Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.958.348 [GMT -5:00]
Running from: c:\documents and settings\Andy II\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Andy II\Desktop\CFScript.txt
AV: Norton Internet Security 2006 *On-access scanning enabled* (Outdated)
FW: Norton Internet Worm Protection *disabled*
* Created a new restore point
FILE ::
c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
c:\windows\awotowuwuq.dll
c:\windows\Kvadulazexizuxaw.dll
c:\windows\system32\asruxdnb.ini
c:\windows\system32\cbXOIxyW.dll
c:\windows\system32\dcwspssj.ini
c:\windows\system32\ffsvwgpi.ini
c:\windows\system32\gwaufbeh.ini
c:\windows\system32\ilptejtl.ini
c:\windows\system32\jkkHYOHB.dll
c:\windows\system32\khikatrm.ini
c:\windows\system32\ofhclomg.ini
c:\windows\system32\opdharhu.ini
c:\windows\system32\ovtcowma.ini
c:\windows\system32\qoMgfFWM
c:\windows\system32\ukdndhsv.ini
c:\windows\system32\wvUkLdCt.dll
c:\windows\system32\yjnlrudd.ini
c:\windows\system32\ypchckxx.ini
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Aaron\Application Data\DNA
c:\documents and settings\Aaron\Application Data\DNA\dht.dat
c:\documents and settings\Aaron\Application Data\DNA\dht.dat.old
c:\documents and settings\Aaron\Application Data\DNA\dna.lng
c:\documents and settings\Aaron\Application Data\DNA\resume.dat
c:\documents and settings\Aaron\Application Data\DNA\resume.dat.old
c:\documents and settings\Aaron\Application Data\DNA\rss.dat
c:\documents and settings\Aaron\Application Data\DNA\rss.dat.old
c:\documents and settings\Aaron\Application Data\DNA\settings.dat
c:\documents and settings\Aaron\Application Data\DNA\settings.dat.old
c:\documents and settings\Andy II\Application Data\BitTorrent
c:\documents and settings\Andy II\Application Data\BitTorrent\[a4e]Metal_Skin_Panic_Madox-01[divx5.1.1].mkv.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\[ILA] MADOX-01.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\Conan The Barbarian (Complete Score).torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\dht.dat
c:\documents and settings\Andy II\Application Data\BitTorrent\resume.dat
c:\documents and settings\Andy II\Application Data\BitTorrent\resume.dat.old
c:\documents and settings\Andy II\Application Data\BitTorrent\Rifts Backup.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\Rifts World Books.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\RIFTS.torrent
c:\documents and settings\Andy II\Application Data\BitTorrent\rss.dat
c:\documents and settings\Andy II\Application Data\BitTorrent\settings.dat
c:\documents and settings\Andy II\Application Data\BitTorrent\settings.dat.old
c:\documents and settings\Andy II\Application Data\BitTorrent\The Rifter 1-30.rar.torrent
c:\documents and settings\Andy II\Application Data\cogad
c:\documents and settings\Andy II\Application Data\cogad\cogad.exe
c:\documents and settings\Andy II\Application Data\Twain
c:\documents and settings\Andy II\Application Data\VirusRemover2008
c:\documents and settings\Andy II\Application Data\VirusRemover2008\Logs\scns.log
c:\documents and settings\Andy II\Local Settings\Temporary Internet Files\fbk.sts
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll
c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
c:\program files\WebShow
c:\program files\WebShow\WebShow.dll
c:\windows\awotowuwuq.dll
c:\windows\Kvadulazexizuxaw.dll
c:\windows\system32\asruxdnb.ini
c:\windows\system32\cbXOIxyW.dll
c:\windows\system32\dcwspssj.ini
c:\windows\system32\ffsvwgpi.ini
c:\windows\system32\gwaufbeh.ini
c:\windows\system32\ilptejtl.ini
