ComboFix 08-12-01.03 - User 2008-12-03 12:47:12.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.1061 [GMT 1:00] Running from: d:\softver\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . D:\resycled d:\resycled\boot.com F:\Autorun.inf F:\resycled . ((((((((((((((((((((((((( Files Created from 2008-11-03 to 2008-12-03 ))))))))))))))))))))))))))))))) . 2008-12-03 12:13 . 2007-01-17 15:25 12,198,287 --a------ c:\windows\SUYINUSB20PCCam_v5.7.16.000-1.3_WHQL.exe 2008-12-03 12:13 . 2007-01-17 15:27 4,251,317 --a------ c:\windows\SUYINVideoClassCam_v5.7.19.0-1.0_WHQL.exe 2008-12-03 12:13 . 2007-01-17 14:42 106,496 --a------ c:\windows\DetectHWID.exe 2008-12-03 12:11 . 2008-12-03 12:11 d-------- c:\users\Nebojsa\AppData\Roaming\InstallShield 2008-12-03 10:38 . 2008-12-03 10:38 d-------- c:\windows\BUVC_AP 2008-12-03 10:21 . 2008-12-03 10:21 d-------- c:\program files\Rainbow Technologies 2008-12-03 10:18 . 1998-10-29 15:45 306,688 --a------ c:\windows\IsUninst.exe 2008-12-03 10:17 . 2008-12-03 10:17 d-------- c:\program files\Microsoft SQL Server 2008-12-02 16:09 . 2008-12-02 16:09 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-12-02 12:37 . 2008-12-02 12:37 d-------- c:\users\All Users\Adobe Systems 2008-12-02 12:37 . 2008-12-02 12:37 d-------- c:\programdata\Adobe Systems 2008-12-02 12:36 . 2008-12-02 12:36 d-------- c:\program files\Common Files\Adobe Systems Shared 2008-12-02 11:26 . 2008-12-02 11:26 d-------- c:\users\Nebojsa\AppData\Roaming\Malwarebytes 2008-12-02 11:26 . 2008-12-02 11:26 d-------- c:\users\All Users\Malwarebytes 2008-12-02 11:26 . 2008-12-02 11:26 d-------- c:\programdata\Malwarebytes 2008-12-02 11:26 . 2008-12-02 11:26 d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-02 11:26 . 2008-10-22 16:10 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2008-12-02 11:26 . 2008-10-22 16:10 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2008-12-01 20:06 . 2008-12-01 20:06 d-------- c:\program files\F3DViewer 2008-12-01 20:06 . 1999-12-17 09:13 86,016 --a------ c:\windows\unvise32.exe 2008-12-01 19:17 . 2008-12-01 19:17 d-------- c:\program files\Common Files\Adobe AIR 2008-12-01 19:07 . 2008-12-01 19:10 d-------- c:\program files\Eusing Free Registry Cleaner 2008-12-01 18:54 . 2008-12-01 18:54 d-------- c:\users\All Users\ALM 2008-12-01 18:54 . 2008-12-01 18:54 d-------- c:\programdata\ALM 2008-12-01 18:53 . 2008-12-02 12:16 d-------- c:\users\All Users\Adobe 2008-12-01 18:49 . 2008-12-01 18:49 d-------- c:\program files\Bonjour 2008-11-30 22:11 . 2008-11-30 22:28 d-------- C:\YuRecnik 2008-11-30 12:36 . 2008-05-27 06:17 6,103,040 --a------ c:\windows\System32\chtbrkr.dll 2008-11-30 12:36 . 2008-05-27 06:21 1,582,592 --a------ c:\windows\System32\tquery.dll 2008-11-30 12:36 . 2008-05-27 06:21 1,418,240 --a------ c:\windows\System32\mssrch.dll 2008-11-30 12:36 . 2008-05-27 06:18 670,208 --a------ c:\windows\System32\mssvp.dll 2008-11-30 12:36 . 2008-05-27 06:18 439,808 --a------ c:\windows\System32\SearchIndexer.exe 2008-11-30 12:36 . 2008-05-27 06:18 350,208 --a------ c:\windows\System32\mssph.dll 2008-11-30 12:36 . 