Done. Everything seems to be working fine.
1st log:
ComboFix 12-01-26.03 - user1 01/27/2012 7:53.2.2 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.2786 [GMT -6:00]
Running from: c:\documents and settings\user1\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\user1\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
FILE ::
"c:\documents and settings\All Users\Application Data\1327174600.1200.bin"
"c:\documents and settings\All Users\Application Data\1327174600.1324.bin"
"c:\documents and settings\All Users\Application Data\1327174600.1892.bin"
"c:\documents and settings\All Users\Application Data\1327174600.2988.bin"
"c:\documents and settings\All Users\Application Data\1327174600.3064.bin"
"c:\documents and settings\All Users\Application Data\1327174600.3280.bin"
"c:\documents and settings\All Users\Application Data\1327174600.468.bin"
"c:\documents and settings\All Users\Application Data\1327174600.988.bin"
"c:\documents and settings\All Users\Application Data\1327177343.bdinstall.bin"
"c:\documents and settings\All Users\Application Data\1327178438.bdinstall.bin"
"c:\documents and settings\All Users\Application Data\1327178440.bdinstall.bin"
"c:\documents and settings\user1\Local Settings\Temp\6.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\1327174600.1200.bin
c:\documents and settings\All Users\Application Data\1327174600.1324.bin
c:\documents and settings\All Users\Application Data\1327174600.1892.bin
c:\documents and settings\All Users\Application Data\1327174600.2988.bin
c:\documents and settings\All Users\Application Data\1327174600.3064.bin
c:\documents and settings\All Users\Application Data\1327174600.3280.bin
c:\documents and settings\All Users\Application Data\1327174600.468.bin
c:\documents and settings\All Users\Application Data\1327174600.988.bin
c:\documents and settings\All Users\Application Data\1327177343.bdinstall.bin
c:\documents and settings\All Users\Application Data\1327178438.bdinstall.bin
c:\documents and settings\All Users\Application Data\1327178440.bdinstall.bin
c:\documents and settings\All Users\Application Data\AVAST Software
c:\documents and settings\All Users\Application Data\PC Tools
c:\documents and settings\All Users\Application Data\PC Tools\DownloadManager\{C146A195-BE12-42E3-9078-E4947B9EF682}.dat
c:\documents and settings\All Users\Application Data\PC Tools\DownloadManager\Spyware Doctor with AntiVirus8.0\sdasetup_generic999_en_aff_dl.exe
c:\documents and settings\All Users\Application Data\PC Tools\DownloadManager\Spyware Doctor with AntiVirus8.0\sdasetup_revwire207_en_aff_dl.exe.bak
c:\program files\AVAST Software
c:\program files\AVAST Software\Avast\Setup\setup.ini
c:\program files\Bitdefender
c:\program files\Common Files\Bitdefender
c:\program files\Common Files\Bitdefender\setupinformation\contacts.xml
c:\program files\Common Files\Bitdefender\setupinformation\contacts.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\detection.xml
c:\program files\Common Files\Bitdefender\setupinformation\detection.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\ACA.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\ACA.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Ad-Aware.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Ad-Aware.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\AntiVir.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\AntiVir.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\avast5.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\avast5.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\AVG.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\AVG.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Avira.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Avira.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\BackWeb-4476822.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\BackWeb-4476822.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\BBC.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\BBC.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Antivirus.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Antivirus.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Internet Security.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Internet Security.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Total Security.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Total Security.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\BullGuard.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\BullGuard.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\cciss.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\cciss.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\COMODO.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\COMODO.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\DRWEB.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\DRWEB.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\ESET.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\ESET.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\eTrust.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\eTrust.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\F-Secure.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\F-Secure.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\GData.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\GData.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\GUIDs.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\GUIDs.