c:\windows\system32\jkkHYOHB.dll
c:\windows\system32\khikatrm.ini
c:\windows\system32\ofhclomg.ini
c:\windows\system32\opdharhu.ini
c:\windows\system32\ovtcowma.ini
c:\windows\system32\ukdndhsv.ini
c:\windows\system32\wvUkLdCt.dll
c:\windows\system32\yjnlrudd.ini
c:\windows\system32\ypchckxx.ini
c:\windows\Tasks\At25.job
c:\windows\Tasks\At26.job
c:\windows\Tasks\At27.job
c:\windows\Tasks\At28.job
c:\windows\Tasks\At29.job
c:\windows\Tasks\At30.job
c:\windows\Tasks\At31.job
c:\windows\Tasks\At32.job
c:\windows\Tasks\At33.job
c:\windows\Tasks\At34.job
c:\windows\Tasks\At35.job
c:\windows\Tasks\At36.job
c:\windows\Tasks\At37.job
c:\windows\Tasks\At38.job
c:\windows\Tasks\At39.job
c:\windows\Tasks\At40.job
c:\windows\Tasks\At41.job
c:\windows\Tasks\At42.job
c:\windows\Tasks\At43.job
c:\windows\Tasks\At44.job
c:\windows\Tasks\At45.job
c:\windows\Tasks\At46.job
c:\windows\Tasks\At47.job
c:\windows\Tasks\At48.job
c:\windows\Tasks\At49.job
c:\windows\Tasks\At50.job
c:\windows\Tasks\At51.job
c:\windows\Tasks\At52.job
c:\windows\Tasks\At53.job
c:\windows\Tasks\At54.job
c:\windows\Tasks\At55.job
c:\windows\Tasks\At56.job
c:\windows\Tasks\At57.job
c:\windows\Tasks\At58.job
c:\windows\Tasks\At59.job
c:\windows\Tasks\At60.job
c:\windows\Tasks\At61.job
c:\windows\Tasks\At62.job
c:\windows\Tasks\At63.job
c:\windows\Tasks\At64.job
c:\windows\Tasks\At65.job
c:\windows\Tasks\At66.job
c:\windows\Tasks\At67.job
c:\windows\Tasks\At68.job
c:\windows\Tasks\At69.job
c:\windows\Tasks\At70.job
c:\windows\Tasks\At71.job
c:\windows\Tasks\At72.job
.
((((((((((((((((((((((((( Files Created from 2009-01-07 to 2009-02-07 )))))))))))))))))))))))))))))))
.
2009-02-07 12:57 . 2009-02-07 12:57 <DIR> d-------- C:\32788R22FWJFW
2009-02-02 17:45 . 2009-02-02 17:45 <DIR> d-------- c:\documents and settings\Andy II\Application Data\vlc
2009-01-25 13:53 . 2009-01-25 13:29 15,688 --a------ c:\windows\system32\lsdelete.exe
2009-01-25 13:29 . 2009-01-25 13:29 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-01-25 13:28 . 2009-01-25 13:28 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-25 02:56 . 2009-01-25 02:56 <DIR> d-------- c:\program files\Trend Micro
2009-01-25 02:30 . 2009-01-25 02:30 <DIR> d-------- c:\program files\Enigma Software Group
2009-01-23 19:35 . 2008-08-15 23:22 198,941 --a------ c:\windows\system32\nvapps.nvb
2009-01-23 19:34 . 2008-08-06 07:51 453,152 --a------ c:\windows\system32\NVUNINST.EXE
2009-01-23 19:33 . 2009-01-23 19:33 <DIR> d-------- C:\NVIDIA
2009-01-23 18:24 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll
2009-01-23 18:24 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll
2009-01-23 18:24 . 2008-10-27 10:04 514,384 --a------ c:\windows\system32\XAudio2_3.dll
2009-01-23 18:24 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll
2009-01-23 18:24 . 2008-10-27 10:04 235,856 --a------ c:\windows\system32\xactengine3_3.dll
2009-01-23 18:24 . 2008-10-27 10:04 70,992 --a------ c:\windows\system32\XAPOFX1_2.dll
2009-01-23 18:24 . 2008-10-27 10:04 23,376 --a------ c:\windows\system32\X3DAudio1_5.dll
2009-01-23 18:23 . 2009-01-23 18:28 <DIR> d--h----- c:\windows\msdownld.tmp
2009-01-23 18:05 . 2009-01-23 18:07 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-01-23 17:54 . 2009-01-23 17:54 <DIR> d-------- c:\windows\system32\xlive
2009-01-23 15:55 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
2009-01-23 15:55 . 2006-12-08 12:02 251,672 --a------ c:\windows\system32\xactengine2_5.dll
2009-01-23 15:54 . 2009-01-23 15:54 <DIR> d-------- c:\windows\Logs
