Thank you for such a quick response. It appears nothing else is wrong with my computer. Once I restore my desktop everything is fine.
Here are the two logs.
ComboFix 09-03-26.03 - rileygp 2009-03-27 15:39:47.2 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.811 [GMT -4:00]
Running from: c:\documents and settings\rileygp\Desktop\ComboFix.exe
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)
.
((((((((((((((((((((((((( Files Created from 2009-02-27 to 2009-03-27 )))))))))))))))))))))))))))))))
.
2009-03-27 12:58 . 2009-03-27 12:58 <DIR> d--hs---- c:\documents and settings\LocalService\IETldCache
2009-03-27 11:16 . 2009-03-27 11:17 <DIR> d--h-c--- c:\windows\ie8
2009-03-24 11:47 . 2009-03-24 11:47 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-24 11:47 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-24 11:47 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-18 14:09 . 2009-03-26 09:14 54,156 --ah----- c:\windows\QTFont.qfn
2009-03-18 14:09 . 2009-03-18 14:09 1,409 --a------ c:\windows\QTFont.for
2009-03-17 09:58 . 2009-03-17 09:58 34,760 --a------ c:\windows\system32\drivers\Partizan.sys
2009-03-17 09:58 . 2009-03-17 09:58 32,480 --a------ c:\windows\system32\Partizan.exe
2009-03-17 09:56 . 2009-03-17 09:56 (2) -rahs-ot- c:\windows\winstart.bat
2009-03-12 16:36 . 2009-03-12 16:36 <DIR> d-------- c:\documents and settings\rileygp\Application Data\diag
2009-03-08 14:22 . 2009-03-08 14:22 49,152 --------- c:\windows\system32\msrating.dll.mui
2009-03-08 14:22 . 2009-03-08 14:22 2,560 --------- c:\windows\system32\mshta.exe.mui
2009-03-08 14:21 . 2009-03-08 14:21 4,096 --------- c:\windows\system32\ie4uinit.exe.mui
2009-03-08 14:20 . 2009-03-08 14:20 81,920 --------- c:\windows\system32\iedkcs32.dll.mui
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-27 19:46 --------- d-----w c:\program files\Symantec AntiVirus
2009-03-27 18:46 --------- d-----w c:\program files\InfoRad Wireless
2009-03-26 14:35 --------- d-----w c:\documents and settings\rileygp\Application Data\TeraCopy
2009-03-26 13:14 5,018 ----a-w c:\windows\system32\KGyGaAvL.sys
2009-03-24 17:23 --------- d-----w c:\documents and settings\rileygp\Application Data\Desktopicon
2009-03-08 08:34 914,944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 08:34 43,008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 08:33 420,352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 08:33 18,944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 08:32 72,704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 08:32 71,680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 08:31 48,128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 08:31 45,568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 08:31 34,816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 08:22 156,160 ----a-w c:\windows\system32\msls31.dll
2009-02-25 18:38 --------- d-----w c:\program files\Google
2009-02-24 21:40 --------- d-----w c:\program files\Unlocker
2009-02-24 20:51 --------- d-----w c:\documents and settings\rileygp\Application Data\JAM Software
2009-02-18 19:54 --------- d-----w c:\documents and settings\rileygp\Application Data\GlarySoft
2009-02-17 14:37 --------- d-----w c:\program files\SUPERAntiSpyware
2009-02-17 14:37 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-17 14:37 --------- d-----w c:\documents and settings\rileygp\Application Data\SUPERAntiSpyware.com
2009-02-17 13:46 --------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-02-16 15:33 --------- d-----w c:\documents and settings\rileygp\Application Data\Malwarebytes
2009-02-16 15:33 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-06 15:26 --------- d-----w c:\program files\PicLensIE
2009-02-06 14:22 --------- dc-h--w c:\documents and settings\All Users\Application Data\{E94FD7CC-6945-4744-99C3-9BFF40AA2F24}
2009-02-06 14:22 --------- d-----w c:\program files\Stardock
2009-02-06 14:22 --------- d-----w c:\documents and settings\rileygp\Application Data\Stardock
2009-02-06 14:22 --------- d-----w c:\documents and settings\All Users\Application Data\Stardock
2009-02-03 13:43 --------- d-----w c:\program files\Microsoft Silverlight
