Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help with Rootkit.Agent

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help with Rootkit.Agent

Unread postby Bleach » September 16th, 2010, 4:17 am

Hello - I am a complete novice - however, Malwarebytes suggests that Rootkit.Agent is present - I can not remove it. I have run Combofix which produced a LOG . Are you able to help me. ?:-

ComboFix 10-09-15.01 - Rob Leach 16/09/2010 8:44.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.160 [GMT 1:00]
Running from: c:\documents and settings\Rob Leach\Desktop\ComboFix.exe
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning disabled* (Updated) {81F4C1AC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning disabled* (Updated) {8248B4DC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning disabled* (Updated) {827A0B24-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning disabled* (Updated) {8295A2A4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning disabled* (Updated) {BADB0D00-FFA4-00FF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81D184E4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81DC3C44-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81DE3DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81E3ABFC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81E6C334-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81EE4334-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81EF4054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F15DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F25A1C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F314B4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F42054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F5235C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F58DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F5ABFC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F62054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F7B9CC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81F8F35C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FA75F4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FB1054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FB2DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FB3054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FB5BFC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FC6914-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FD73DC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FDA054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FDBB64-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FE5054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FED054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {81FF12C4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82005DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8200761C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8200E054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82010DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8201369C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8202B334-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82035BFC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82039054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8204CB64-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8204DDDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82066924-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8206E054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8207B054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8207FDDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820812BC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8208D054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82090DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8209156C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82094BFC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8209E5F4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820A5A1C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820AD054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820AE2BC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820BE054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820C4054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820C8054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820E8B64-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820ED69C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820F3054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {820FF5AC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {821019A4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8210D62C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82114054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82128DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8212E5CC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82134CA4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82144054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8214E784-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82150DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82171C0C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8218E054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {821A2974-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82263DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {822C1054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {822F7054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {823AD23C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {823BE5AC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {823D0054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {823E63E4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {823F1864-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {823F5BFC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8240F054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82428C74-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82428CE4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82432DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82436DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82437DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8243E8BC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8243EDDC-FFA4-00FF-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82457BFC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8247740C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82477A6C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82484DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {824898AC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8249239C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {824954B4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {824959A4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {824B158C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {824B6A44-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {824D99BC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {824EB67C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {824FA9F4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82500AEC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {825612D4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82564924-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8257C7BC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {825A4DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {825D15CC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {826C8054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {826CFDDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8270EBFC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8271180C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827286BC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827296CC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82736DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82739724-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8273BDDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8273E59C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82741594-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827453BC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82750B64-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82753DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82758DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82759DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8275FDDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8276233C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8276D3AC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82777704-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82778924-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8278A91C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8278CCEC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82791DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82792844-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82796864-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8279E054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827A05A4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827A948C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827B23BC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827B9294-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827BD4D4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827D42DC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827DADDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827E1054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827E24E4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827E4984-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {827EF054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8281741C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82817CC4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82822054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82834804-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82838B24-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82880B24-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {828AA538-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {828CAC24-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {828CDDDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {828CEA9C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {828CFDDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {828DA9B4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {828F8934-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8290CDDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8292A054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8293B054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8293CC44-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82979DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8297A504-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82981ADC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82982B5C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {829832E4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {829911CC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8299243C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {8299B324-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {829B82CC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {829BAD0C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82A3A7AC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82A8531C-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82A9BCEC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {82B1ADDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {FEACA474-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {FF1695CC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {FF74C5CC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {FFB68054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {FFB722C4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {FFB72DDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {FFB7A9D4-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {FFBB6054-FFA4-00DC-0D24-347CA8A3377C}
AV: AntiVir PersonalEdition Classic Virus Protection *On-access scanning enabled* (Updated) {FFBBADDC-FFA4-00DC-0D24-347CA8A3377C}
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Pamela\Application Data\alot
c:\documents and settings\Pamela\Application Data\Dealio
c:\documents and settings\Pamela\Application Data\Dealio\res\widgets.xml
c:\documents and settings\Pamela\Application Data\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml
c:\documents and settings\Rob Leach\Application Data\alot
c:\documents and settings\Rob Leach\Application Data\alot\BrowserSearch\BrowserSearch.xml
c:\documents and settings\Rob Leach\Application Data\alot\BrowserSearch\BrowserSearch.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Button_0\Button_0.xml
c:\documents and settings\Rob Leach\Application Data\alot\Button_0\Button_0.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Button_1\Button_1.xml
c:\documents and settings\Rob Leach\Application Data\alot\Button_1\Button_1.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Button_2\Button_2.xml
c:\documents and settings\Rob Leach\Application Data\alot\Button_2\Button_2.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Button_3\Button_3.xml
c:\documents and settings\Rob Leach\Application Data\alot\Button_3\Button_3.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Button_4\Button_4.xml
c:\documents and settings\Rob Leach\Application Data\alot\Button_4\Button_4.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Button_5\Button_5.xml
c:\documents and settings\Rob Leach\Application Data\alot\Button_5\Button_5.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Button_6\Button_6.xml
c:\documents and settings\Rob Leach\Application Data\alot\Button_6\Button_6.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Button_7\Button_7.xml
c:\documents and settings\Rob Leach\Application Data\alot\Button_7\Button_7.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Button_8\Button_8.xml
c:\documents and settings\Rob Leach\Application Data\alot\Button_8\Button_8.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\configurator\configurator.xml
c:\documents and settings\Rob Leach\Application Data\alot\configurator\configurator.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\contextMenu\contextMenu.xml
c:\documents and settings\Rob Leach\Application Data\alot\contextMenu\contextMenu.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\products\products.xml
c:\documents and settings\Rob Leach\Application Data\alot\products\products.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Resources\BrowserSearch\alot_search_defend.html
c:\documents and settings\Rob Leach\Application Data\alot\Resources\BrowserSearch\images\favicon.ico
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_0\images\alot_logo_button.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_0\images\alot_logo_button.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_1\images\alot_search_button.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_1\images\alot_search_button.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_2\images\default_1610_alot_weather_search.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_2\images\default_1610_alot_weather_search.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_3\images\default_1007_alot_weather_widget.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_3\images\default_1007_alot_weather_widget.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_4\images\default_1606_alot_new_newsrss.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_4\images\default_1606_alot_new_newsrss.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_5\images\default_1609_alot_wea_radar.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_5\images\default_1609_alot_wea_radar.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_6\images\default_1524_alot_wea_info.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_6\images\default_1524_alot_wea_info.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_7\images\1600_icon.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_7\images\1600_icon.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_7\images\default_1520_alot_par_tips.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_7\images\default_1520_alot_par_tips.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_8\images\default_1795_alot_configure.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Button_8\images\default_1795_alot_configure.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\contextMenu\images\alot_icon.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\contextMenu\images\alot_icon.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\contextMenu\images\alot_logo_button.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\contextMenu\images\alot_logo_button.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\domains.dat
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\alot_brand.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\alot_splitter.png
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\spinner.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\widget_bottom.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\widget_caption.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\widget_error_close.bmp
c:\documents and settings\Rob Leach\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp
c:\documents and settings\Rob Leach\Application Data\alot\TimerManager\TimerManager.xml
c:\documents and settings\Rob Leach\Application Data\alot\TimerManager\TimerManager.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\toolbar.xml
c:\documents and settings\Rob Leach\Application Data\alot\toolbar.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml
c:\documents and settings\Rob Leach\Application Data\alot\toolbarContextMenu\toolbarContextMenu.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\ToolbarSearch\ToolbarSearch.xml
c:\documents and settings\Rob Leach\Application Data\alot\ToolbarSearch\ToolbarSearch.xml.backup
c:\documents and settings\Rob Leach\Application Data\alot\Updater\Updater.xml
c:\documents and settings\Rob Leach\Application Data\alot\Updater\Updater.xml.backup
c:\documents and settings\Rob Leach\Application Data\Dealio
c:\documents and settings\Rob Leach\Application Data\Dealio\res\widgets.xml
c:\documents and settings\Rob Leach\Application Data\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml
c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\IE\4.0.2\config.ini
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\windows\daemon.dll
c:\windows\desktop
c:\windows\desktop\directory scanner 1.8.lnk
c:\windows\ewuvudamumokek.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF


((((((((((((((((((((((((( Files Created from 2010-08-16 to 2010-09-16 )))))))))))))))))))))))))))))))
.

