Hi cypher, I only ran TDSSKiller once by leaving it running overnight and then posting the results the next morning. The computer seems to be doing fine, other than sometimes taking a very long time to end non-responsive programs. Thanks for your time again
Here's the ComboFix log:
ComboFix 10-05-26.03 - LSM 28-May-10 0:25.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3069.2431 [GMT 10:00]
Running from: c:\documents and settings\LSM\Desktop\ComboFix.exe
AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI
c:\windows\jestertb.dll
c:\windows\system32\Vb40032.dll
c:\windows\twain_16.dll
.
((((((((((((((((((((((((( Files Created from 2010-04-27 to 2010-05-27 )))))))))))))))))))))))))))))))
.
2010-05-22 04:32 . 2010-05-22 04:32 503808 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-251cb5c7-n\msvcp71.dll
2010-05-22 04:32 . 2010-05-22 04:32 61440 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-50b66d6f-n\decora-sse.dll
2010-05-22 04:32 . 2010-05-22 04:32 499712 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-251cb5c7-n\jmc.dll
2010-05-22 04:32 . 2010-05-22 04:32 348160 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-251cb5c7-n\msvcr71.dll
2010-05-22 04:32 . 2010-05-22 04:32 12800 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-50b66d6f-n\decora-d3d.dll
2010-05-20 10:18 . 2010-05-20 10:18 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2010-05-20 10:17 . 2010-05-20 10:17 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-05-16 03:05 . 2010-05-16 03:05 -------- d-----w- c:\program files\ESET
2010-05-16 02:52 . 2010-05-16 02:52 503808 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-63e1b415-n\msvcp71.dll
2010-05-16 02:52 . 2010-05-16 02:52 499712 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-63e1b415-n\jmc.dll
2010-05-16 02:52 . 2010-05-16 02:52 348160 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-63e1b415-n\msvcr71.dll
2010-05-16 02:52 . 2010-05-16 02:52 61440 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-285ccf73-n\decora-sse.dll
2010-05-16 02:52 . 2010-05-16 02:52 12800 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-285ccf73-n\decora-d3d.dll
2010-05-16 02:52 . 2010-05-16 02:52 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-15 13:15 . 2010-05-15 13:15 -------- d-----w- C:\_OTM
2010-05-15 13:11 . 2010-05-15 13:12 -------- d-----w- c:\program files\ERUNT
2010-05-15 04:17 . 2010-05-15 04:18 -------- d-----w- C:\rsit
2010-05-15 03:41 . 2010-04-29 05:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-15 03:41 . 2010-04-29 05:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-15 03:41 . 2010-05-15 03:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-09 05:57 . 2010-05-09 05:57 388096 ----a-r- c:\documents and settings\LSM\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-09 05:57 . 2010-05-15 13:22 -------- d-----w- c:\program files\Trend Micro
2010-05-07 08:18 . 2010-05-07 08:20 -------- d-----w- c:\documents and settings\LSM\Local Settings\Application Data\nuweraaxy
2010-05-06 11:56 . 2002-08-29 12:00 838144 -c--a-w- c:\windows\system32\dllcache\chtbrkr.dll
2010-05-06 11:56 . 2002-08-29 12:00 838144 ----a-w- c:\windows\system32\chtbrkr.dll
2010-05-06 11:56 . 2002-08-29 12:00 1677824 -c--a-w- c:\windows\system32\dllcache\chsbrkr.dll
2010-05-06 11:56 . 2002-08-29 12:00 1677824 ----a-w- c:\windows\system32\chsbrkr.dll
2010-05-06 11:56 . 2002-08-29 12:00 70656 -c--a-w- c:\windows\system32\dllcache\korwbrkr.dll
2010-05-06 11:56 . 2002-08-29 12:00 70656 ----a-w- c:\windows\system32\korwbrkr.dll
2010-05-06 11:56 . 2002-08-29 12:00 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll
2010-05-06 11:56 . 2002-08-29 12:00 98304 ----a-w- c:\windows\system32\msir3jp.dll
2010-05-06 11:56 . 2002-08-29 12:00 10096640 -c--a-w- c:\windows\system32\dllcache\hwxcht.dll
2010-05-06 11:56 . 2002-08-29 12:00 6144 -c--a-w- c:\windows\system32\dllcache\kbd101a.dll
2010-05-06 11:56 . 2002-08-29 12:00 6144 ----a-w- c:\windows\system32\kbd101a.dll
2010-05-06 11:56 . 2002-08-29 12:00 14336 -c--a-w- c:\windows\system32\dllcache\padrs412.dll
2010-05-06 02:16 . 2010-03-26 00:33 43008 ----a-w- c:\documents and settings\LSM\Application Data\Mozilla\Firefox\Profiles\sdj6xcqm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-05-06 02:16 . 2010-03-26 00:33 339456 ----a-w- c:\documents and settings\LSM\Application Data\Mozilla\Firefox\Profiles\sdj6xcqm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-05-06 02:16 . 2010-03-26 00:32 346112 ----a-w- c:\documents and settings\LSM\Application Data\Mozilla\Firefox\Profiles\sdj6xcqm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-05-06 02:16 . 2010-03-26 00:33 1496064 ----a-w- c:\documents and settings\LSM\Application Data\Mozilla\Firefox\Profiles\sdj6xcqm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-05-01 14:51 . 2001-08-17 03:12 11008 -c--a-w- c:\windows\system32\dllcache\brusbmdm.sys