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\JiangMin.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\JiangMin.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Kaspersky.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Kaspersky.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Kingsoft.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Kingsoft.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\kv.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\kv.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Lavasoft.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Lavasoft.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Malwarebytes.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Malwarebytes.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\McAfee.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\McAfee.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\MicroPoint.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\MicroPoint.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Mobile.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Mobile.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\MSC.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\MSC.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\mse.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\mse.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Norman.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Norman.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Norton.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Norton.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\OfficeScan95.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\OfficeScan95.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\OfficeScanNT.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\OfficeScanNT.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Panda.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Panda.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\PCTools.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\PCTools.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Premium.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Premium.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Rav.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Rav.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\RFW.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\RFW.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Ris.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Ris.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\ServerProtect.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\ServerProtect.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\SunBelt.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\SunBelt.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\TrendMicro.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\TrendMicro.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\VETWIN32Vp5.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\VETWIN32Vp5.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Virus.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Virus.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Webroot.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Webroot.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\WinSS.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\WinSS.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\ZoneAlarm.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\ZoneAlarm.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\locations.xml
c:\program files\Common Files\Bitdefender\setupinformation\locations.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\setupdownloader.exe
c:\program files\Common Files\Bitdefender\setupinformation\setupdownloader.exe.md5
c:\program files\Common Files\Bitdefender\setupinformation\setupdownloader.ui
c:\program files\Common Files\Bitdefender\setupinformation\setupdownloader.ui.md5
c:\program files\Common Files\Bitdefender\setupinformation\setuplauncher.exe
c:\program files\Common Files\Bitdefender\setupinformation\setuplauncher.exe.md5
c:\program files\Common Files\Bitdefender\setupinformation\UninstallLib.dll
c:\program files\Common Files\Bitdefender\setupinformation\UninstallLib.dll.md5
c:\program files\Common Files\PC Tools
c:\program files\Common Files\PC Tools\Lsp\pctlsp.dll.old0131.old
c:\program files\PC Tools Security
c:\program files\PC Tools Security\TFEngine\TFCfg.dll0147.old
.
.
((((((((((((((((((((((((( Files Created from 2011-12-27 to 2012-01-27 )))))))))))))))))))))))))))))))
.
.
2012-01-27 14:04 . 2012-01-27 14:04 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7EB0D147-465D-46B2-AC7E-F9BB09EAC0FD}\MpKsl23a856f1.sys
2012-01-27 02:59 . 2012-01-06 02:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7EB0D147-465D-46B2-AC7E-F9BB09EAC0FD}\mpengine.dll
2012-01-25 13:49 . 2012-01-25 13:49 -------- d-----w- c:\program files\File Type Assistant
2012-01-24 16:09 . 2012-01-24 16:09 -------- d-----w- C:\_OTL
2012-01-24 16:03 . 2012-01-24 16:04 -------- d-----w- c:\program files\ERUNT
2012-01-23 02:08 . 2012-01-06 02:19 6557240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-21 21:47 . 2012-01-21 21:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-21 21:47 . 2011-12-10 21:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-21 21:02 . 2012-01-21 21:02 -------- d-----w- c:\program files\Microsoft Security Client