2010-09-15 20:19 . 2010-09-15 20:19 -------- d-----w- c:\windows\system32\MpEngineStore
2010-09-15 19:24 . 2010-09-15 19:24 -------- d-----w- c:\program files\Sophos
2010-09-15 19:11 . 2009-07-31 09:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2010-09-15 19:11 . 2008-04-13 21:57 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2010-09-15 19:11 . 2008-04-14 04:41 81920 ------w- c:\windows\system32\ieencode.dll
2010-09-15 17:47 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-09-15 17:46 . 2008-08-14 10:04 138496 -c----w- c:\windows\system32\dllcache\afd.sys
2010-09-15 17:46 . 2010-06-21 15:27 354304 -c----w- c:\windows\system32\dllcache\srv.sys
2010-09-15 17:46 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-09-15 17:46 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-09-15 17:46 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-09-15 17:44 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-09-15 17:43 . 2010-06-24 12:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-09-15 17:43 . 2010-06-24 12:21 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-09-15 17:43 . 2010-06-24 12:21 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-09-15 17:43 . 2010-06-24 12:21 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-09-15 17:43 . 2010-06-24 12:21 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-09-15 17:43 . 2010-06-24 12:21 1986560 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-09-15 17:43 . 2010-06-24 16:51 11077120 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-09-15 17:42 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-09-15 17:39 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-09-15 17:39 . 2010-06-14 07:41 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-09-15 17:38 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-09-15 16:48 . 2010-09-15 16:48 -------- d-----w- c:\windows\dell
2010-09-15 16:21 . 2004-08-12 14:09 31232 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2010-09-15 16:21 . 2004-08-12 14:09 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2010-09-15 16:19 . 2004-08-12 13:59 92416 -c--a-w- c:\windows\system32\dllcache\mga.sys
2010-09-15 16:18 . 2004-08-12 13:56 18944 -c--a-w- c:\windows\system32\dllcache\cprofile.exe
2010-09-15 16:16 . 2004-08-12 13:58 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-09-15 15:58 . 2004-08-12 13:58 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-09-15 15:58 . 2004-08-12 13:58 13312 ----a-w- c:\windows\system32\irclass.dll
2010-09-15 15:58 . 2004-08-12 14:06 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-09-15 15:58 . 2004-08-12 14:06 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-09-02 07:36 . 2010-09-02 07:36 -------- d-sh--w- c:\documents and settings\Pamela\IECompatCache
2010-08-26 08:47 . 2010-08-26 08:59 -------- d-----w- c:\program files\Game_Maker8
2010-08-25 16:11 . 2010-08-25 16:17 -------- d-----w- c:\documents and settings\Rob Leach\Application Data\Recolored
2010-08-22 18:03 . 2010-08-27 17:03 120 ----a-w- c:\windows\Kvaxurizevuladi.dat
2010-08-22 18:03 . 2010-08-27 09:37 0 ----a-w- c:\windows\Ijeko.bin
2010-08-22 18:03 . 2010-08-22 18:03 -------- d-----w- c:\documents and settings\Pamela\Local Settings\Application Data\{EE05DBD9-60A5-46A1-AB87-419928FDB750}
2010-08-22 14:07 . 2010-08-22 14:07 -------- d-----w- c:\documents and settings\Rob Leach\Application Data\Malwarebytes
2010-08-22 14:06 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-22 14:06 . 2010-08-22 14:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-22 14:06 . 2010-08-22 14:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-22 14:06 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-22 13:04 . 2010-08-22 13:04 -------- d-----w- c:\documents and settings\Rob Leach\Local Settings\Application Data\{FEEE23C1-C7F7-4ECC-BA99-B01CB8CF3A4D}
2010-08-22 13:03 . 2010-08-22 15:27 -------- d-----w- c:\documents and settings\Rob Leach\Local Settings\Application Data\puxjmjdvd
2010-08-22 13:03 . 2010-09-16 08:04 785408 ----a-w- c:\windows\system32\drivers\qbidwz.sys
2010-08-17 13:17 . 2010-08-17 13:17 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-16 08:01 . 2005-03-02 13:45 288 ----a-w- c:\windows\system32\DVCStateBkp-{00000004-00000000-00000002-00001102-00000004-10031102}.dat