2010-05-01 14:51 . 2001-08-17 03:12 11008 ----a-w- c:\windows\system32\drivers\BrUsbMdm.sys
2010-05-01 14:51 . 2001-08-17 03:12 10368 -c--a-w- c:\windows\system32\dllcache\brusbscn.sys
2010-05-01 14:51 . 2001-08-17 03:12 10368 ----a-w- c:\windows\system32\drivers\BrUsbScn.sys
2010-05-01 14:51 . 2008-04-13 19:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-05-01 14:51 . 2008-04-13 19:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-04-30 01:44 . 2008-04-14 01:11 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-04-30 01:44 . 2008-04-14 01:11 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-04-30 01:44 . 2008-04-13 19:39 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-04-30 01:44 . 2008-04-13 19:39 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-27 14:14 . 2007-02-01 01:53 -------- d-----w- c:\documents and settings\LSM\Application Data\Skype
2010-05-27 14:05 . 2009-05-18 13:21 -------- d-----w- c:\documents and settings\LSM\Application Data\skypePM
2010-05-27 07:42 . 2007-02-07 04:37 -------- d-----w- c:\documents and settings\LSM\Application Data\AdobeUM
2010-05-26 23:37 . 2008-12-24 22:34 -------- d-----w- c:\program files\Steam
2010-05-26 23:29 . 2008-07-02 05:30 -------- d-----w- c:\documents and settings\LSM\Application Data\ICQ
2010-05-20 08:18 . 2010-01-19 10:53 -------- d-----w- c:\documents and settings\LSM\Application Data\PC Suite
2010-05-16 02:57 . 2007-02-01 01:50 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-16 02:53 . 2007-03-02 07:12 -------- d-----w- c:\program files\Common Files\Java
2010-05-16 02:48 . 2007-03-02 07:12 -------- d-----w- c:\program files\Java
2010-05-15 12:53 . 2007-02-16 06:16 -------- d-----w- c:\program files\ICQToolbar
2010-05-15 03:37 . 2007-10-28 02:41 -------- d-----w- c:\program files\CCleaner
2010-05-10 10:19 . 2007-02-01 02:28 92648 ----a-w- c:\documents and settings\LSM\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-30 15:52 . 2009-11-11 00:32 79488 ----a-w- c:\documents and settings\LSM\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-04-24 11:55 . 2007-02-01 02:36 -------- d-----w- c:\program files\Winamp
2010-04-24 04:37 . 2010-04-23 10:13 -------- d-----w- c:\program files\Tiger Gaming
2010-04-21 06:17 . 2007-02-01 01:46 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-21 06:17 . 2010-04-21 06:17 -------- d-----w- c:\program files\Microsoft Chart Controls
2010-04-21 06:17 . 2010-04-21 06:17 -------- d-----w- c:\documents and settings\LSM\Application Data\FLEXnet
2010-04-21 06:16 . 2010-04-21 06:16 -------- d-----w- c:\program files\Common Files\Wintertree
2010-04-21 06:15 . 2010-04-21 06:15 -------- d-----w- c:\program files\MYOB
2010-04-21 06:15 . 2010-04-21 06:15 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-04-20 15:21 . 2010-04-20 15:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2010-04-20 15:18 . 2010-04-20 15:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-04-20 15:07 . 2010-01-19 10:48 -------- d-----w- c:\program files\Nokia
2010-04-20 15:04 . 2010-01-20 07:47 -------- d-----w- c:\program files\Common Files\Nokia
2010-04-20 15:01 . 2010-04-20 15:01 -------- d-----w- c:\program files\PC Connectivity Solution
2010-04-20 14:59 . 2010-04-20 14:59 77824 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-04-20 14:59 . 2010-04-20 14:59 50000 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\Installer\CommonCustomActions\pcswpc.exe
2010-04-20 14:59 . 2010-01-19 10:48 -------- d-----w- c:\documents and settings\All Users\Application Data\OviInstallerCache
2010-04-09 01:03 . 2007-12-21 08:22 -------- d-----w- c:\program files\wgens170
2010-03-16 10:14 . 2010-03-16 10:14 72488 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-03-11 07:17 . 2010-04-20 14:59 64164264 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}\NokiaOviSuite2Installer.exe
2010-03-11 07:17 . 2010-02-15 14:13 64164264 ----a-w- c:\documents and settings\LSM\Application Data\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe
2010-03-10 06:15 . 2002-08-29 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-07-19 10:00 . 2009-07-19 09:47 6621696 ----a-w- c:\program files\etax2009_1.msi
2008-02-08 12:45 . 2008-01-29 00:52 17 ----a-w- c:\program files\streampeer.cfg
2007-04-04 07:20 . 2007-04-02 10:49 5567752 ----a-w- c:\program files\InstallCollapseII.exe
2006-07-05 04:38 . 2007-08-23 10:04 3072 ----a-w- c:\program files\mozilla firefox\plugins\ractrlkeyhook.dll
2006-02-13 02:07 . 2007-08-23 10:04 245408 ----a-w- c:\program files\mozilla firefox\plugins\unicows.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208]
