Thank you again for the help Broni,
I followed the instructions to the letter and the following is the log file from Combofix.
ComboFix 10-06-23.02 - DiveMaster Rob 06/23/2010 19:47:39.8.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1661 [GMT -10:00]
Running from: c:\documents and settings\DiveMaster Rob\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2010-05-24 to 2010-06-24 )))))))))))))))))))))))))))))))
.
2010-06-24 03:04 . 2010-06-24 03:04 -------- d-----w- c:\documents and settings\DiveMaster Rob\Application Data\Malwarebytes
2010-06-24 03:04 . 2010-04-30 01:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-24 03:04 . 2010-06-24 03:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-24 03:04 . 2010-06-24 03:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-24 03:04 . 2010-04-30 01:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-22 01:58 . 2010-06-22 01:58 -------- d-----w- c:\documents and settings\HelpAssistant\PrivacIE
2010-06-22 01:55 . 2010-06-22 02:11 -------- d-----w- c:\documents and settings\HelpAssistant\IECompatCache
2010-06-22 01:55 . 2010-06-22 01:55 -------- d-----w- c:\documents and settings\HelpAssistant\IETldCache
2010-06-15 18:39 . 2010-06-15 18:39 -------- d-----w- c:\documents and settings\DiveMaster Rob\Local Settings\Application Data\HP
2010-06-11 19:30 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-09 01:09 . 2010-06-09 01:09 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-06-09 01:08 . 2010-06-09 01:08 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-05-29 01:22 . 2008-03-28 20:07 20992 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\Convivea\Bit_Che\languages\compare.exe
2010-05-29 01:22 . 2010-05-29 01:22 -------- d-----w- c:\program files\Bit Che
2010-05-29 01:22 . 2010-05-29 01:22 -------- d-----w- c:\documents and settings\DiveMaster Rob\Application Data\Convivea
2010-05-29 01:22 . 2009-04-11 04:40 118784 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\Convivea\Bit_Che\scripts\x.exe
2010-05-29 01:22 . 2008-03-28 20:02 60928 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\Convivea\Bit_Che\scripts\update.exe
2010-05-29 01:22 . 2007-07-12 05:43 24557 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\Convivea\Bit_Che\scripts\special.exe
2010-05-29 01:22 . 2003-08-19 15:06 80896 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\Convivea\Bit_Che\scripts\x.dll
2010-05-27 08:10 . 2010-05-27 08:10 -------- d-----w- c:\documents and settings\All Users\Application Data\id Software
2010-05-27 05:29 . 2010-05-27 05:29 -------- d-----w- c:\program files\Haali
2010-05-27 05:29 . 2010-05-27 05:29 -------- d-----w- c:\program files\CoreCodec
2010-05-26 00:27 . 2010-05-26 00:28 -------- d-----w- c:\program files\Skypedelay
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-24 05:46 . 2009-06-21 21:18 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-06-24 05:46 . 2009-06-21 21:16 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2010-06-24 05:02 . 2007-08-07 21:45 163712 ----a-w- c:\windows\system32\drivers\vidstub.sys
2010-06-22 06:01 . 2007-06-17 19:05 -------- d-----w- c:\documents and settings\DiveMaster Rob\Application Data\uTorrent
2010-06-18 04:24 . 2009-06-21 21:49 -------- d-----w- c:\documents and settings\DiveMaster Rob\Application Data\Skype
2010-06-18 03:16 . 2009-06-21 21:50 -------- d-----w- c:\documents and settings\DiveMaster Rob\Application Data\skypePM
2010-06-17 23:49 . 2009-06-22 04:38 139336 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-17 23:49 . 2009-06-22 04:56 371776 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\id Software\quakelive\home\baseq3\cgamex86.dll
2010-06-17 23:49 . 2009-06-22 04:56 187456 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\id Software\quakelive\home\baseq3\uix86.dll
2010-06-17 23:48 . 2009-06-22 04:38 214720 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-17 23:48 . 2009-06-22 04:56 57344 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\id Software\quakelive\home\pb\pbag.dll
2010-06-17 23:48 . 2009-06-22 04:56 887448 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\id Software\quakelive\home\pb\pbcl.dll
2010-06-17 23:48 . 2009-06-22 04:56 2436160 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\id Software\quakelive\home\baseq3\quakelive.dll
2010-06-16 08:13 . 2007-06-17 17:41 61600 ----a-w- c:\windows\system32\nvModes.dat
2010-06-15 18:39 . 2010-05-24 22:38 -------- d-----w- c:\documents and settings\DiveMaster Rob\Application Data\HP
