ComboFix 07-08-14.4 - "TJ" 2007-08-15 23:19:45.2 - [color=red][b]FAT32[/b][/color]x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1031.18.277 [GMT 2:00] ((((((((((((((((((((((((( Files Created from 2007-07-15 to 2007-08-15 ))))))))))))))))))))))))))))))) 2007-08-15 21:54 d-------- C:\WINDOWS\LastGood 2007-08-15 21:54 d-------- C:\WINDOWS\BDOSCAN8 2007-08-15 17:38 d--hs---- C:\FOUND.000 2007-08-12 18:30 d-------- C:\DOKUME~1\TJ\ANWEND~1\SopCast 2007-08-10 23:07 d-------- C:\Programme\uTorrent 2007-08-10 23:07 d-------- C:\DOKUME~1\TJ\ANWEND~1\uTorrent 2007-08-10 22:24 d-------- C:\Programme\Tar98 2007-08-09 20:08 1 --a------ C:\WINDOWS\system32\ps.dat 2007-08-08 00:55 d-------- C:\Programme\Everest Poker 2007-08-02 22:08 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2007-08-02 22:08 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2007-08-02 22:08 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-08-02 22:08 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2007-08-02 22:08 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-08-02 22:08 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2007-08-02 22:07 783,224 --a------ C:\WINDOWS\system32\aswBoot.exe 2007-07-26 23:54 d-------- C:\DOKUME~1\TJ\ANWEND~1\eMule 2007-07-24 18:49 d-------- C:\DOKUME~1\TJ\ANWEND~1\.gaim 2007-07-24 01:11 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-23 18:25 14 --a------ C:\DOKUME~1\TJ\getfile.dat 2007-07-23 18:13 d---s---- C:\DOKUME~1\TJ\UserData 2007-07-22 20:30 d-------- C:\DOKUME~1\TJ\Shared 2007-07-20 19:35 d-------- C:\DOKUME~1\TJ\ANWEND~1\Help 2007-07-19 20:32 d-------- C:\DOKUME~1\TJ\ANWEND~1\Lavasoft 2007-07-19 01:38 d-------- C:\Programme\Media Player Classic 2007-07-19 01:38 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Apple Computer 2007-07-17 00:40 d-------- C:\Programme\Steam 2007-07-15 18:12 d-------- C:\WINDOWS\system32\DRVSTORE 2007-07-15 18:12 d-------- C:\DOKUME~1\TJ\Contacts (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-24 18:49 --------- d-------- C:\DOKUME~1\TJ\ANWEND~1\.gaim 2007-07-13 18:49 --------- d-------- C:\Programme\DigitalCAM 2007-07-13 17:13 --------- d-------- C:\Programme\Gemeinsame Dateien\SWF Studio 2007-07-10 19:57 --------- d-------- C:\Programme\InstallShield Installation Information 2007-07-09 23:40 --------- d--h----- C:\Programme\Zero G Registry 2007-07-09 01:40 --------- d-------- C:\DOKUME~1\TJ\ANWEND~1\SlySoft 2007-07-04 02:41 --------- d-------- C:\DOKUME~1\TJ\ANWEND~1\vlc 2007-07-04 02:41 --------- d-------- C:\DOKUME~1\TJ\ANWEND~1\dvdcss 2007-07-03 20:47 --------- d-------- C:\Programme\TGTSoft 2007-07-01 02:43 2323072 --a------ C:\WINDOWS\system32\TUKernel.exe 2007-06-29 23:17 --------- d-------- C:\DOKUME~1\TJ\ANWEND~1\Locktime 2007-06-29 04:35 8972 --a------ C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin 2007-06-29 04:35 2378 --a------ C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin 2007-06-29 02:26 --------- d-------- C:\Programme\Stardock 2007-06-29 01:37 --------- d-------- C:\DOKUME~1\TJ\ANWEND~1\Ahead 2007-06-29 01:36 --------- d-------- C:\Programme\Gemeinsame Dateien\Ahead 2007-06-28 04:41 --------- d-------- C:\DOKUME~1\TJ\ANWEND~1\TuneUp Software 2007-06-28 04:39 --------- d-------- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2007-06-27 04:05 --------- d-------- C:\DOKUME~1\TJ\ANWEND~1\Azureus 2007-06-27 03:57 370328 --a------ C:\jre-6u1-windows-i586-p-iftw.exe 2007-06-27 03:39 --------- d-------- C:\Programme\XviD 2007-06-27 03:29 --------- d-------- C:\Programme\C-Media 3D Audio 2007-06-27 03:24 --------- d-------- C:\Programme\xp-AntiSpy 2007-06-27 03:21 --------- d-------- C:\Programme\Alwil Software 2007-06-27 03:18 --------- d-------- C:\Programme\Gemeinsame Dateien\InstallShield 2007-06-27 03:07 0 -rahs---- C:\MSDOS.SYS 2007-06-27 03:07 0 -rahs---- C:\IO.SYS 2007-06-27 03:07 0 --a------ C:\CONFIG.SYS 2007-06-27 03:07 0 --a------ C:\AUTOEXEC.BAT 2007-06-27 03:07 --------- d-------- C:\Programme\microsoft frontpage 2007-06-27 03:05 --------- d--h----- C:\Programme\WindowsUpdate 2007-06-27 03:05 --------- d-------- C:\Programme\Online-Dienste 2007-06-27 03:04 --------- d-------- C:\Programme\Gemeinsame Dateien\MSSoap 2007-06-27 03:04 --------- d-------- C:\Programme\Gemeinsame Dateien\Dienste 2007-06-27 03:03 --------- d-------- C:\Programme\Movie Maker 2007-06-27 03:02 --------- d-------- C:\Programme\MSN Gaming Zone 2007-06-27 03:02 --------- d-------- C:\Programme\Messenger 2007-06-27 03:01 --------- d-------- C:\Programme\Windows NT 2007-06-27 02:54 --------- d-------- C:\Programme\Gemeinsame Dateien\SpeechEngines 2007-06-27 02:54 --------- d-------- C:\Programme\Gemeinsame Dateien\ODBC 2007-06-22 15:54 99904 --a------ C:\WINDOWS\system32\drivers\AnyDVD.sys 2007-06-20 23:08 93128 --a------ C:\WINDOWS\system32\ElbyCDIO.dll 2003-08-27 11:49 3424 --a------ C:\WINDOWS\inf\OTHER\cmiainfo.sys ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-03-09 15:29] "avast!"="d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03] "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 14:00] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD] "d:\Programme\SlySoft\AnyDVD\AnyDVD.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon] "D:\Programme\Softwin\BitDefender8\bdmcon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDNewsAgent] "D:\Programme\Softwin\BitDefender8\bdnagent.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] "D:\Programme\Steam\Steam.exe" -silent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_01\bin\jusched.exe" R2 UxTuneUp;TuneUp Designerweiterung;C:\WINDOWS\System32\svchost.exe -k netsvcs R3 FETNDIS;VIA PCI 10/100-MBit/s-Fast Ethernetadapter-NT-Treiber;C:\WINDOWS\system32\DRIVERS\fetnd5.sys HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp *Newly Created Service* - BDSS *Newly Created Service* - XCOMM Contents of the 'Scheduled Tasks' folder 2007-08-03 15:15:52 C:\WINDOWS\Tasks\1-Klick-Wartung.job - D:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At1.