2009-01-27 14:29 --------- d-----w c:\program files\JalbumWin
2009-01-13 20:04 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-01-07 22:21 26,144 ----a-w c:\windows\system32\spupdsvc.exe
2009-01-07 22:20 265,720 ----a-w c:\windows\system32\msdbg2.dll
2009-01-07 22:20 26,112 ----a-w c:\windows\system32\idndl.dll
2009-01-07 22:20 24,576 ----a-w c:\windows\system32\nlsdl.dll
2009-01-07 22:20 23,552 ----a-w c:\windows\system32\normaliz.dll
2007-02-26 16:51 60,516 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2007-02-26 16:51 49,246 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2007-02-26 16:51 165,990 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
2008-03-26 15:02 88 --sh--r c:\windows\system32\F6147F20BA.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-03-05_ 9.50.51.59 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-10-21 01:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
- 2005-10-21 01:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2005-10-21 00:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
- 2009-01-15 07:23:42 59,880 -c--a-w c:\windows\ie8\spuninst\iecustom.dll
+ 2009-03-08 18:23:50 58,464 -c--a-w c:\windows\ie8\spuninst\iecustom.dll
- 2008-10-13 18:55:34 231,456 -c--a-w c:\windows\ie8\spuninst\spuninst.exe
+ 2009-01-07 22:20:58 231,456 -c--a-w c:\windows\ie8\spuninst\spuninst.exe
- 2008-10-13 18:55:34 382,496 -c--a-w c:\windows\ie8\spuninst\updspapi.dll
+ 2009-01-07 22:21:02 382,496 -c--a-w c:\windows\ie8\spuninst\updspapi.dll
- 2008-11-07 15:22:07 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe
+ 2009-03-25 14:16:01 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe
- 2008-11-07 15:22:09 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat_3D.exe
+ 2009-03-25 14:16:05 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat_3D.exe
- 2008-11-07 15:22:08 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat_Standard.exe
+ 2009-03-25 14:16:04 295,606 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat_Standard.exe
- 2008-11-07 15:22:09 25,214 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Distiller.exe
+ 2009-03-25 14:16:04 25,214 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Distiller.exe
- 2008-11-07 15:22:08 7,278 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_ELEMENTS_DT.exe
+ 2009-03-25 14:16:04 7,278 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_ELEMENTS_DT.exe
- 2008-11-07 15:22:07 23,558 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
+ 2009-03-25 14:16:01 23,558 ----a-r c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe
- 2000-08-31 13:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 12:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
- 2000-08-31 13:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 12:00:00 161,792 ----a-w c:\windows\SWREG.exe
- 2009-01-15 07:03:12 128,512 ----a-w c:\windows\system32\advpack.dll
+ 2009-03-08 08:32:48 128,512 ----a-w c:\windows\system32\advpack.dll
- 2009-01-15 07:03:32 72,704 -c--a-w c:\windows\system32\dllcache\admparse.dll
+ 2009-03-08 08:32:56 72,704 -c--a-w c:\windows\system32\dllcache\admparse.dll
- 2009-01-15 07:03:12 128,512 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2009-03-08 08:32:48 128,512 -c--a-w c:\windows\system32\dllcache\advpack.dll
- 2009-01-15 07:04:28 18,944 -c--a-w c:\windows\system32\dllcache\corpol.dll
+ 2009-03-08 08:33:40 18,944 -c--a-w c:\windows\system32\dllcache\corpol.dll
- 2009-01-15 07:01:22 348,160 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2009-03-08 08:31:44 348,160 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2009-01-15 07:01:16 216,064 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2009-03-08 08:31:38 216,064 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
- 2009-01-15 06:53:40 68,608 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
+ 2009-03-08 08:24:28 68,608 -c--a-w c:\windows\system32\dllcache\hmmapi.dll
- 2009-01-15 07:03:28 172,544 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-03-08 08:32:54 173,056 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2009-01-15 07:03:42 125,952 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2009-03-08 08:33:02 125,952 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
