"Maze" - 2007-07-19 16:04:30 -
ComboFix Log 07-07-17.8 - Service Pack 2 NTFS
((((((((((((((((((((((((( Files Created from 2007-06-19 to 2007-07-19 )))))))))))))))))))))))))))))))
2007-07-19 16:01 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-19 14:19 <DIR> d-------- C:\DOCUME~1\Gladys\APPLIC~1\Comodo
2007-07-19 14:19 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Comodo
2007-07-18 23:44 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2007-07-18 17:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-07-18 17:34 <DIR> d-------- C:\DOCUME~1\Gladys\APPLIC~1\SUPERAntiSpyware.com
2007-07-18 17:23 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-07-18 17:14 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-07-18 17:10 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-18 17:03 138,368 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2007-07-18 16:54 <DIR> d-------- C:\Program Files\Spyware Terminator
2007-07-18 16:54 <DIR> d-------- C:\DOCUME~1\Gladys\APPLIC~1\Spyware Terminator
2007-07-18 16:54 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spyware Terminator
2007-07-17 22:42 52,108 --a------ C:\WINDOWS\system32\drivers\XMS1563K.SYS
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-07-19 19:01:26 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-19 19:00:53 -------- d-----w C:\Program Files\QuickTime
2007-07-19 18:26:25 -------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-07-19 12:13:37 -------- d-----w C:\Program Files\DivX
2007-07-19 03:37:23 -------- d-----w C:\Program Files\Installed
2007-07-18 14:57:25 -------- d-----w C:\Program Files\Microsoft Money 2005
2007-06-18 21:23:01 -------- d-----w C:\DOCUME~1\Gladys\APPLIC~1\Talkback
2007-06-13 14:49:06 -------- d-----w C:\Program Files\Internet
2007-06-04 19:18:48 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-06-04 19:17:02 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-06-04 19:14:56 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 02:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-07-12 04:00 501136 --a------ C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-07-14 22:16]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-10-13 21:34]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"!AVG Anti-Spyware"="C:\Program Files\Installed\Anti Virus\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]
"COMODO Firewall Pro"="C:\Program Files\Installed\Anti Virus\Comodo\Firewall\CPF.exe" [2007-07-19 14:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 20:05]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Installed\Anti Virus\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-05-30 08:29]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="C:\Program Files\Installed\Anti Virus\SuperAntiSpyware\SASSEH.DLL" [2006-12-20 13:55]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\Installed\Anti Virus\SuperAntiSpyware\SASWINLO.dll --a------ 2007-04-19 13:41 294912 C:\Program Files\Installed\Anti Virus\SuperAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard]
Contents of the 'Scheduled Tasks' folder
2007-07-19 19:24:48 C:\WINDOWS\tasks\MP Scheduled Scan.job
2007-07-19 17:26:22 C:\WINDOWS\tasks\Symantec NetDetect.job
**************************************************************************
catchme 0.3.1040 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2007-07-19 16:07:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\system32\drivers\MFX.sys
scan completed successfully
hidden files: 1
**************************************************************************
Completion time: 2007-07-19 16:10:11
--- E O F ---
Next post: HijackThis Log