2008-05-27 06:18 203,776 --a------ c:\windows\System32\mssphtb.dll 2008-11-30 12:36 . 2008-05-27 06:18 184,832 --a------ c:\windows\System32\SearchProtocolHost.exe 2008-11-30 12:16 . 2008-04-26 09:26 891,448 --a------ c:\windows\System32\drivers\tcpip.sys 2008-11-30 12:16 . 2008-04-12 04:32 784,896 --a------ c:\windows\System32\rpcrt4.dll 2008-11-30 12:16 . 2008-04-05 02:21 72,192 --a------ c:\windows\System32\drivers\pacer.sys 2008-11-30 12:16 . 2008-04-05 04:34 15,360 --a------ c:\windows\System32\pacerprf.dll 2008-11-30 01:10 . 2008-12-03 12:45 d-------- c:\users\Nebojsa\AppData\Roaming\uTorrent 2008-11-30 01:10 . 2008-11-30 01:10 d-------- c:\program files\uTorrent 2008-11-29 23:05 . 2008-12-03 07:38 25,337 --a------ c:\users\Nebojsa\AppData\Roaming\nvModes.dat 2008-11-29 23:04 . 2008-11-29 23:04 d-------- c:\users\All Users\NVIDIA 2008-11-29 23:04 . 2008-11-29 23:04 d-------- c:\programdata\NVIDIA 2008-11-29 23:02 . 2008-11-29 23:02 d-------- c:\program files\ffdshow 2008-11-29 23:02 . 2008-05-04 12:28 60,273 --a------ c:\windows\System32\pthreadGC2.dll 2008-11-29 23:02 . 2008-05-04 12:28 7,680 --a------ c:\windows\System32\ff_vfw.dll 2008-11-29 23:02 . 2008-05-04 12:28 6,144 --a------ c:\windows\System32\ff_acm.acm 2008-11-29 23:02 . 2008-05-04 12:28 547 --a------ c:\windows\System32\ff_vfw.dll.manifest 2008-11-29 21:14 . 2008-11-29 13:35 d-------- c:\windows\Panther 2008-11-29 21:13 . 2008-11-29 21:13 d-------- c:\windows\System32\OEM 2008-11-29 21:13 . 2007-02-21 14:56 36 -ra------ c:\windows\DELL_VERSION 2008-11-29 20:49 . 2008-12-03 00:13 d-------- C:\Windows.old 2008-11-29 20:25 . 2008-11-29 19:57 152,576 --a------ c:\windows\System32\SPWizUI.dll 2008-11-29 20:25 . 2008-11-29 19:57 47,560 --a------ c:\windows\System32\SPReview.exe 2008-11-29 20:06 . 2008-01-18 23:33 599,552 --a------ c:\windows\System32\vsp1cln.exe 2008-11-29 20:06 . 2008-01-18 23:33 193,024 --a------ c:\windows\System32\recdisc.exe 2008-11-29 20:06 . 2008-01-18 23:36 6,656 --a------ c:\windows\System32\sdspres.dll 2008-11-29 20:04 . 2008-01-18 23:33 5,714,432 --a------ c:\windows\System32\logon.scr 2008-11-29 20:03 . 2008-01-18 23:38 4,595,712 --a------ c:\windows\System32\AuthFWSnapin.dll 2008-11-29 20:01 . 2008-01-18 23:36 2,588,160 --a------ c:\windows\System32\UIHub.dll 2008-11-29 19:58 . 2008-01-18 23:33 44,032 --a------ c:\windows\System32\cbsra.exe 2008-11-29 19:57 . 2008-11-29 20:26 196,608 --a------ c:\windows\SPInstall.etl 2008-11-29 19:33 . 2008-11-29 19:38 d-------- c:\users\All Users\FLEXnet 2008-11-29 19:33 . 2008-11-29 19:38 d-------- c:\programdata\FLEXnet 2008-11-29 19:19 . 2008-11-29 19:19 d-------- c:\program files\Common Files\Macrovision Shared 2008-11-29 19:12 . 2008-12-02 12:21 d-------- c:\program files\Common Files\Adobe 2008-11-29 19:07 . 2008-11-29 19:07 d-------- c:\program files\Softland 2008-11-29 19:07 . 2008-10-08 13:43 20,120 --a------ c:\windows\System32\dopdfmn6.dll 2008-11-29 19:07 . 2008-10-08 13:43 18,072 --a------ c:\windows\System32\dopdfmi6.dll 2008-11-29 19:07 . 