"ICQ"="c:\progra~1\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"="sttray.exe" [2006-05-26 282624]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-02-24 196709]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-06-01 7618560]
"nwiz"="nwiz.exe" [2006-06-01 1519616]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 86016]
"PaperPort PTD"="c:\program files\Scansoft\PaperPort\pptd40nt.exe" [2002-06-10 45108]
"IndexSearch"="c:\program files\Scansoft\PaperPort\IndexSearch.exe" [2002-06-10 36864]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2002-08-29 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-10-24 217194]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-6-5 113664]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\football manager 2009\\fm.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Hann Boy\\Warcraft III\\w3l.exe"=
"c:\\Hann Boy\\Warcraft III\\war3.exe"=
"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"=
"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1513:UDP"= 1513:UDP:garena
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0308000.029\SymEFA.sys [02-Feb-10 5:48 PM 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0308000.029\BHDrvx86.sys [02-Feb-10 5:48 PM 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0308000.029\cchpx86.sys [02-Feb-10 5:48 PM 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100520.001\IDSXpx86.sys [29-Oct-09 8:37 AM 329592]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [02-Feb-10 5:47 PM 117640]
R2 StudioPro;StudioPro webcam;c:\windows\system32\drivers\StudioPro.sys [05-Jan-09 11:49 AM 120320]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [06-Jan-10 12:51 PM 102448]
R3 EuMusDesignVirtualAudioCableWdm;StudioPro audio (WDM);c:\windows\system32\drivers\vrtaucbl.sys [05-Jan-09 11:49 AM 38784]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [09-Feb-10 11:34 PM 135664]
S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" --> c:\program files\Viewpoint\Common\ViewpointService.exe [?]
S3 brfilt;Brother MFC Filter Driver;c:\windows\system32\drivers\BrFilt.sys [04-Feb-07 6:14 PM 2944]
S3 brparimg;Brother Multi Function Parallel Image driver;c:\windows\system32\drivers\BrParImg.sys [04-Feb-07 6:14 PM 3168]
S3 BrParWdm;Brother WDM Parallel Driver;c:\windows\system32\drivers\BrParwdm.sys [04-Feb-07 6:14 PM 39552]
S3 BrSerWDM;Brother Serial driver;c:\windows\system32\drivers\BrSerWdm.sys [04-Feb-07 6:14 PM 60416]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\system32\drivers\BrUsbMdm.sys [02-May-10 12:51 AM 11008]
S3 BrUsbScn;Brother MFC USB Scanner driver;c:\windows\system32\drivers\BrUsbScn.sys [02-May-10 12:51 AM 10368]
S3 exdisk;Express Disk Service;c:\windows\system32\drivers\exdisk.sys [01-Feb-07 11:53 AM 14074]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\LSM\LOCALS~1\Temp\THC748.tmp --> c:\docume~1\LSM\LOCALS~1\Temp\THC748.tmp [?]
S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [11-May-05 1:12 PM 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [11-May-05 1:12 PM 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [11-May-05 1:12 PM 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [11-May-05 1:12 PM 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [11-May-05 1:12 PM 77072]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - ERASERUTILDRV11010
*Deregistered* - EraserUtilDrv11010
.
Contents of the 'Scheduled Tasks' folder
2010-05-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 01:34]
2010-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 13:34]
2010-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 13:34]
2010-05-26 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 06:04]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.msn.comuSearchMigratedDefaultURL =
hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://au.rd.yahoo.com/customize/ie/def ... .yahoo.comDPF: DirectAnimation Java Classes -
file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\LSM\Application Data\Mozilla\Firefox\Profiles\sdj6xcqm.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npRACtrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Aim6 - (no file)
HKLM-Run-farstone - (no file)
HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe
HKLM-Run-StreamPeer - c:\program files\StreamPeer\StreamPeer.exe
AddRemove-Final Fantasy VII - c:\program files\Square Soft
AddRemove-GOM Player - c:\hann boy\GomPlayer\Uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-05-28 00:31
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.8.0.41\diMaster.dll\" /prefetch:1"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\LSM\LOCALS~1\Temp\THC748.tmp"
.
Completion time: 2010-05-28 00:34:40
ComboFix-quarantined-files.txt 2010-05-27 14:34
Pre-Run: 19,781,500,928 bytes free
Post-Run: 19,884,191,744 bytes free
- - End Of File - - 94B3148B0DC0E4BB1A78BD1F157CF4F4