- 2009-01-15 07:03:50 228,352 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2009-03-08 08:33:08 229,376 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
- 2009-01-15 07:03:20 163,840 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2009-03-08 08:32:52 163,840 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2009-01-15 07:17:22 392,040 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 18:09:26 391,536 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2009-01-15 07:01:52 183,808 -c--a-w c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 08:31:56 183,808 -c--a-w c:\windows\system32\dllcache\iepeers.dll
- 2009-01-15 07:03:14 55,808 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2009-03-08 08:32:50 55,808 -c--a-w c:\windows\system32\dllcache\iernonce.dll
- 2009-01-15 07:03:18 71,680 -c--a-w c:\windows\system32\dllcache\iesetup.dll
+ 2009-03-08 08:32:50 71,680 -c--a-w c:\windows\system32\dllcache\iesetup.dll
- 2009-01-15 07:17:22 636,264 -c--a-w c:\windows\system32\dllcache\iexplore.exe
+ 2009-03-08 18:09:26 638,816 -c--a-w c:\windows\system32\dllcache\iexplore.exe
- 2009-01-15 07:01:26 34,304 -c--a-w c:\windows\system32\dllcache\imgutil.dll
+ 2009-03-08 08:31:38 34,816 -c--a-w c:\windows\system32\dllcache\imgutil.dll
- 2009-01-15 07:03:14 94,720 -c--a-w c:\windows\system32\dllcache\inseng.dll
+ 2009-03-08 08:32:46 94,720 -c--a-w c:\windows\system32\dllcache\inseng.dll
- 2009-01-15 07:03:58 724,992 -c--a-w c:\windows\system32\dllcache\jscript.dll
+ 2009-03-08 08:33:16 726,528 -c--a-w c:\windows\system32\dllcache\jscript.dll
- 2009-01-15 07:04:16 25,600 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 08:33:26 25,600 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
- 2009-01-15 07:05:34 43,008 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
+ 2009-03-08 08:34:30 43,008 -c--a-w c:\windows\system32\dllcache\licmgr10.dll
- 2009-01-15 07:00:38 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe
+ 2009-03-08 08:31:02 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe
- 2009-01-15 07:13:18 5,888,512 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2009-03-08 08:41:16 5,937,152 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2009-01-15 07:01:06 66,560 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 08:31:26 66,560 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
- 2009-01-15 07:00:46 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll
+ 2009-03-08 08:31:18 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll
- 2009-01-15 06:50:38 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll
+ 2009-03-08 08:22:38 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll
- 2009-01-15 07:05:34 193,536 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2009-03-08 08:34:18 193,536 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2009-01-15 07:02:20 611,840 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 08:32:04 611,840 -c--a-w c:\windows\system32\dllcache\mstime.dll
- 2009-01-15 07:05:34 109,056 -c--a-w c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 08:34:18 109,568 -c--a-w c:\windows\system32\dllcache\occache.dll
- 2009-01-15 07:01:18 46,592 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2009-03-08 08:31:36 46,592 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-10-13 18:55:32 134,144 -c----w c:\windows\system32\dllcache\sqmapi.dll
+ 2009-01-07 22:20:54 134,144 -c----w c:\windows\system32\dllcache\sqmapi.dll
- 2009-01-15 07:06:00 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
+ 2009-03-08 08:34:28 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
- 2009-01-15 07:06:48 1,182,720 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2009-03-08 08:34:56 1,206,784 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2009-01-15 07:03:36 420,352 -c--a-w c:\windows\system32\dllcache\vbscript.dll
+ 2009-03-08 08:33:06 420,352 -c--a-w c:\windows\system32\dllcache\vbscript.dll
- 2009-01-15 07:04:56 755,200 -c--a-w c:\windows\system32\dllcache\VGX.dll