2010-09-16 08:01 . 2005-03-02 13:45 288 ----a-w- c:\windows\system32\DVCState-{00000004-00000000-00000002-00001102-00000004-10031102}.dat
2010-09-16 05:51 . 2009-02-09 19:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-09-15 19:13 . 2004-08-10 13:13 79027 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2010-09-15 16:32 . 2005-03-05 15:25 113320 ----a-w- c:\documents and settings\Rob Leach\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-09-15 16:15 . 2004-08-10 13:02 23444 ----a-w- c:\windows\system32\emptyregdb.dat
2010-09-09 16:18 . 2010-04-27 06:28 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-04 12:07 . 2007-12-27 08:00 -------- d-----w- c:\documents and settings\Rob Leach\Application Data\BitTorrent
2010-09-02 15:53 . 2006-11-25 10:34 -------- d-----w- c:\program files\SpywareBlaster
2010-08-19 10:09 . 2009-09-04 06:17 -------- d-----w- c:\program files\Ken Rename
2010-08-17 13:17 . 2004-08-12 14:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-05 05:06 . 2008-01-19 15:28 -------- d-----w- c:\program files\Songbeat
2010-08-05 05:03 . 2005-03-02 13:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-05 04:58 . 2010-05-19 15:54 -------- d-----w- c:\program files\Red Chair Software
2010-07-29 06:57 . 2010-07-29 06:57 -------- d-----w- c:\documents and settings\Rob Leach\Application Data\Cycling '74
2010-07-29 06:48 . 2006-04-07 17:33 -------- d-----w- c:\program files\PhotoArtMaster Classic
2010-07-29 06:47 . 2007-08-20 20:52 -------- d-----w- c:\program files\Microsoft Digital Image 2006
2010-07-28 12:23 . 2010-07-28 12:18 -------- d-----w- c:\documents and settings\Rob Leach\Application Data\gtk-2.0
2010-07-28 11:54 . 2007-10-23 05:56 -------- d-----w- c:\documents and settings\Rob Leach\Application Data\AVS4YOU
2010-07-28 11:54 . 2010-07-09 13:31 -------- d-----w- c:\program files\AVS4YOU
2010-07-26 21:09 . 2009-06-19 11:01 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-07-26 20:04 . 2010-07-26 20:04 2605008 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe
2010-07-22 15:49 . 2004-08-12 14:04 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 05:57 . 2009-04-18 13:49 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-16 16:42 . 2009-03-31 07:52 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-16 16:42 . 2010-07-16 16:42 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-16 16:41 . 2009-03-31 07:52 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-12 16:28 . 2006-05-14 17:26 112936 ----a-w- c:\documents and settings\Pamela\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-30 12:31 . 2004-08-12 14:04 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2004-08-12 14:09 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2004-08-12 14:09 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-12 14:06 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-18 17:45 . 2004-08-12 14:09 293376 ----a-w- c:\windows\system32\winsrv.dll
2009-03-05 19:32 . 2009-03-05 19:31 2788800 ----a-w- c:\program files\FLV PlayerFCSetup.exe
2007-12-29 20:58 . 2007-12-29 20:58 33426015 ----a-w- c:\program files\Common Files\data.dpk
2006-05-03 09:06 . 2008-08-12 08:27 163328 --sha-r- c:\windows\SYSTEM32\flvDX.dll
2007-02-21 10:47 . 2008-08-12 08:27 31232 --sha-r- c:\windows\SYSTEM32\msfDX.dll
2008-03-16 12:30 . 2008-08-12 08:27 216064 --sha-r- c:\windows\SYSTEM32\nbDX.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-16 2065760]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-11-11 4583424]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-10-25 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-16 16:42 12536 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DSLMON.lnk]
backup=c:\windows\pss\DSLMON.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check 2.lnk]
backup=c:\windows\pss\EPSON Status Monitor 3 Environment Check 2.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Rob Leach^Start Menu^Programs^Startup^Notmad Manager.lnk]
path=c:\documents and settings\Rob Leach\Start Menu\Programs\Startup\Notmad Manager.lnk
backup=c:\windows\pss\Notmad Manager.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataCaching

