ComboFix 07-12-08.1 - max 2007-12-09 12:44:41.7 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.305 [GMT 0:00]Running from: C:\Documents and Settings\max\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\max\Desktop\CFScript.txt
* Created a new restore point
FILE
C:\WINDOWS\SYSTEM32\ywcgwgay.ini
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\SYSTEM32\ywcgwgay.ini
.
((((((((((((((((((((((((( Files Created from 2007-11-09 to 2007-12-09 )))))))))))))))))))))))))))))))
.
2007-12-07 15:54 . 2007-12-07 18:35 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2007-12-07 15:54 . 2007-12-07 15:54 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2007-12-07 15:54 . 2007-12-07 15:54 1,406 --a------ C:\WINDOWS\SYSTEM32\Help.ico
2007-12-06 19:12 . 2007-12-09 08:36 0 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\lvuvc.hs
2007-12-02 14:41 . 2007-12-02 14:41 <DIR> d-------- C:\Program Files\Common Files\Java
2007-12-02 14:41 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\SYSTEM32\javacpl.cpl
2007-11-27 07:55 . 2007-11-27 07:55 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-26 18:49 . 2007-11-26 18:49 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2007-11-26 18:49 . 2007-11-26 18:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-23 20:50 . 2007-11-23 20:52 <DIR> d-------- C:\Program Files\Safer Networking
2007-11-22 19:59 . 2007-11-22 19:59 2,422 --a------ C:\WINDOWS\SYSTEM32\wpa.bak
2007-11-22 19:39 . 2004-08-12 14:10 28,288 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\xjis.nls
2007-11-22 19:37 . 2004-08-12 13:58 1,875,968 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\msir3jp.lex
2007-11-22 19:36 . 2004-08-12 13:58 13,463,552 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\hwxjpn.dll
2007-11-22 19:35 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\fp4awel.dll
2007-11-22 19:30 . 2007-11-22 19:30 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2007-11-22 19:30 . 2007-11-22 19:30 749 -rah----- C:\WINDOWS\SYSTEM32\wuaucpl.cpl.manifest
2007-11-22 19:30 . 2007-11-22 19:30 749 -rah----- C:\WINDOWS\SYSTEM32\sapi.cpl.manifest
2007-11-22 19:30 . 2007-11-22 19:30 749 -rah----- C:\WINDOWS\SYSTEM32\ncpa.cpl.manifest
2007-11-22 19:30 . 2007-11-22 19:30 488 -rah----- C:\WINDOWS\SYSTEM32\logonui.exe.manifest
2007-11-22 19:29 . 2004-08-12 13:58 16,384 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\isignup.exe
2007-11-22 19:28 . 2004-08-12 13:57 214,528 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\icwconn1.exe
2007-11-22 19:28 . 2004-08-12 13:57 86,016 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\icwconn2.exe
2007-11-22 19:28 . 2004-08-12 13:57 32,768 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\icwdl.dll
2007-11-22 19:28 . 2004-08-12 13:58 20,480 --a--c--- C:\WINDOWS\SYSTEM32\DLLCACHE\inetwiz.exe
2007-11-22 18:11 . 2007-11-22 18:11 34 --a------ C:\WINDOWS\SYSTEM\oeminfo.ini
2007-11-22 17:58 . 2007-11-22 17:58 <DIR> d-------- C:\WINDOWS\dell
2007-11-20 20:03 . 2007-11-23 20:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2007-11-18 19:53 . 2007-12-08 22:03 4,212 ---h----- C:\WINDOWS\SYSTEM32\zllictbl.dat
2007-11-18 19:52 . 2007-12-07 18:41 <DIR> d-------- C:\WINDOWS\SYSTEM32\ZoneLabs
2007-11-18 19:52 . 2007-11-14 16:05 1,086,952 --a------ C:\WINDOWS\SYSTEM32\zpeng24.dll
2007-11-18 19:51 . 2007-12-09 08:37 351,888 --a------ C:\WINDOWS\SYSTEM32\vsconfig.xml
2007-11-18 19:50 . 2007-12-08 19:59 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-11-18 19:06 . 2007-11-18 21:03 <DIR> d-------- C:\Program Files\Registry Defender
2007-11-18 13:24 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll
2007-11-18 13:24 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\SYSTEM32\mucltui.dll.mui
2007-11-17 17:38 . 2007-11-17 17:38 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-17 11:39 . 2007-11-17 14:59 489 --a------ C:\WINDOWS\wininit.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-08 14:13 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-12-08 13:52 --------- d-----w C:\Program Files\GSC Game World
2007-12-08 13:51 --------- d-----w C:\Program Files\Microsoft Games
2007-12-07 18:09 --------- d-----w C:\Program Files\iTunes
2007-12-07 17:58 --------- d-----w C:\Program Files\DellSupport
2007-12-07 17:57 --------- d-----w C:\Program Files\Dell Photo AIO Printer 922
2007-12-07 17:56 --------- d-----w C:\Program Files\Common Files\Motive
2007-12-07 17:55 --------- d-----w C:\Program Files\btbb_wcm
2007-12-07 16:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\QuickTime
2007-12-07 15:48 --------- d-----w C:\Program Files\Dl_cats
2007-12-06 19:12 2,811,364 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
2007-12-02 14:41 --------- d-----w C:\Program Files\Java
2007-11-29 09:03 --------- d-----w C:\Program Files\BitLord
2007-11-27 07:30 61,539 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2007_11_25_21_44_20_small.dmp.zip
2007-11-27 07:30 61,435 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2007_11_25_21_44_32_small.dmp.zip
2007-11-25 19:49 194,771 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_25_18_01_20_small.dmp.zip
2007-11-25 19:49 180,683 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_25_18_01_39_small.dmp.zip
2007-11-21 10:38 66,056 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_19_20_39_55_small.dmp.zip
2007-11-21 10:38 215,145 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_19_20_32_51_small.dmp.zip
2007-11-21 10:38 185,660 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_11_19_20_32_29_small.dmp.zip
2007-11-17 17:37 --------- d-----w C:\Program Files\Logitech
2007-11-17 17:37 --------- d-----w C:\Program Files\Common Files\logishrd
2007-11-17 17:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logishrd
2007-11-12 17:47 --------- d-----w C:\Documents and Settings\max\Application Data\HP
2007-10-15 20:03 --------- d-----w C:\Program Files\Full Tilt Poker.Net
2007-10-11 17:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2005-05-02 12:42 374,279 --sh--w C:\WINDOWS\Help\litusm.bak1
.
