Combo Fix - end
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://qps.peelschools.org/QuickPlace/lorneparkss/Main.nsf/h_Toc/6f891b8ba288f709852575040071c914/?OpenDocument
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: rbc.com\vpn
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
DPF: {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} - hxxps://remote.rbc.com/nortel_cacheable/iewiper.cab
DPF: {ACDB1787-986D-434D-9857-2172CDB2108D} - hxxps://remote.rbc.com/nortel_cacheable/punblock.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://206.210.96.94/activex/AMC.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\zyp7o3fm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.leaguelineup.com/calendar.asp?cmenuid=3&url=mississauga_chiefs_bantam_b&sid=764301584
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - HiddenExtension: XUL Cache: {718CE169-1B83-4B68-B10D-3A2E3B2FAC83} - c:\documents and settings\Owner\Local Settings\Application Data\{718CE169-1B83-4B68-B10D-3A2E3B2FAC83}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-08-09 19:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{40886FA5-87BC-FDA7-0C1FAC01C243999B}\{19E564B2-522B-7AA8-1ACCCD0705265332}\{1F2DE655-6E2E-2DD5-8638E8D01A513D14}*]
"NRDFOBLVNAUE2QOGEQXAH1Y2DD1"=hex:01,00,01,00,00,00,00,00,b0,0a,ac,41,7a,16,04,
de,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{63BF9C16-61FD-5246-D28A6F9B6DBA4643}\{A1662382-7299-AE2E-23313B5BBD368ECE}\{683884CE-C1AE-773A-12388A76175B81B9}*]
"NRDFOBLVNAUE2QOGEQXAH1Y2DD1"=hex:01,00,01,00,00,00,00,00,b0,0a,ac,41,7a,16,04,
de,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(576)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3976)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
.
Completion time: 2009-08-09 19:34
ComboFix-quarantined-files.txt 2009-08-09 23:34
ComboFix2.txt 2009-08-09 04:21
ComboFix3.txt 2009-05-28 13:59
ComboFix4.txt 2009-05-14 13:01
Pre-Run: 139,467,608,064 bytes free
Post-Run: 139,412,828,160 bytes free
328 --- E O F --- 2009-08-08 23:18