2012-01-21 19:38 . 2012-01-21 19:38 -------- d-----w- c:\documents and settings\user1\Application Data\QuickScan
2012-01-21 06:24 . 2012-01-21 06:24 -------- d-----w- c:\documents and settings\user1\Application Data\Malwarebytes
2012-01-21 06:24 . 2012-01-21 06:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-01-21 05:54 . 2012-01-21 05:54 -------- d-----w- c:\windows\system32\GroupPolicy
2012-01-21 01:28 . 2012-01-21 01:28 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2012-01-07 20:00 . 2012-01-07 20:00 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-07 20:00 . 2012-01-07 20:00 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-07 20:00 . 2012-01-07 20:00 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-07 20:00 . 2012-01-07 20:00 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-27 14:03 . 2009-03-19 17:33 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2012-01-27 14:03 . 2009-03-19 17:48 58288 ----a-w- c:\windows\system32\rpcnet.dll
2012-01-27 14:02 . 2009-03-19 17:32 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2012-01-21 23:05 . 2011-02-02 15:11 64128 ----a-w- c:\windows\system32\drivers\tosrfcom.sys
2012-01-21 06:04 . 2009-03-19 17:48 58288 ------w- c:\windows\system32\rpcnet.exe
2012-01-04 09:26 . 2010-05-27 20:58 236576 ------w- c:\windows\system32\MpSigStub.exe
2011-12-19 09:02 . 2005-05-13 23:27 28672 ----a-w- c:\windows\system32\drivers\usbccid.sys
2011-12-19 09:02 . 2011-12-19 09:02 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2011-12-19 09:02 . 2011-12-19 09:02 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2011-12-10 15:56 . 2010-10-06 19:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-12-10 15:56 . 2010-10-06 19:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-11-28 23:34 . 2011-11-28 23:34 446160 ----a-w- c:\windows\system32\drivers\avckf.sys
2011-11-25 21:57 . 2004-08-04 10:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-25 19:59 . 2011-11-25 19:59 240184 ----a-w- c:\windows\system32\drivers\avchv.sys
2011-11-23 13:25 . 2004-08-04 10:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35 . 2004-08-04 10:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2004-08-04 10:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2004-08-04 10:00 152064 ----a-w- c:\windows\system32\schannel.dll
2011-11-15 01:20 . 2011-08-14 02:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-04 19:20 . 2006-03-04 03:33 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28 . 2004-08-04 10:00 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28 . 2004-08-04 10:00 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2004-08-04 10:00 1288704 ----a-w- c:\windows\system32\ole32.dll
2012-01-07 20:00 . 2011-08-14 02:53 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-26_05.40.54 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 10:00 . 2012-01-26 05:42 40912 c:\windows\system32\perfc009.dat
+ 2004-08-04 10:00 . 2012-01-27 14:05 40912 c:\windows\system32\perfc009.dat
+ 2004-08-04 10:00 . 2012-01-27 14:05 313048 c:\windows\system32\perfh009.dat
- 2004-08-04 10:00 . 2012-01-26 05:42 313048 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-12-10 296056]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-10-09 49152]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 MpKsl23a856f1;MpKsl23a856f1;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7EB0D147-465D-46B2-AC7E-F9BB09EAC0FD}\MpKsl23a856f1.sys [1/27/2012 8:04 AM 29904]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/21/2012 3:47 PM 652872]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/21/2012 3:47 PM 20464]
S1 aesjthxt;aesjthxt;\??\c:\windows\system32\drivers\aesjthxt.sys --> c:\windows\system32\drivers\aesjthxt.sys [?]
S3 EE1ACEED;EE1ACEED;c:\windows\system32\EE1ACEED.exe --> c:\windows\system32\EE1ACEED.exe [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys --> c:\windows\system32\DRIVERS\ew_hwusbdev.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys --> c:\windows\system32\DRIVERS\ewusbnet.sys [?]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys --> c:\windows\system32\DRIVERS\ew_jubusenum.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL23A856F1
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
6
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-27 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 21:39]
.
2012-01-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-1935655697-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]
.
2012-01-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-1935655697-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-08 22:14]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\user1\Application Data\Mozilla\Firefox\Profiles\voxj3y0k.default\
FF - prefs.js: browser.startup.homepage - google.com
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-6
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2012-01-27 08:04
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1156)
c:\windows\system32\netprovcredman.dll
.
- - - - - - - > 'explorer.exe'(1032)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\system32\rpcnet.exe
c:\program files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Intel\WiFi\bin\WLKeeper.exe
.
**************************************************************************
.
Completion time: 2012-01-27 08:07:01 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-27 14:06
ComboFix2.txt 2012-01-26 05:45
.
Pre-Run: 137,026,473,984 bytes free
Post-Run: 136,973,914,112 bytes free
.
- - End Of File - - ADDDC8126AC5AF4AE82728313A461770