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 23:01:40 C:\WINDOWS\Tasks\At2.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-15 00:01:44 C:\WINDOWS\Tasks\At3.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-15 01:01:02 C:\WINDOWS\Tasks\At4.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 02:01:28 C:\WINDOWS\Tasks\At5.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 03:01:56 C:\WINDOWS\Tasks\At6.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At7.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At8.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At9.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At10.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At11.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At12.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 10:01:38 C:\WINDOWS\Tasks\At13.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At14.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 12:01:44 C:\WINDOWS\Tasks\At15.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At16.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At17.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:35:16 C:\WINDOWS\Tasks\At18.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-15 16:01:38 C:\WINDOWS\Tasks\At19.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-15 17:01:02 C:\WINDOWS\Tasks\At20.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-15 18:01:02 C:\WINDOWS\Tasks\At21.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-15 19:01:02 C:\WINDOWS\Tasks\At22.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-15 20:01:02 C:\WINDOWS\Tasks\At23.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-15 21:01:02 C:\WINDOWS\Tasks\At24.job - C:\WINDOWS\system32\CIlJ0HHA.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At25.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 23:00:02 C:\WINDOWS\Tasks\At26.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 00:00:02 C:\WINDOWS\Tasks\At27.job 2007-08-15 01:00:02 C:\WINDOWS\Tasks\At28.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At29.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 03:00:04 C:\WINDOWS\Tasks\At30.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At31.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At32.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At33.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At34.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At35.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At36.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:00:02 C:\WINDOWS\Tasks\At37.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At38.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 17:09:54 C:\WINDOWS\Tasks\At39.job 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At40.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:38 C:\WINDOWS\Tasks\At41.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 00:46:40 C:\WINDOWS\Tasks\At42.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:00:02 C:\WINDOWS\Tasks\At43.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 17:00:02 C:\WINDOWS\Tasks\At44.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:00:02 C:\WINDOWS\Tasks\At45.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 19:00:02 C:\WINDOWS\Tasks\At46.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 20:00:02 C:\WINDOWS\Tasks\At47.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 21:00:02 C:\WINDOWS\Tasks\At48.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At49.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 23:00:02 C:\WINDOWS\Tasks\At50.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 00:00:02 C:\WINDOWS\Tasks\At51.job 2007-08-15 01:00:02 C:\WINDOWS\Tasks\At52.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At53.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At54.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At55.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At56.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At57.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At58.job 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At59.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At60.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At61.job 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At62.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 17:09:56 C:\WINDOWS\Tasks\At63.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At64.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At65.job 2007-08-14 10:10:36 C:\WINDOWS\Tasks\At66.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:00:02 C:\WINDOWS\Tasks\At67.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 17:00:02 C:\WINDOWS\Tasks\At68.job 2007-08-15 18:00:02 C:\WINDOWS\Tasks\At69.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 19:00:02 C:\WINDOWS\Tasks\At70.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 20:00:02 C:\WINDOWS\Tasks\At71.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 21:00:02 C:\WINDOWS\Tasks\At72.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At73.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 23:01:40 C:\WINDOWS\Tasks\At74.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-15 00:01:44 C:\WINDOWS\Tasks\At75.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-15 01:01:02 C:\WINDOWS\Tasks\At76.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At77.job 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At78.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At79.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At80.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At81.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At82.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At83.job 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At84.