ComboFix 10-09-29.04 - Owner 09/30/2010 14:21:34.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1534.1112 [GMT -4:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {00000000-0000-0000-0000-000000000000}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {804FD0EC-FFA4-00C8-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00C8-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {804FD2B8-FFA4-00EB-0D24-347CA8A3377C}
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\skinboxer43.dll
I:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2010-08-28 to 2010-09-30 )))))))))))))))))))))))))))))))
.
2010-09-27 15:57 . 2010-09-27 15:57 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2010-09-27 15:57 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-27 15:57 . 2010-09-27 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-09-27 15:57 . 2010-09-27 15:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-27 15:57 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-24 22:45 . 2010-09-24 22:45 -------- d-----w- c:\documents and settings\Owner\Application Data\.minecraft server
2010-09-24 22:41 . 2010-09-20 09:55 232504 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft\minecraft.exe
2010-09-24 22:41 . 2010-09-20 04:30 195072 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft\bin\natives\OpenAL64.dll
2010-09-24 22:41 . 2010-09-20 04:30 108032 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft\bin\natives\OpenAL32.dll
2010-09-24 22:41 . 2010-09-20 04:30 237568 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft\bin\natives\lwjgl.dll
2010-09-24 22:41 . 2010-09-20 04:30 65024 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft\bin\natives\jinput-dx8_64.dll
2010-09-24 22:41 . 2010-09-20 04:30 62464 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft\bin\natives\jinput-raw_64.dll
2010-09-24 22:41 . 2010-09-20 04:30 61952 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft\bin\natives\jinput-dx8.dll
2010-09-24 22:41 . 2010-09-20 04:30 59392 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft\bin\natives\jinput-raw.dll
2010-09-24 22:41 . 2010-09-20 04:30 248832 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft\bin\natives\lwjgl64.dll
2010-09-24 22:35 . 2010-09-19 18:18 71 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft server\bin\server_nogui.bat
2010-09-24 22:35 . 2010-09-19 18:18 65 ----a-w- c:\documents and settings\Owner\Application Data\.minecraft server\bin\server_gui.bat
2010-09-24 04:54 . 2010-09-27 05:07 -------- d-----w- c:\documents and settings\Owner\Application Data\.minecraft
2010-09-22 19:32 . 2010-09-22 19:33 -------- d-----w- c:\documents and settings\Owner\Application Data\acccore
2010-09-22 19:32 . 2010-09-22 19:32 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\AOL
2010-09-22 19:32 . 2010-09-22 19:35 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\AIM
2010-09-22 19:32 . 2010-09-22 19:32 -------- d-----w- c:\documents and settings\All Users\Application Data\AIM
2010-09-22 19:32 . 2010-09-22 19:32 -------- d-----w- c:\program files\AIM7
2010-09-22 19:32 . 2010-09-22 19:32 -------- d-----w- c:\program files\Common Files\Software Update Utility
2010-09-22 19:32 . 2010-09-22 19:32 -------- d-----w- c:\program files\Common Files\AOL
2010-09-19 06:58 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-19 06:58 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-19 06:58 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-19 06:58 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-19 06:58 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-19 06:58 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-19 06:58 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-19 06:58 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-19 06:58 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-19 06:58 . 2010-09-19 06:58 -------- d-----w- c:\program files\Alwil Software
2010-09-19 06:58 . 2010-09-19 06:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-30 18:10 . 2009-10-15 23:44 -------- d-----w- c:\program files\PeerBlock
2010-09-30 18:03 . 2008-07-17 08:32 -------- d-----w- c:\documents and settings\Owner\Application Data\DNA
2010-09-30 17:52 . 2008-07-17 08:32 -------- d-----w- c:\program files\DNA
2010-09-30 02:45 . 2008-07-05 00:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-09-24 22:31 . 2008-07-17 08:32 -------- d-----w- c:\documents and settings\Owner\Application Data\BitTorrent
2010-09-20 19:56 . 2010-06-01 00:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2010-09-20 19:55 . 2008-10-06 09:11 -------- d-----w- c:\program files\Steam
2010-09-13 02:52 . 2005-10-07 05:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-09-12 23:30 . 2005-10-07 05:43 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-17 13:17 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-29 05:20 . 2010-07-29 05:20 10134 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
2010-07-22 15:49 . 2004-08-04 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 05:57 . 2010-06-06 07:52 5120 ----a-w- c:\windows\system32\xpsp4res.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2009-09-28 1524824]
"Google Update"="c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-10-31 135664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-12-22 77824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk
backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^IMVU.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\IMVU.lnk
backup=c:\windows\pss\IMVU.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2008-10-01 16:57 111936 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2005-09-15 02:05 344064 -c--a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-11-26 07:32 323392 ----a-w- c:\program files\DNA\btdna.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 04:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\masqform.exe]
2003-12-03 16:43 1052672 ----a-w- c:\program files\PureEdge\Viewer 6.0\masqform.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
2003-09-14 01:36 50688 ----a-w- c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2004-09-22 23:10 1871872 ------w- c:\program files\Ahead\Nero BackItUp\NBJ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 18:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 15:30 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-11-01 03:42 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 20:07 2260480 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 15:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Media Connect 2]
2006-10-19 02:58 8704 ------w- c:\program files\Windows Media Connect 2\WMCCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-10-19 01:05 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Flock\\flock\\flock.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"c:\\Program Files\\City of Heroes\\CohUpdater.exe"=
"c:\\Program Files\\City of Heroes\\CovUpdater.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Diablo II\\Game.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Last.fm\\LastFM.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\world of goo demo\\WorldOfGoo.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\coil\\coil.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\battleforge\\Bootstrapper.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\battleforge\\Support\\EA Help\\Electronic_Arts_Technical_Support.htm"=
"c:\\Program Files\\Steam\\steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\beat hazard\\BeatHazard.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\AIM7\\aim.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"54235:TCP"= 54235:TCP:utorrent
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:TCP"= 6112:TCP:Blizzard Downloader
"1119:TCP"= 1119:TCP:Blizzard Downloader
"1120:TCP"= 1120:TCP:Blizzard Downloader
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/19/2010 2:58 AM 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/19/2010 2:58 AM 17744]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/19/2009 11:17 PM 133104]
S3 ms6823;IEEE802.11b Wireless USB Adapter;c:\windows\system32\drivers\ms6823.sys [6/10/2004 11:47 AM 55168]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [10/15/2009 7:44 PM 14424]
S3 ZD1201U;ZyDAS ZD1201 IEEE 802.11b Wireless LAN Driver (USB);c:\windows\system32\drivers\ZD1201U.sys [10/9/2005 9:13 PM 38656]
S3 ZDNDIS5;ZDNDIS5 Protocol Driver;\??\c:\windows\system32\ZDNDIS5.SYS --> c:\windows\system32\ZDNDIS5.SYS [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4/17/2006 5:10 PM 685816]
.
Contents of the 'Scheduled Tasks' folder
2010-09-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-03-02 17:59]
2010-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-20 03:17]
2010-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-20 03:17]
2010-09-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-527237240-839522115-1003Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-12 19:22]
2010-09-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-527237240-839522115-1003UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-12 19:22]
2010-09-30 c:\windows\Tasks\User_Feed_Synchronization-{1E9CDD39-C4DE-4C7A-A50E-909F4FD9036D}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://reddit.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Open in new background tab - c:\program files\MSN Toolbar Suite\TAB\02.05.0000.1110\en-us\msntabres.dll/229?3a0ccd14859942adaad3686a121d424c
IE: Open in new foreground tab - c:\program files\MSN Toolbar Suite\TAB\02.05.0000.1110\en-us\msntabres.dll/230?3a0ccd14859942adaad3686a121d424c
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/dsl_settings/include/vzTCPConfig.CAB
DPF: {DE3135A8-D948-49DC-ABBC-B2EFF418E5FD} - hxxp://www.iradiopop.com/IRD/pages/AIRJ01FPlayer.CAB
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\tfpn17v7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - component: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\tfpn17v7.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff30\gears.dll
FF - plugin: c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\IGN\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Picasa2\npPicasa2.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-nwiz - nwiz.exe
MSConfigStartUp-MySpaceIM - c:\program files\MySpace\IM\MySpaceIM.exe
MSConfigStartUp-nwiz - nwiz.exe
AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-09-30 14:26
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(492)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-09-30 14:29:29
ComboFix-quarantined-files.txt 2010-09-30 18:29
Pre-Run: 51,920,400,384 bytes free
Post-Run: 51,882,348,544 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - E1E7DFEC3AF59352AC6ADCFE1D3D70F0