2008-09-08 12:44 7,481 --a------ c:\windows\System32\dopdf6.ctm 2008-11-29 19:05 . 2008-11-29 19:05 d-------- c:\program files\The KMPlayer 2008-11-29 18:14 . 2008-11-29 18:14 361,984 --a------ c:\windows\System32\IPSECSVC.DLL 2008-11-29 18:14 . 2008-11-29 18:14 272,896 --a------ c:\windows\System32\polstore.dll 2008-11-29 18:14 . 2008-11-29 18:14 61,440 --a------ c:\windows\System32\winipsec.dll 2008-11-29 18:14 . 2008-11-29 18:14 28,672 --a------ c:\windows\System32\FwRemoteSvr.dll 2008-11-29 18:13 . 2008-11-29 18:13 1,820 --a------ c:\windows\System32\rasctrnm.h 2008-11-29 18:12 . 2008-11-29 18:12 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll 2008-11-29 18:12 . 2008-11-29 18:12 160,768 --a------ c:\windows\System32\PortableDeviceTypes.dll 2008-11-29 18:12 . 2008-11-29 18:12 94,720 --a------ c:\windows\System32\PortableDeviceClassExtension.dll 2008-11-29 18:11 . 2008-11-29 18:11 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll 2008-11-29 18:11 . 2008-11-29 18:11 1,695,744 --a------ c:\windows\System32\gameux.dll 2008-11-29 18:11 . 2008-11-29 18:11 28,160 --a------ c:\windows\System32\Apphlpdm.dll 2008-11-29 18:05 . 2008-11-29 18:05 428,544 --a------ c:\windows\System32\EncDec.dll 2008-11-29 18:05 . 2008-11-29 18:05 293,376 --a------ c:\windows\System32\psisdecd.dll 2008-11-29 18:05 . 2008-11-29 18:05 217,088 --a------ c:\windows\System32\psisrndr.ax 2008-11-29 18:05 . 2008-11-29 18:05 177,664 --a------ c:\windows\System32\mpg2splt.ax 2008-11-29 18:05 . 2008-11-29 18:05 80,896 --a------ c:\windows\System32\MSNP.ax 2008-11-29 18:05 . 2008-11-29 18:05 69,632 --a------ c:\windows\System32\Mpeg2Data.ax 2008-11-29 18:05 . 2008-11-29 18:05 57,856 --a------ c:\windows\System32\MSDvbNP.ax 2008-11-29 17:58 . 2008-11-29 17:58 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys 2008-11-29 17:57 . 2008-11-29 17:57 2,048 --a------ c:\windows\System32\tzres.dll 2008-11-29 17:56 . 2008-11-29 17:56 197 --a------ c:\windows\System32\MRT.INI 2008-11-29 17:54 . 2008-11-29 17:54 303,616 --a------ c:\windows\System32\wmpeffects.dll 2008-11-29 17:53 . 2008-11-29 17:53 2,032,640 --a------ c:\windows\System32\win32k.sys 2008-11-29 17:52 . 2008-11-29 17:52 1,191,936 --a------ c:\windows\System32\msxml3.dll 2008-11-29 17:52 . 2008-11-29 17:52 2,048 --a------ c:\windows\System32\msxml3r.dll 2008-11-29 17:48 . 2007-11-17 23:22 3,636 --a------ c:\windows\System32\drivers\nvphy.bin 2008-11-29 17:36 . 2008-11-29 17:36 9,847,296 --a------ c:\windows\System32\NlsData000a.dll 2008-11-29 17:33 . 2008-11-29 17:33 988,216 --a------ c:\windows\System32\winload.exe 2008-11-29 17:33 . 2008-11-29 17:33 927,288 --a------ c:\windows\System32\winresume.exe 2008-11-29 17:33 . 2008-11-29 17:33 615,992 --a------ c:\windows\System32\ci.dll 2008-11-29 17:33 . 2008-11-29 17:33 378,368 --a------ c:\windows\System32\srcore.dll 2008-11-29 17:33 . 2008-11-29 17:33 318,464 --a------ c:\windows\System32\rstrui.exe 2008-11-29 17:33 . 2008-11-29 17:33 46,592 --a------ c:\windows\System32\setbcdlocale.dll 2008-11-29 17:33 . 2008-11-29 17:33 40,960 --a------ c:\windows\System32\srclient.dll 2008-11-29 17:33 . 