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At85.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At86.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At87.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At88.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At89.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:38:50 C:\WINDOWS\Tasks\At90.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-15 16:01:38 C:\WINDOWS\Tasks\At91.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-15 17:01:02 C:\WINDOWS\Tasks\At92.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-15 18:01:02 C:\WINDOWS\Tasks\At93.job 2007-08-15 19:01:02 C:\WINDOWS\Tasks\At94.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-15 20:01:02 C:\WINDOWS\Tasks\At95.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-15 21:01:02 C:\WINDOWS\Tasks\At96.job - C:\WINDOWS\system32\mG8nDg5h.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At97.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 23:00:02 C:\WINDOWS\Tasks\At98.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 00:00:02 C:\WINDOWS\Tasks\At99.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 01:00:02 C:\WINDOWS\Tasks\At100.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At101.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At102.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At103.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At104.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At105.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At106.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At107.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At108.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At109.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At110.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At111.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At112.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At113.job - C:\WINDOWS\system32\winmds.exe 2007-08-14 20:49:54 C:\WINDOWS\Tasks\At114.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:00:02 C:\WINDOWS\Tasks\At115.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 17:00:02 C:\WINDOWS\Tasks\At116.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:00:02 C:\WINDOWS\Tasks\At117.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 19:00:02 C:\WINDOWS\Tasks\At118.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 20:00:02 C:\WINDOWS\Tasks\At119.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 21:00:02 C:\WINDOWS\Tasks\At120.job 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At121.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At122.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At123.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At124.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At125.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At126.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At127.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At128.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At129.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At130.job 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At131.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At132.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At133.job 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At134.job 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At135.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At136.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At137.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At138.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 16:10:34 C:\WINDOWS\Tasks\At139.job 2007-08-15 17:00:02 C:\WINDOWS\Tasks\At140.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:00:02 C:\WINDOWS\Tasks\At141.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 19:00:02 C:\WINDOWS\Tasks\At142.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 20:00:02 C:\WINDOWS\Tasks\At143.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 21:00:02 C:\WINDOWS\Tasks\At144.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At145.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At146.job 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At147.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At148.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At149.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At150.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At151.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At152.job 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At153.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At154.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At155.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At156.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At157.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At158.job 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At159.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At160.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At161.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At162.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At163.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At164.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 18:10:44 C:\WINDOWS\Tasks\At165.job 2007-08-15 19:00:02 C:\WINDOWS\Tasks\At166.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 20:00:02 C:\WINDOWS\Tasks\At167.job - C:\WINDOWS\system32\winmds.exe 2007-08-15 21:00:02 C:\WINDOWS\Tasks\At168.job - C:\WINDOWS\system32\winmds.exe ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-15 23:20:38 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-08-15 23:21:22 C:\ComboFix3.txt ... 2007-07-24 01:14 C:\ComboFix-quarantined-files.txt ... 2007-08-15 23:21 C:\ComboFix2.txt ... 2007-08-15 23:10 --- E O F ---