2009-01-23 14:19 . 2009-02-05 21:06 <DIR> d-------- c:\program files\Steam
2009-01-22 10:16 . 2009-02-05 21:07 <DIR> d-------- c:\documents and settings\Andy II\Application Data\OpenOffice.org2
2009-01-22 10:16 . 2009-01-22 10:16 <DIR> d-------- c:\documents and settings\Andy II\Application Data\NJStar
2009-01-19 18:41 . 2009-01-19 18:41 <DIR> d-------- c:\documents and settings\Andy II\Application Data\AdobeUM
2009-01-19 17:37 . 2009-01-19 18:07 56 --a------ c:\windows\kgt2k.INI
2009-01-19 17:36 . 53,052 c:\windows\,Q,cSi"ªŸcŸN?[Ÿ<,Q,Z,,.mid
2009-01-19 16:29 . 2009-01-19 16:29 <DIR> d-------- c:\documents and settings\Andy II\Application Data\acccore
2009-01-19 16:28 . 2009-01-19 16:29 <DIR> d-------- c:\program files\AIM Toolbar
2009-01-19 16:28 . 2009-01-19 16:28 <DIR> d-------- c:\program files\AIM Search
2009-01-19 04:45 . 2009-01-19 04:45 <DIR> d-------- c:\documents and settings\Andy II\Application Data\HP
2009-01-11 22:17 . 2009-02-05 21:06 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-11 22:17 . 2009-01-11 22:17 1,409 --a------ c:\windows\QTFont.for
2009-01-11 07:07 . 2009-01-11 07:07 <DIR> d-------- c:\windows\system32\XPSViewer
2009-01-11 07:07 . 2009-01-11 07:07 <DIR> d-------- c:\program files\Reference Assemblies
2009-01-11 07:05 . 2009-01-11 07:11 <DIR> d-------- c:\windows\SxsCaPendDel
2009-01-11 07:05 . 2009-01-11 07:07 <DIR> d-------- C:\ed730cada51539590ca06baec8c5
2009-01-11 07:05 . 2008-07-06 07:06 1,676,288 --a------ c:\windows\system32\xpssvcs.dll
2009-01-11 07:05 . 2008-07-06 07:06 1,676,288 --------- c:\windows\system32\dllcache\xpssvcs.dll
2009-01-11 07:05 . 2008-07-06 05:50 597,504 --------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-01-11 07:05 . 2008-07-06 07:06 575,488 --a------ c:\windows\system32\xpsshhdr.dll
2009-01-11 07:05 . 2008-07-06 07:06 575,488 --------- c:\windows\system32\dllcache\xpsshhdr.dll
2009-01-11 07:05 . 2008-07-06 07:06 117,760 --a------ c:\windows\system32\prntvpt.dll
2009-01-11 07:05 . 2008-07-06 07:06 89,088 --------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-01-11 07:00 . 2009-01-11 07:00 <DIR> d-------- c:\program files\MSXML 6.0
2009-01-11 06:56 . 2009-01-11 06:56 <DIR> d-------- c:\program files\Wizards of the Coast
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-06 02:05 --------- d-----w c:\documents and settings\Andy II\Application Data\WTablet
2009-02-06 02:03 --------- d-----w c:\documents and settings\LocalService\Application Data\WTablet
2009-01-30 06:46 --------- d-----w c:\documents and settings\Aaron\Application Data\OpenOffice.org2
2009-01-30 06:45 --------- d-----w c:\documents and settings\Aaron\Application Data\WTablet
2009-01-25 18:28 --------- d-----w c:\program files\Lavasoft
2009-01-25 18:28 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-19 21:29 --------- d-----w c:\program files\AIM6
2009-01-19 21:28 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2009-01-17 19:43 --------- d-----w c:\documents and settings\Aaron\Application Data\Skype
2009-01-16 06:47 --------- d-----w c:\documents and settings\Aaron\Application Data\BitTorrent
2009-01-15 08:01 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-06 07:22 --------- d-----w c:\program files\Common Files\DirectX
2008-12-30 08:38 --------- d-----w c:\program files\Common Files\Blizzard Entertainment
2008-12-12 17:27 3,067,392 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-12 08:13 --------- d-----w c:\program files\Common Files\Software Update Utility
2008-12-12 08:13 --------- d-----w c:\documents and settings\All Users\Application Data\AIM Toolbar