2010-06-14 04:43 . 2008-02-12 19:52 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-02 23:24 . 2007-06-17 19:49 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-02 06:02 . 2007-09-23 20:15 -------- d-----w- c:\documents and settings\DiveMaster Rob\Application Data\dvdcss
2010-05-28 23:05 . 2009-06-25 08:36 465984 ----a-w- c:\documents and settings\DiveMaster Rob\Application Data\id Software\quakelive\home\baseq3\qagamex86.dll
2010-05-27 08:13 . 2009-06-22 04:37 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-05-27 08:13 . 2009-06-22 04:37 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2010-05-27 05:24 . 2010-05-24 07:32 -------- d-----w- c:\program files\VistaCodecPack
2010-05-27 05:24 . 2010-05-24 07:32 -------- d-----w- c:\documents and settings\All Users\Application Data\VistaCodecs
2010-05-24 22:42 . 2010-05-24 22:42 -------- d-----w- c:\documents and settings\DiveMaster Rob\Application Data\HPAppData
2010-05-24 22:38 . 2007-06-17 17:36 69616 ----a-w- c:\documents and settings\DiveMaster Rob\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-24 22:38 . 2010-05-24 22:38 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2010-05-24 22:38 . 2010-05-24 22:32 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2010-05-24 22:38 . 2010-05-24 22:29 168023 ----a-w- c:\windows\hpoins37.dat
2010-05-24 22:36 . 2010-05-24 22:36 -------- d-----w- c:\program files\Yahoo!
2010-05-24 22:36 . 2010-05-24 22:36 -------- d-----w- c:\documents and settings\DiveMaster Rob\Application Data\Yahoo!
2010-05-24 22:36 . 2010-05-24 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-05-24 22:35 . 2010-05-24 22:30 -------- d-----w- c:\program files\HP
2010-05-24 22:34 . 2010-05-24 22:34 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2010-05-24 22:33 . 2010-05-24 22:33 -------- d-----w- c:\program files\Common Files\HP
2010-05-24 22:32 . 2010-05-24 22:32 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2010-05-24 06:00 . 2007-08-16 22:28 96384 ----a-w- c:\windows\system32\drivers\sptd7357.sys
2010-05-24 05:58 . 2007-06-17 17:29 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-24 04:27 . 2010-05-24 04:27 0 ----a-w- c:\windows\nsreg.dat
2010-05-24 03:37 . 2007-06-17 19:05 -------- d-----w- c:\program files\uTorrent
2010-05-06 10:41 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22 . 2008-03-06 19:35 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30 . 2004-08-04 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-13 23:03 . 2010-04-13 23:03 2373712 ----a-w- c:\documents and settings\All Users\Application Data\id Software\QuakeLive\pbsvc.exe
2010-03-31 10:16 . 2010-03-31 10:16 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-03-31 10:10 . 2010-03-31 10:10 295264 ----a-w- c:\windows\system32\PresentationHost.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-06-23_06.26.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-23 06:27 . 2010-06-23 06:27 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\f46915dfc57bc7e49c5402e9b8f7ec18\System.Windows.Presentation.ni.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-07-23 401408]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-07-23 385024]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-03-24 5525504]
"Dell QuickSet"="c:\program files\Dell\QuickSet\Quickset.exe" [2005-03-04 622592]
"UltraMon"="c:\program files\UltraMon\UltraMon.exe" [2006-10-13 304640]
"BootSkin Startup Jobs"="c:\progra~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" [2004-04-26 270336]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"nwiz"="nwiz.exe" [2005-03-24 1495040]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 69632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-04-02 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
c:\documents and settings\DiveMaster Rob\Start Menu\Programs\Startup\
MagicDisc.lnk.disabled [2008-11-9 652]
OneNote 2007 Screen Clipper and Launcher.lnk.disabled [2008-1-14 947]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk.disabled [2010-5-24 1849]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-21 809488]
VPN Client.lnk - c:\windows\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico [2008-2-16 6144]
Windows Desktop Search.lnk.disabled [2008-9-9 1781]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2005-07-23 03:46 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-11-07 21:41 72208 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"swg"=c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"<NO NAME>"=