((((((((((((((((((((((((((((( snapshot@2007-12-08_ 9.26.50.89 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-12-17 14:08:21 53,248 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2007-12-08 14:12:18 53,248 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2006-12-17 14:08:21 12,800 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2007-12-08 14:12:18 12,800 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2006-12-17 14:08:21 473,600 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2007-12-08 14:12:18 473,600 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2006-12-17 14:08:17 2,676,224 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:14 2,676,224 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:18 2,846,720 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:15 2,846,720 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:18 563,712 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:15 563,712 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:18 567,296 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:15 567,296 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:19 576,000 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:16 576,000 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:19 577,024 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:16 577,024 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:19 577,536 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:16 577,536 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:20 577,536 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:17 577,536 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:20 578,560 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:17 578,560 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:21 578,560 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-08 14:12:19 578,560 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2006-12-17 14:08:21 145,920 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2007-12-08 14:12:20 145,920 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2006-12-17 14:08:22 159,232 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2007-12-08 14:12:20 159,232 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2006-12-17 14:08:22 364,544 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2007-12-08 14:12:20 364,544 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2006-12-17 14:08:22 178,176 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2007-12-08 14:12:20 178,176 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2006-12-17 14:08:20 223,232 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2007-12-08 14:12:18 223,232 ----a-w C:\WINDOWS\ASSEMBLY\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 10:09]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2005-07-19 10:14]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-12 13:56]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 15:42]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 12:52]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 20:12]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 16:54]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2005-01-26 00:41]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 01:01]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2004-09-15 01:01]
"Dell Photo AIO Printer 922"="C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2004-06-18 15:30]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2002-09-10 21:26]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-11-16 01:05]
"vptray"="C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe" [2004-02-12 11:49]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-12 13:55 C:\WINDOWS\SYSTEM32\bthprops.cpl]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-10-06 18:03]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2005-07-19 10:06]
"DLCFCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2005-09-08 18:55]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]
"btbb_wcm_McciTrayApp"="C:\Program Files\btbb_wcm\McciTrayApp.exe" [2006-11-30 10:51]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]
"btbb_McciTrayApp"="C:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe" [2007-08-22 12:34]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" []
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" []
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-12 13:56]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-12 14:01 C:\WINDOWS\SYSTEM32\narrator.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-04 05:00]
C:\Documents and Settings\sam\Start Menu\Programs\Startup\
eTomi Pro On Startup.lnk - C:\Program Files\eTomiPro\Gui\etomipro.exe [2005-02-08 14:15:28]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2006-03-16 14:24:02]
BT Broadband Desktop Help.lnk - C:\Program Files\BT Broadband Desktop Help\bin\matcli.exe [2007-10-05 19:37:10]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe [2005-02-07 18:53:16]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2005-01-28 18:35:59]
Windows Desktop Search.lnk - C:\Program Files\MSN Toolbar Suite\DS\
02.05.0001.1119\en-us\bin\WindowsSearch.exe [2005-09-20 17:10:04]
S3 BTCOMM;BTCOMM;C:\WINDOWS\system32\drivers\Btcomm.sys
S3 BTKRNBDG;Bluetooth COM Bridge;C:\WINDOWS\system32\DRIVERS\btkrnbdg.sys
S3 BTNetFilter;Bluetooth Network Filter;\??\C:\WINDOWS\system32\drivers\BTNetFilter.sys
S3 CSRBC01;%CSRBC01.SvcDesc%;C:\WINDOWS\system32\Drivers\csrbc01.sys
S3 vad_multi;Windigo Virtual Audio Device (WDM);C:\WINDOWS\system32\drivers\vadmulti.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20452f93-714b-11d9-a746-806d6172696f}]
\Shell\AutoRun\command - D:\Start.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-12-05 14:32:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\NavLogon.dll
.
**************************************************************************
catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-12-09 12:50:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-09 12:50:47
C:\ComboFix2.txt ... 2007-12-08 09:27
C:\ComboFix3.txt ... 2007-12-06 19:36
.
--- E O F ---