2008-11-29 17:33 19,000 --a------ c:\windows\System32\kd1394.dll 2008-11-29 17:33 . 2008-11-29 17:33 14,848 --a------ c:\windows\System32\srdelayed.exe 2008-11-29 17:33 . 2008-11-29 17:33 6,656 --a------ c:\windows\System32\kbd106n.dll 2008-11-29 17:30 . 2008-11-29 17:30 288,768 --a------ c:\windows\System32\drivers\srv.sys 2008-11-29 17:29 . 2008-11-29 17:29 295,936 --a------ c:\windows\System32\gdi32.dll 2008-11-29 17:28 . 2008-11-29 17:28 712,704 --a------ c:\windows\System32\WindowsCodecs.dll 2008-11-29 17:28 . 2008-11-29 17:28 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll 2008-11-29 17:27 . 2008-11-29 17:27 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll 2008-11-29 17:25 . 2008-11-29 17:25 443,392 --a------ c:\windows\System32\win32spl.dll 2008-11-29 17:25 . 2008-11-29 17:25 113,664 --a------ c:\windows\System32\drivers\rmcast.sys 2008-11-29 17:25 . 2008-11-29 17:25 37,888 --a------ c:\windows\System32\printcom.dll 2008-11-29 17:25 . 2008-11-29 17:25 14,848 --a------ c:\windows\System32\wshrm.dll 2008-11-29 17:22 . 2008-11-29 17:22 738,304 --a------ c:\windows\System32\inetcomm.dll 2008-11-29 17:22 . 2008-11-29 17:22 84,480 --a------ c:\windows\System32\INETRES.dll 2008-11-29 17:21 . 2008-11-29 17:21 1,645,568 --a------ c:\windows\System32\connect.dll 2008-11-29 17:20 . 2008-11-29 17:20 1,314,816 --a------ c:\windows\System32\quartz.dll 2008-11-29 17:18 . 2008-11-29 17:18 3,601,464 --a------ c:\windows\System32\ntkrnlpa.exe 2008-11-29 17:18 . 2008-11-29 17:18 3,549,240 --a------ c:\windows\System32\ntoskrnl.exe 2008-11-29 17:18 . 2008-11-29 17:18 1,334,272 --a------ c:\windows\System32\msxml6.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-29 20:10 174 --sha-w c:\program files\desktop.ini 2008-11-29 19:59 --------- d-----w c:\program files\Windows Sidebar 2008-11-29 19:59 --------- d-----w c:\program files\Windows Photo Gallery 2008-11-29 19:59 --------- d-----w c:\program files\Windows Mail 2008-11-29 19:59 --------- d-----w c:\program files\Windows Journal 2008-11-29 19:59 --------- d-----w c:\program files\Windows Defender 2008-11-29 19:59 --------- d-----w c:\program files\Windows Collaboration 2008-11-29 19:59 --------- d-----w c:\program files\Windows Calendar 2008-11-29 19:34 82,432 ----a-w c:\windows\System32\axaltocm.dll 2008-11-29 19:34 101,888 ----a-w c:\windows\System32\ifxcardm.dll 2008-11-29 17:11 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-11-29 17:11 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-11-29 17:11 2,560 ----a-w c:\windows\AppPatch\AcRes.dll 2008-11-29 17:11 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-11-29 17:11 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-11-29 16:36 801,280 ----a-w c:\windows\System32\NaturalLanguage6.dll 2008-10-03 13:14 39,984 ----a-w c:\windows\system32\drivers\symids.sys 2008-10-03 13:14 37,936 ----a-w c:\windows\system32\drivers\symndisv.sys 2008-10-03 13:14 27,696 ----a-w c:\windows\system32\drivers\symredrv.sys 2008-10-03 13:14 187,952 ----a-w c:\windows\system32\drivers\symtdi.sys 2008-10-03 13:14 146,096 ----a-w