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 16:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsioReg]
2003-02-20 16:27 110592 ----a-w- c:\windows\SYSTEM32\CTASIO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-11-06 20:07 323392 ----a-w- c:\program files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-27 02:10 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-03-18 01:40 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDet]
2002-09-30 01:00 45056 ----a-w- c:\program files\Creative\SBAudigy2\DVDAudio\CTDVDDET.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 04:42 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2003-02-20 16:45 28672 ----a-w- c:\windows\SYSTEM32\CTHELPER.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
2002-10-29 09:18 49152 ----a-w- c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
2004-08-22 16:05 81920 ----a-w- c:\program files\D-Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-10-12 16:54 57344 ----a-w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2004-06-29 11:23 135168 ----a-w- c:\program files\Intel\Intel Application Accelerator\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
2003-09-03 20:12 221184 ----a-w- c:\program files\Intel\Modem Event Monitor\IntelMEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
2005-12-12 10:23 2236416 ----a-w- c:\windows\kdx\KHost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
2003-08-29 13:17 188416 ----a-w- c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
2003-08-29 13:20 77824 ----a-w- c:\program files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2005-04-08 17:43 1953792 ----a-w- c:\program files\Ahead\Nero BackItUp\NBJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\SYSTEM32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2004-11-11 17:10 4583424 ----a-w- c:\windows\SYSTEM32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-10-25 18:58 282624 ----a-w- c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 11:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-12-08 19:58 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2007-01-15 20:12 185896 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2008-12-09 10:12 234856 ----a-w- c:\program files\TomTom HOME 2\HOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 01:01 110592 ----a-w- c:\program files\Common Files\Sonic\Update Manager\sgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 01:00 90112 ----a-w- c:\windows\Updreg.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\NetMeeting\\CONF.EXE"=
"c:\\WINDOWS\\kdx\\KHost.exe"=
"c:\\Program Files\\KService\\KService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\PocketSoft\\RTPatch\\AutoRTP\\artpschd.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\SYSTEM32\\DPVSETUP.EXE"=
"c:\\Program Files\\Photo Story 3 for Windows\\PhotoStory3.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 d347bus;d347bus;c:\windows\SYSTEM32\DRIVERS\d347bus.sys [11/09/2005 10:20 155136]
R0 d347prt;d347prt;c:\windows\SYSTEM32\DRIVERS\d347prt.sys [11/09/2005 10:20 5248]
R0 Lbd;Lbd;c:\windows\SYSTEM32\DRIVERS\Lbd.sys [31/03/2009 07:45 64160]
R0 pavboot;pavboot;c:\windows\SYSTEM32\DRIVERS\pavboot.sys [11/02/2009 21:10 28544]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [31/03/2009 08:52 216400]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [31/03/2009 08:52 243024]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [08/01/2010 01:51 380928]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [16/07/2010 17:42 308136]
S1 clmhufow;clmhufow;\??\c:\windows\system32\drivers\clmhufow.sys --> c:\windows\system32\drivers\clmhufow.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19/05/2010 14:43 136176]
S3 BEHRINGER_2902;usb-audio.de driver for BEHRINGER USB AUDIO;c:\windows\SYSTEM32\DRIVERS\BUSB2902.sys [05/11/2007 11:54 110272]
S3 MAUSBML;Service for M-Audio Micro (WDM);c:\windows\SYSTEM32\DRIVERS\mausbmr.sys [16/02/2010 18:41 124800]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\7.tmp --> c:\windows\system32\7.tmp [?]
S3 PID_0920;Logitech QuickCam Express(PID_0920);c:\windows\SYSTEM32\DRIVERS\LV532AV.SYS [21/04/2005 13:12 152576]
S3 StreamSurge;StreamSurge Driver (miniport);c:\windows\system32\DRIVERS\ss.sys --> c:\windows\system32\DRIVERS\ss.sys [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - qbidwz
.
Contents of the 'Scheduled Tasks' folder