+ 2009-03-08 08:33:48 759,296 -c--a-w c:\windows\system32\dllcache\VGX.dll
- 2009-01-15 07:06:08 236,544 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2009-03-08 08:34:48 236,544 -c--a-w c:\windows\system32\dllcache\webcheck.dll
- 2009-01-15 07:05:42 911,872 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 08:34:58 914,944 -c--a-w c:\windows\system32\dllcache\wininet.dll
- 2009-01-15 07:01:22 348,160 ----a-w c:\windows\system32\dxtmsft.dll
+ 2009-03-08 08:31:44 348,160 ----a-w c:\windows\system32\dxtmsft.dll
- 2009-01-15 07:01:16 216,064 ----a-w c:\windows\system32\dxtrans.dll
+ 2009-03-08 08:31:38 216,064 ----a-w c:\windows\system32\dxtrans.dll
- 2009-01-15 07:01:40 59,904 ----a-w c:\windows\system32\icardie.dll
+ 2009-03-08 08:31:52 59,904 ----a-w c:\windows\system32\icardie.dll
- 2009-01-15 07:03:28 172,544 ----a-w c:\windows\system32\ie4uinit.exe
+ 2009-03-08 08:32:54 173,056 ----a-w c:\windows\system32\ie4uinit.exe
- 2009-01-15 07:03:42 125,952 ----a-w c:\windows\system32\ieakeng.dll
+ 2009-03-08 08:33:02 125,952 ----a-w c:\windows\system32\ieakeng.dll
- 2009-01-15 07:03:50 228,352 ----a-w c:\windows\system32\ieaksie.dll
+ 2009-03-08 08:33:08 229,376 ----a-w c:\windows\system32\ieaksie.dll
- 2009-01-15 07:03:20 163,840 ----a-w c:\windows\system32\ieakui.dll
+ 2009-03-08 08:32:52 163,840 ----a-w c:\windows\system32\ieakui.dll
- 2008-12-14 22:12:42 3,698,040 ----a-w c:\windows\system32\ieapfltr.dat
+ 2009-02-07 01:07:58 3,698,584 ----a-w c:\windows\system32\ieapfltr.dat
- 2009-01-15 06:35:10 445,440 ----a-w c:\windows\system32\ieapfltr.dll
+ 2009-03-08 08:11:12 445,952 ----a-w c:\windows\system32\ieapfltr.dll
- 2009-01-15 07:17:22 392,040 ----a-w c:\windows\system32\iedkcs32.dll
+ 2009-03-08 18:09:26 391,536 ----a-w c:\windows\system32\iedkcs32.dll
- 2009-01-15 07:12:12 10,963,968 ----a-w c:\windows\system32\ieframe.dll
+ 2009-03-08 08:39:48 11,063,808 ----a-w c:\windows\system32\ieframe.dll
- 2009-01-15 07:01:52 183,808 ----a-w c:\windows\system32\iepeers.dll
+ 2009-03-08 08:31:56 183,808 ----a-w c:\windows\system32\iepeers.dll
- 2009-01-15 07:03:14 55,808 ----a-w c:\windows\system32\iernonce.dll
+ 2009-03-08 08:32:50 55,808 ----a-w c:\windows\system32\iernonce.dll
- 2009-01-15 07:02:50 1,975,296 ----a-w c:\windows\system32\iertutil.dll
+ 2009-03-08 08:32:22 1,985,024 ----a-w c:\windows\system32\iertutil.dll
- 2009-01-15 07:03:18 36,864 ----a-w c:\windows\system32\ieudinit.exe
+ 2009-03-08 08:32:52 36,864 ----a-w c:\windows\system32\ieudinit.exe
- 2009-01-15 06:50:50 164,352 ----a-w c:\windows\system32\ieui.dll
+ 2009-03-08 08:22:46 164,352 ----a-w c:\windows\system32\ieui.dll
- 2009-01-15 07:03:14 94,720 ----a-w c:\windows\system32\inseng.dll
+ 2009-03-08 08:32:46 94,720 ----a-w c:\windows\system32\inseng.dll
- 2009-01-15 07:03:58 724,992 ----a-w c:\windows\system32\jscript.dll
+ 2009-03-08 08:33:16 726,528 ----a-w c:\windows\system32\jscript.dll
- 2009-01-15 07:04:16 25,600 ----a-w c:\windows\system32\jsproxy.dll
+ 2009-03-08 08:33:26 25,600 ----a-w c:\windows\system32\jsproxy.dll
+ 2009-02-03 02:07:18 240,544 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10b.exe
- 2009-01-27 15:20:40 89,102 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2009-03-24 14:33:25 88,590 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2009-01-15 07:02:40 593,920 ----a-w c:\windows\system32\msfeeds.dll
+ 2009-03-08 08:32:26 594,432 ----a-w c:\windows\system32\msfeeds.dll
- 2009-01-15 07:01:40 54,272 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 08:31:52 55,296 ----a-w c:\windows\system32\msfeedsbs.dll
- 2009-01-15 07:01:42 13,312 ----a-w c:\windows\system32\msfeedssync.exe
+ 2009-03-08 08:31:54 13,312 ----a-w c:\windows\system32\msfeedssync.exe
- 2009-01-15 07:13:18 5,888,512 ----a-w c:\windows\system32\mshtml.dll
+ 2009-03-08 08:41:16 5,937,152 ----a-w c:\windows\system32\mshtml.dll
- 2009-01-15 07:01:06 66,560 ----a-w c:\windows\system32\mshtmled.dll
+ 2009-03-08 08:31:26 66,560 ----a-w c:\windows\system32\mshtmled.dll
- 2009-01-15 07:05:34 193,536 ----a-w c:\windows\system32\msrating.dll
+ 2009-03-08 08:34:18 193,536 ----a-w c:\windows\system32\msrating.dll
