINDOWS\system32\drivers\iksysflt.sys
2007-12-10 20:53 41,864 ----a-w C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-12-10 20:53 29,576 ----a-w C:\WINDOWS\system32\drivers\kcom.sys
2005-05-19 15:43 56 --sh--r C:\WINDOWS\SYSTEM32\594AD4B834.sys
2005-05-19 15:43 1,890 --sha-w C:\WINDOWS\SYSTEM32\KGyGaAvL.sys
.
Code:
<pre>
----a-w 67,128 2008-01-21 00:01:52 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
----a-w 1,694,208 2008-01-21 05:29:33 C:\Program Files\Messenger\msmsgs .exe
</pre>
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8696DEF5-ADE1-4839-9E1B-696F5F66567C}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [ ]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [ ]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent .exe" [ ]
"Ktg"="C:\Program Files\Common Files\a?sembly\?canregw.exe" [ ]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [ ]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm .exe" [ ]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-07-22 23:25 28160 C:\WINDOWS\KHALMNPR.Exe]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [ ]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [ ]
"CatalystRegistration"="C:\Program Files\ATI\CatalystRegistration\dolce.exe" [ ]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask .exe" [ ]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [ ]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [ ]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [ ]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [ ]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqomjj]
ssqomjj.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aida]
C:\Documents and Settings\Tobi\Application Data\ttuh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2003-08-24 20:10 335872 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
--a------ 2004-12-22 17:45 71280 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
C:\Program Files\D-Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
--a------ 2004-03-15 00:04 122933 C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IST Service]
C:\Program Files\ISTsvc\istsvc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
C:\WINDOWS\kdx\KHost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2003-05-16 08:50 19968 C:\WINDOWS\LOGI_MWX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
--------- 2004-04-11 19:15 290816 C:\Program Files\Dell\Media Experience\PCMService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2003-11-19 16:48 32881 C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPS]
C:\PROGRA~1\Toolbar\TBPS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
--a------ 2003-08-19 00:01 110592 C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe]
--a------ 2003-12-11 18:35 70800 C:\Program Files\Norton Internet Security\UrlLstCk.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinTools]
C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-03-23 16:22]
S3 jswmidin;jswmidin;C:\DOCUME~1\Tobi\LOCALS~1\Temp\jswmidin.sys []
S3 MSControlService;Microsoft cache control;C:\WINDOWS\system32\windows []
.
Contents of the 'Scheduled Tasks' folder
"2008-01-21 16:30:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-22 17:37:32 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-23 13:52:53
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-23 13:57:54 - machine was rebooted [Tobi]
ComboFix-quarantined-files.txt 2008-01-23 19:57:36
.
2008-01-13 12:02:12 --- E O F ---