2010-09-16 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2006-12-30 19:44]

2010-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-19 13:43]

2010-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-19 13:43]

2010-09-15 c:\windows\Tasks\User_Feed_Synchronization-{AA2B31D1-1639-48B5-BD6F-841FB6A9896D}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 04:31]

2010-09-16 c:\windows\Tasks\User_Feed_Synchronization-{E7B292D1-9F90-4728-AB45-9512483DC2FB}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 04:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.co.uk/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:6522
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
TCP: {D1678CC5-DC47-40D3-84CE-F00E0E69C957} = 192.168.0.1
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://magnet.2020.net/virtualplanner/C ... _Win32.cab
DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} - hxxp://webalbum.bonusprint.com/ukipc01/ ... oader6.cab
.
- - - - ORPHANS REMOVED - - - -

BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
Toolbar-Locked - (no file)
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-16 09:04
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\7.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\qbidwz]

.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2473042307-2296272667-3059070584-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-2473042307-2296272667-3059070584-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D90124BF-EFC2-E9ED-E1C0-275EB787C177}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaemodbinpkdimicdj"=hex:6b,61,6c,65,61,66,63,62,61,6d,61,63,70,63,62,70,69,61,
6c,67,61,6c,00,00
"haolhigcgnmjdgmc"=hex:6b,61,69,65,67,66,67,70,62,6f,66,66,6d,6e,65,67,6e,68,
6b,66,6c,6e,00,00

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2172)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\Creative\Creative NOMAD Jukebox Zen Xtra\NOMAD Explorer\CTJBNS.DLL
c:\program files\Creative\Creative NOMAD Jukebox Zen Xtra\NOMAD Explorer\CTIntrfc.dll
c:\program files\Creative\Creative NOMAD Jukebox Zen Xtra\NOMAD Explorer\JBNSHK.dll
c:\program files\Creative\Creative NOMAD Jukebox Zen Xtra\NOMAD Explorer\JBNSRES.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Intel\Intel Application Accelerator\iaantmon.exe
c:\program files\KService\KService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\MsPMSPSv.exe
c:\program files\AVG\AVG9\avgnsx.exe
.
**************************************************************************
.
Completion time: 2010-09-16 09:11:53 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-16 08:11

Pre-Run: 50,445,377,536 bytes free
Post-Run: 50,849,857,536 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 91333C72FE686BDB2BE20C15BF0FF5C0
Bleach
Regular Member
 
Posts: 18
Joined: September 16th, 2010, 3:34 am
Advertisement
Register to Remove

Re: Help with Rootkit.Agent

Unread postby NonSuch » September 16th, 2010, 5:18 am

ComboFix is not a tool that is intended to be used without the direct supervision of a qualified expert. To use ComboFix on your own is to court disaster for your computer. Please stop all attempts at self-fixes for your system's issues as that may only confuse the issue further and cause additional problems as well.

In order for us to help you it is necessary that you provide us with a HijackThis log. Please follow the guideline at the link below to start a new topic and post your HijackThis log. Also include your ComboFix log in the same post.

This topic is now closed. Please start a new topic by following the HijackThis Guideline posted here: >Guideline for posting your HijackThis log<
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 323 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware