Eummm sorry this is a bit long… my brother’s laptop, too many unnecessary background processes…
“khanfouseh” - 2007-06-07 22:44:16 Service Pack 2 NTFS
ComboFix 07-06-3B - Running from: "C:\Documents and Settings\khanfouseh\Desktop"
ADS removed - svchost.exe: deleted 68 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\nm
((((((((((((((((((((((((( Files Created from 2007-05-07 to 2007-06-07 )))))))))))))))))))))))))))))))
2007-06-06 18:40 20,480 --a------ C:\WINDOWS\system32\H@tKeysH@@k.DLL
2007-06-06 18:14 d-------- C:\DOCUME~1\KHANFO~1\APPLIC~1\Command & Conquer 3 Tiberium Wars
2007-06-05 20:57 95,872 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-06-05 20:57 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-06-05 20:57 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-06-05 20:57 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-06-05 20:57 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-06-05 20:57 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-06-05 20:57 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-06-05 20:57 d-------- C:\Program Files\Alwil Software
2007-06-05 01:33 d-------- C:\Program Files\SUPERAntiSpyware
2007-06-05 01:33 d-------- C:\DOCUME~1\KHANFO~1\APPLIC~1\SUPERAntiSpyware.com
2007-06-05 01:33 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-05-31 18:29 34,304 -rahs---- C:\WINDOWS\system32\taskmger.com
2007-05-30 19:41 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2007-05-30 19:40 d-------- C:\WINDOWS\system32\QuickTime
2007-05-30 19:37 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
2007-05-23 01:03 d-------- C:\Program Files\Common Files\xing shared
2007-05-23 01:03 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-05-23 01:02 d-------- C:\Program Files\Real
2007-05-23 01:02 d-------- C:\Program Files\Common Files\Real
2007-05-23 01:01 d-------- C:\DOCUME~1\KHANFO~1\APPLIC~1\Real
2007-05-18 01:15 9,464 --a------ C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-05-18 01:15 9,336 --a------ C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-05-18 01:15 129,784 --a------ C:\WINDOWS\system32\pxafs.dll
2007-05-18 00:05 d-------- C:\Program Files\Windows Media Connect 2
2007-05-17 22:12 d-------- C:\DOCUME~1\KHANFO~1\Shared
2007-05-17 22:11 d-------- C:\DOCUME~1\KHANFO~1\Incomplete
2007-05-17 22:10 d-------- C:\DOCUME~1\KHANFO~1\APPLIC~1\LimeWire
2007-05-17 22:09 d-------- C:\Program Files\LimeWire
2007-05-12 12:15 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-05-11 01:59 5,909,244 --a------ C:\WINDOWS\deftones.exe
2007-05-11 01:59 29,696 --a------ C:\WINDOWS\mickey32.dll
2007-05-11 01:59 239,968 --a------ C:\WINDOWS\deftones.scr
2007-05-10 20:30 359,120 --a------ C:\WINDOWS\WBDDB34I.DLL
2007-05-08 19:10 d-------- C:\Program Files\Windows Defender
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-06 15:03:34 -------- d–h–w C:\Program Files\InstallShield Installation Information
2007-06-05 12:30:55 96,256 ----a-w C:\WINDOWS\system32\drivers\sptd2381.sys
2007-05-30 16:41:24 -------- d-----w C:\Program Files\QuickTime
2007-05-22 23:40:11 -------- d-----w C:\DOCUME~1\KHANFO~1\APPLIC~1\Google
2007-05-22 22:03:18 -------- d-----w C:\Program Files\Google
2007-05-19 07:59:55 578 ----a-w C:\WINDOWS\eReg.dat
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-11 07:55:27 -------- d-----w C:\Program Files\Musicnotes
2007-04-07 11:56:09 -------- d-----w C:\Program Files\MSN Messenger
2007-04-06 06:49:07 592 ----a-w C:\WINDOWS\chgkey.vbs
2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:36:28 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys
2004-08-04 13:00:00 1,392,671 --sh–r C:\WINDOWS\system32\msvbvm60.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
Note empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 02:56]
{5CA3D70E-1895-11CF-8E15-001234567890}=C:\WINDOWS\system32\dla\tfswshx.dll [2005-01-14 04:05]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 00:48]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 20:33]
{955BE0B8-BC85-4CAF-856E-8E0D8B610560}=C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL [2005-06-04 06:30]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar1.dll [2007-05-23 01:03]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“Windows Defender”=“C:\Program Files\Windows Defender\MSASCui.exe” [2006-11-03 18:20]
“Tvs”=“C:\Program Files\Toshiba\Tvs\TvsTray.exe” [2004-11-12 20:57]
“TPSMain”=“TPSMain.exe” [2005-01-21 11:53 C:\WINDOWS\system32\TPSMain.exe]
“TPNF”=“C:\Program Files\TOSHIBA\TouchPad\TPTray.exe” [2004-11-30 00:06]
“TOSHIBA Accessibility”=“C:\Program Files\TOSHIBA\Accessibility\FnKeyHook.exe” [2004-12-08 00:24]
“TkBellExe”=“C:\Program Files\Common Files\Real\Update_OB\realsched.exe” [2007-05-23 01:02]
“TFncKy”=“TFncKy.exe”
“TCtryIOHook”=“TCtrlIOHook.exe” [2005-02-16 17:43 C:\WINDOWS\system32\TCtrlIOHook.exe]
“SVPWUTIL”=“C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe” [2005-02-25 18:59]
“Sony Ericsson PC Suite”=“C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” [2005-10-26 17:17]
“PadTouch”=“C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe” [2004-11-17 13:56]
“NDSTray.exe”=“NDSTray.exe”
“GrooveMonitor”=“C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe” [2006-10-27 00:47]
“DataLayer”=“C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe” [2005-03-31 09:30]
“CFSServ.exe”=“CFSServ.exe”
“CeEKEY”=“C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe” [2005-01-22 00:48]
“Apoint”=“C:\Program Files\Apoint2K\Apoint.exe” [2003-10-30 19:46]
“AGRSMMSG”=“AGRSMMSG.exe” [2004-10-28 17:37 C:\WINDOWS\agrsmmsg.exe]
“Adobe Photo Downloader”=“C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe” [2005-06-07 00:46]
“Zooming”=“ZoomingHook.exe” [2004-07-14 19:07 C:\WINDOWS\system32\ZoomingHook.exe]
“QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe” [2007-05-30 19:41]
“PCSuiteTrayApplication”=“C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe” [2005-03-22 09:39]
“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2007-04-30 18:42]
“Systry”=“C:\WINDOWS\system32\notepad.exe” [2004-08-04 16:00]
“userd”=“C:\WINDOWS\RECYCLER\systems.com”
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“TOSCDSPD”=“C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe” [2005-03-02 11:56]
“Tok-Cirrhatus-2454”=“C:\Documents and Settings\khanfouseh\Local Settings\Application Data\br5931on.exe”
“Tok-Cirrhatus”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 16:00]
“swg”=“C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe” [2007-05-23 01:03]
“MsnMsgr”=“C:\Program Files\MSN Messenger\MsnMsgr.exe” [2007-01-19 12:54]
“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 16:00]
“PcSync”=“C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe” [2005-04-20 09:57]
[HKEY_USERS.default\software\microsoft\windows\currentversion\run]
“DWQueuedReporting”=“C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” -t
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
“DisableCMD”=0 (0x0)
“NoFolderOptions”=1 (0x1)
“DisableTaskmgr”=1 (0x1)
“DisableRegistryTools”=1 (0x1)