- 2009-01-15 07:02:20 611,840 ----a-w c:\windows\system32\mstime.dll
+ 2009-03-08 08:32:04 611,840 ----a-w c:\windows\system32\mstime.dll
- 2009-01-15 07:05:34 109,056 ----a-w c:\windows\system32\occache.dll
+ 2009-03-08 08:34:18 109,568 ----a-w c:\windows\system32\occache.dll
- 2008-11-03 13:38:40 71,308 ------w c:\windows\system32\perfc009.dat
+ 2009-03-09 12:42:10 71,308 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-03 13:38:40 441,624 ------w c:\windows\system32\perfh009.dat
+ 2009-03-09 12:42:11 441,624 ----a-w c:\windows\system32\perfh009.dat
- 2009-01-15 07:01:18 46,592 ----a-w c:\windows\system32\pngfilt.dll
+ 2009-03-08 08:31:36 46,592 ----a-w c:\windows\system32\pngfilt.dll
- 2008-10-13 18:55:34 16,928 ------w c:\windows\system32\spmsg.dll
+ 2009-01-07 22:20:58 16,928 ------w c:\windows\system32\spmsg.dll
- 2009-01-15 07:06:00 105,984 ----a-w c:\windows\system32\url.dll
+ 2009-03-08 08:34:28 105,984 ----a-w c:\windows\system32\url.dll
- 2009-01-15 07:06:48 1,182,720 ----a-w c:\windows\system32\urlmon.dll
+ 2009-03-08 08:34:56 1,206,784 ----a-w c:\windows\system32\urlmon.dll
- 2009-01-15 07:06:08 236,544 ----a-w c:\windows\system32\webcheck.dll
+ 2009-03-08 08:34:48 236,544 ----a-w c:\windows\system32\webcheck.dll
- 2009-01-15 07:06:22 208,384 ----a-w c:\windows\system32\WinFXDocObj.exe
+ 2009-03-08 08:34:48 208,384 ----a-w c:\windows\system32\WinFXDocObj.exe
- 2008-10-13 18:55:36 121,856 ----a-w c:\windows\system32\xmllite.dll
+ 2009-01-07 22:21:04 121,856 ----a-w c:\windows\system32\xmllite.dll
+ 2009-03-27 19:46:11 16,384 ----atw c:\windows\temp\Perflib_Perfdata_114.dat
+ 2009-03-27 19:46:21 16,384 ----atw c:\windows\temp\Perflib_Perfdata_5b8.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"X1FileMonitor.exe"="c:\program files\X1\X1FileMonitor.exe" [2007-04-03 428544]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-14 68856]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-09-27 125168]
"ZENRC Tray Icon"="c:\windows\system32\zentray.exe" [2005-01-17 40960]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\qsb.exe" [2009-02-25 68592]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"NWTRAY"="NWTRAY.EXE" [2002-03-12 c:\windows\system32\nwtray.exe]
c:\documents and settings\rileygp\Start Menu\Programs\Startup\
X1.lnk - c:\program files\X1\X1.exe [2007-04-03 4964352]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"CompatibleRUPSecurity"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceActiveDestopOn"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{EC654325-1273-C2A9-2B7C-45A29BCE2FBD}"= "c:\program files\Stardock\Fences\DesktopDock.dll" [2009-02-04 513384]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{763370C4-268E-4308-A60C-D8DA0342BE32}"= "c:\program files\Novell\ZENworks\NalShell.dll" [2006-08-24 446464]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NetIdentity Notification]
2006-05-02 10:17 24576 c:\windows\system32\Novell\xtnotify.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\
0Partizan
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwv1_0
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GroupWise Notify.lnk]
backup=c:\windows\pss\GroupWise Notify.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HOTSYNCSHORTCUTNAME.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SideWindow.lnk]
backup=c:\windows\pss\SideWindow.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^rileygp^Start Menu^Programs^Startup^palmOne Registration.lnk]
backup=c:\windows\pss\palmOne Registration.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^rileygp^Start Menu^Programs^Startup^Shortcut to operator.lnk]
backup=c:\windows\pss\Shortcut to operator.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^rileygp^Start Menu^Programs^Startup^X1 System Tray.lnk]
backup=c:\windows\pss\X1 System Tray.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^rileygp^Start Menu^Programs^Startup^X1.lnk]
backup=c:\windows\pss\X1.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-10-14 22:38 623992 c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
--a------ 2008-11-07 11:13 2356088 c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Check Version]