"RegistryMechanic"=
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe"
"BJCFD"=c:\program files\BroadJump\Client Foundation\CFD.exe
"nwiz"=nwiz.exe /installquiet
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" /hide
"EPSON Stylus CX6600 Series"=c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\IES\\VisualAnalysis 5.5 Package\\VisualAnalysis55.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"52996:UDP"= 52996:UDP:utorrent
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"9167:TCP"= 9167:TCP:Services
"9168:TCP"= 9168:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"2649:TCP"= 2649:TCP:Services
"3798:TCP"= 3798:TCP:Services
"8351:TCP"= 8351:TCP:Services
"8352:TCP"= 8352:TCP:Services
"2164:TCP"= 2164:TCP:Services
"2828:TCP"= 2828:TCP:Services
R1 DhaHelper;DhaHelper;c:\windows\system32\drivers\dhahelper.sys [12/11/2007 9:58 AM 7168]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [6/21/2009 11:24 AM 10384]
R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [9/24/2006 4:22 PM 11776]
R3 UltraMonMirror;UltraMonMirror;c:\windows\system32\drivers\UltraMonMirror.sys [9/24/2006 4:23 PM 3584]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [12/11/2007 9:58 AM 28672]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [4/28/2008 8:56 AM 17920]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [4/28/2008 8:56 AM 7680]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [4/28/2008 8:56 AM 42112]
S3 TiglUsb;TiglUsb.sys TI-GRAPH / DIRECT LINK USB driver;c:\windows\system32\Drivers\TiglUsb.sys --> c:\windows\system32\Drivers\TiglUsb.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8/16/2007 12:28 PM 642560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2010-06-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
2010-06-24 c:\windows\Tasks\SkypeDelay.job
- c:\program files\Skypedelay\SkypeDelay.vbs [2010-05-26 06:16]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: att.net
Trusted Zone: sbcglobal.net
Trusted Zone: yahoo.com\clientapps
TCP: {40B025D0-0630-4670-93C5-3D3A21067802} = 192.168.2.1
DPF: Microsoft XML Parser for Java - file:///C:/windows/Java/classes/xmldso.cab
DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} - hxxp://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab
.
- - - - ORPHANS REMOVED - - - -
AddRemove-Gtk+ Runtime Environment - c:\gtk\uninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-06-23 19:53
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer,
http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x8990F78A]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba10cf28
\Driver\ACPI -> ACPI.sys @ 0xb9f57cb8
\Driver\atapi -> ntkrnlpa.exe @ 0x8057c2df
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579014
ParseProcedure -> ntkrnlpa.exe @ 0x80577c76
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579014
ParseProcedure -> ntkrnlpa.exe @ 0x80577c76
NDIS: Broadcom NetXtreme Gigabit Ethernet -> SendCompleteHandler -> 0x89975980
PacketIndicateHandler -> NDIS.sys @ 0xb9dc6a0d
SendHandler -> NDIS.sys @ 0xb9ddab40
copy of MBR has been found in sector 0x06FC3DBF
malicious code @ sector 0x06FC3DC2 !
PE file found in sector at 0x06FC3DD8 !
MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-515967899-1275210071-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c4,a0,f8,2c,36,41,2d,0a,3c,1a,0d,c2,95,bc,55,f3,12,1e,f8,7f,47,dd,00,
f9,b3,d0,8a,db,e4,77,4f,b0,c0,e9,bb,28,b2,51,61,b7,6d,b0,2f,1f,e7,14,12,f2,\
"??"=hex:af,ae,bd,e0,38,d8,28,1a,51,76,d8,b2,d8,3c,bc,a3
[HKEY_USERS\S-1-5-21-515967899-1275210071-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:ea,4b,4f,8c,e9,5e,bf,89,4d,a4,86,23,21,89,e4,d1,10,d0,fa,b8,45,
72,37,d3,31,a2,51,9e,8f,d5,70,f9,b0,48,e7,85,d3,aa,83,2d,27,c2,87,e0,bd,b5,\
"rkeysecu"=hex:62,b0,a8,88,3e,07,21,e8,00,5f,80,cd,87,65,d5,dc
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1344)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
Completion time: 2010-06-23 19:56:00
ComboFix-quarantined-files.txt 2010-06-24 05:55
ComboFix2.txt 2010-06-22 06:18
ComboFix3.txt 2010-06-22 03:19
ComboFix4.txt 2010-06-14 08:54
ComboFix5.txt 2010-06-23 06:13
Pre-Run: 34,681,491,456 bytes free
Post-Run: 34,683,379,712 bytes free
Current=3 Default=3 Failed=1 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 333D8722D20D92553065EF9FFF3B77FC