c:\windows\system32\drivers\symfw.sys 2008-10-03 13:14 12,848 ----a-w c:\windows\system32\drivers\symdns.sys 2008-10-03 13:14 10,804 ----a-w c:\windows\system32\drivers\SymRedir.cat 2008-10-03 13:14 1,358 ----a-w c:\windows\system32\drivers\SymRedir.inf 2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll 2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-18 1233920] "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-11-05 4347120] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-02-05 90191] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-05 7770112] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-05 81920] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 c:\windows\RtHDVCpl.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.avis"= ff_acm.acm "SENTINEL"= snti386.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{093CC53D-2708-4134-94BF-56BF8E0A3557}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{00A0C4DE-EEBF-4F77-9CC0-97FC1B6B5B8B}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{C308389E-B366-45B4-BB77-BC3FA8DA751D}"= c:\program files\Skype\Phone\Skype.exe:Skype "{9E6BB1F8-319D-478F-B995-01AA1448B424}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{553F3B13-C6D5-4904-BB11-C5862767A946}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R1 IDSvix86;Symantec Intrusion Prevention Driver;\??\c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20081201.002\IDSvix86.sys [2008-12-03 270384] R2 MSSQL$ARTIOSCADDB;MSSQL$ARTIOSCADDB;c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlservr.exe -sARTIOSCADDB [] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-11-29 99376] R3 SYMNDISV;SYMNDISV;c:\windows\system32\Drivers\SYMNDISV.SYS [2008-10-03 37936] S2 WUSB54GR;WUSB54GR;"c:\program files\Wireless-G USB Network Adapter with RangeBooster\WLService.exe" "WUSB54GR.exe" [2008-11-29 53307] S3 SQLAgent$ARTIOSCADDB;SQLAgent$ARTIOSCADDB;c:\program files\Microsoft SQL Server\MSSQL$ARTIOSCADDB\Binn\sqlagent.EXE -i ARTIOSCADDB [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] \shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com k: \shell\Open\command - resycled\boot.com k: [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] \shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com k: \shell\Open\command - resycled\boot.com k: [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58c7b93c-be16-11dd-b498-0018f827991d}] \shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com k: \shell\Open\command - resycled\boot.com k: *Newly Created Service* - CATCHME *Newly Created Service* - COMHOST *Newly Created Service* - PROCEXP90 . Contents of the 'Scheduled Tasks' folder 2008-12-01 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Nebojsa.job - c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 03:09] . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-03 12:52:21 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-12-03 12:55:30 ComboFix-quarantined-files.txt 2008-12-03 11:55:25 Pre-Run: 28,769,398,784 bytes free Post-Run: 28,740,907,008 bytes free 250 --- E O F --- 2008-12-02 09:37:59