--a------ 1999-10-12 05:50 47888 c:\program files\IBM\Client Access\cwbckver.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Help Update]
--a------ 1999-10-12 05:50 15632 c:\program files\IBM\Client Access\cwbinhlp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Client Access Service]
--a------ 1999-10-12 05:50 6928 c:\program files\IBM\Client Access\cwbsvstr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
--a------ 2007-10-30 19:52 16200 c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--------- 2004-08-04 06:00 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--------- 2005-12-09 21:29 49152 c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-09-03 10:38 133104 c:\documents and settings\rileygp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
--a------ 2006-11-13 13:39 1289000 c:\program files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 02:41 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--------- 2006-03-23 20:13 77824 c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
--------- 2006-03-23 20:17 118784 c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
--------- 2006-03-23 20:17 94208 c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDPS]
--------- 2004-05-17 14:27 32859 c:\windows\system32\dpmw32.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDDM]
--a------ 2005-08-09 15:16 394816 c:\program files\PatchLink\Update Agent\pddm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProxyHostTrayIcon]
--a------ 2002-07-05 14:42 87696 c:\program files\Funk Software\Proxy Host\PhTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 23:37 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 2004-10-14 14:42 1404928 c:\program files\Analog Devices\Core\smax4pnp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2008-03-14 13:38 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\X1FileMonitor.exe]
--a------ 2007-04-03 18:08 428544 c:\program files\X1\X1FileMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bcmwltry]
--------- 2003-07-17 16:40 483328 c:\windows\system32\bcmwltry.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Removecpl]
--------- 2003-01-16 11:33 24576 c:\windows\system32\RemoveCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpmw32.exe"=
"c:\\WINDOWS\\clntrust.exe"=
"x:\\LogMeInIgnition\\LMIIgnition.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R2 BlankScr;HBDevice;c:\windows\system32\drivers\blankscr.sys [2005-01-17 6899]
R2 Remote Management Agent;Novell ZENworks Remote Management Agent;c:\program files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe [2006-08-17 167936]
R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2006-09-27 116464]
R2 TSCensus Collection Client;ZENworks Asset Management - Collection Client;c:\program files\Novell\ZENworks\Asset Management\Bin\CClientSvc.exe [2008-03-26 49152]
R2 WNTHW;WNTHW;c:\windows\system32\drivers\WNTHW.SYS [2008-03-26 9176]
R2 XTAgent;Novell XTier Agent Services;c:\windows\system32\Novell\xtagent.exe [2006-05-02 61440]
R3 Darpan;Darpan;c:\windows\system32\drivers\Darpan.sys [2005-01-10 2773]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-03-13 101936]
R3 PhPortVK;Proxy Host Keyboard Driver Filter;c:\windows\system32\drivers\PhPortVK.sys [2007-02-26 4089]
R3 ProxyHostKeyboardPort;Proxy Host Keyboard Port;c:\windows\system32\drivers\PhPort2K_Kbd.sys [2005-07-22 3993]
R3 ProxyHostMousePort;Proxy Host Mouse Port;c:\windows\system32\drivers\PhPort2K_Mou.sys [2005-07-22 3993]
S2 gupdate1c90e03a9ba7b12;Google Update Service (gupdate1c90e03a9ba7b12);c:\program files\Google\Update\GoogleUpdate.exe [2008-09-03 133104]
S3 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2009-03-17 34760]
S3 SideWnd;SideWnd;c:\windows\system32\drivers\innvmini.sys [2005-09-29 4480]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{104356ec-438d-11dd-b06d-001aa0a9d903}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2cef5e3d-f43a-11dc-affe-001aa0a9d903}]
\Shell\AutoRun\command - a2h2.com
\Shell\open\Command - a2h2.com
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-02-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