2008-12-12 08:13 --------- d-----w c:\documents and settings\All Users\Application Data\acccore
2008-12-12 07:59 --------- d-----w c:\documents and settings\All Users\Application Data\AOL Downloads
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 11:57 333,184 ------w c:\windows\system32\dllcache\srv.sys
2007-01-20 00:36 88 --sh--r c:\windows\system32\4032A62C6F.sys
2007-01-20 00:36 2,516 -csha-w c:\windows\system32\KGyGaAvL.sys
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\system32\xlive ----
2007-09-18 15:01 134144 --a------ c:\windows\system32\xlive\sqmapi.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-15 13570048]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 52840]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-02-20 185896]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-10-26 136600]
"EPSON Stylus CX4800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE" [2005-02-02 98304]
"EPSON Stylus CX4800 Series (Copy 1)"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE" [2005-02-02 98304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-01-31 385024]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-02-19 267048]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-15 86016]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-01-25 507224]
"SigmatelSysTrayApp"="stsystra.exe" [2006-08-15 c:\windows\stsystra.exe]
"nwiz"="nwiz.exe" [2008-08-15 c:\windows\system32\nwiz.exe]
c:\documents and settings\Aaron\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216]
c:\documents and settings\Andy II\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL ACS"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-01-25 64160]
R2 Dynex DX-WGPUSB WLService;Dynex Wireless G Enhanced Adapter Service;c:\program files\Dynex Wireless G Enhanced Adapter\WLService.exe [2008-05-12 49152]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 942416]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-02-15 24652]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2007-04-06 106808]
S3 padenum;Enumerador de dispositivos de NTPAD;c:\windows\system32\DRIVERS\padenum.sys --> c:\windows\system32\DRIVERS\padenum.sys [?]
S3 VendorJoystickEnabler;Driver para joystick paralelo de consola;c:\windows\system32\drivers\ntpad.sys --> c:\windows\system32\drivers\ntpad.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2009-02-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-25 13:29]
2009-02-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3941659726-3948666053-3483446295-1008.job
- c:\documents and settings\Andy II\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-05 21:21]
2009-02-07 c:\windows\Tasks\Norton AntiVirus - Run Full System Scan - Aaron.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe []
.
.
------- Supplementary Scan -------
.
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=del ... bd=5070117
mStart Page = hxxp://www.dell.com
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Andy II\Application Data\Mozilla\Firefox\Profiles\ato97zw1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/sli ... rab&query=
FF - plugin: c:\documents and settings\Andy II\Local Settings\Application Data\Google\Update\1.2.133.37\npGoogleOneClick7.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-07 13:04:59
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-02-07 13:16:34
ComboFix-quarantined-files.txt 2009-02-07 18:16:31
ComboFix2.txt 2009-02-06 02:11:32
Pre-Run: 6,460,796,928 bytes free
Post-Run: 6,423,334,912 bytes free
333 --- E O F --- 2009-01-15 08:01:09