2009-03-27 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-09-03 10:38]
2009-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1669680417-841367934-745497630-1017.job
- c:\documents and settings\rileygp\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 10:38]
2009-03-27 c:\windows\Tasks\User_Feed_Synchronization-{F80233CC-819A-40DD-9C00-E709468CFB72}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 04:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = 127.0.0.7;mrmc_iis;webnt;PB_EIW_SERVER;intranet.mclaren.org;Portal.Mclaren.org;172.16.*;pcnlrh.mclaren.org;pcn.mclaren.org;mhcc-db3.mclaren.org;tms.phns.com;pcncm-mhcc.phns.com;my.phns.com;portal.phns.com;10.2.*;10.10.*;remotefnt.phns.com;vcm.phns.com;vsssecure.phns.com;mhcc-omega.mclaren.org;*.smsrsm.com;*.bhsnet.org;*.smshealthconx.net;*-pacs*.mclaren.org;*.?rmcmswshsm1.mclaren.org;<local>
uInternet Settings,ProxyServer = 172.16.32.103:80
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\rileygp\Application Data\Mozilla\Firefox\Profiles\z5ha0u0z.default\
FF - component: c:\documents and settings\rileygp\Application Data\Mozilla\Firefox\Profiles\z5ha0u0z.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\documents and settings\rileygp\Application Data\Mozilla\Firefox\Profiles\z5ha0u0z.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\documents and settings\rileygp\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\progra~1\palmOne\PACKAG~1\NPInstal.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: x:\firefoxportable\App\firefox\plugins\np32dsw.dll
FF - plugin: x:\firefoxportable\App\firefox\plugins\npdeploytk.dll
FF - plugin: x:\firefoxportable\App\firefox\plugins\npnul32.dll
FF - plugin: x:\firefoxportable\App\firefox\plugins\nppdf32.dll
FF - plugin: x:\firefoxportable\App\firefox\plugins\npRACtrl.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.closed", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.document", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.frames", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.history", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.length", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.opener", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.parent", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.self", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.top", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.default.Window.window", "allAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-03-27 15:47:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Iomega Activity Disk2]
"ImagePath"="\"\""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(700)
c:\program files\Novell\ZENworks\ZENPOL32.DLL
c:\windows\system32\xmlparse.dll
c:\program files\Novell\ZENworks\WMNTAPI.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Novell\ZENworks\NALNTSRV.EXE
c:\program files\PatchLink\Update Agent\GravitixService.exe
c:\windows\system32\PSIService.exe
c:\windows\system32\snmp.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\program files\Novell\ZENworks\Asset Management\Bin\cclient.exe
c:\program files\Novell\ZENworks\WM.EXE
c:\program files\Funk Software\Proxy Host\Ph32Svc.exe
c:\progra~1\Novell\ZENworks\NALWIN32.EXE
c:\program files\Novell\ZENworks\NalWin.exe
c:\windows\clntrust.exe
c:\program files\Novell\ZENworks\NalAgent.exe
c:\program files\Novell\ZENworks\Asset Management\Bin\TSUsage32.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\X1\X1Systray.exe
c:\program files\X1\X1Service.exe
.
**************************************************************************
.
Completion time: 2009-03-27 15:55:40 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-27 19:55:37
ComboFix2.txt 2009-03-05 14:51:59
Pre-Run: 48,886,689,792 bytes free
Post-Run: 49,003,335,680 bytes free
489
_____________
Malwarebytes' Anti-Malware 1.35
Database version: 1906
Windows 5.1.2600 Service Pack 2
3/27/2009 4:09:39 PM
mbam-log-2009-03-27 (16-09-39).txt
Scan type: Quick Scan
Objects scanned: 82858
Time elapsed: 5 minute(s), 14 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
This topic is locked
Back to top
