ran super anti spyware and it fount 11 infected adaware files. I removed them and uninstalled limewire (which I installed after this all happened) and ran the report again. Just before posting this music played again
ComboFix 09-12-29.03 - Danny 12/29/2009 16:35:11.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3573.1811 [GMT -5:00]
Running from: c:\users\Danny\Downloads\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-29 )))))))))))))))))))))))))))))))
.
2009-12-29 21:40 . 2009-12-29 21:40 -------- d-----w- c:\users\Danny\AppData\Local\temp
2009-12-29 21:40 . 2009-12-29 21:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-29 21:40 . 2009-12-29 21:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-28 21:04 . 2009-12-28 21:04 6955008 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{9547FABD-32E4-DF74-DFE4-02F27D410124}-ViewNX.exe
2009-12-28 21:04 . 2009-12-28 21:05 -------- d-----w- c:\users\Danny\AppData\Roaming\Nikon
2009-12-28 20:44 . 2008-06-12 15:29 6475096 ----a-w- c:\windows\system32\NEFcodec.dll
2009-12-28 20:44 . 2008-01-10 15:51 110592 ----a-r- c:\windows\system32\RCSigProc.dll
2009-12-28 20:44 . 2008-01-10 15:16 200704 ----a-r- c:\windows\system32\Strato7.dll
2009-12-28 20:36 . 2009-12-28 20:36 49152 ----a-r- c:\users\Danny\AppData\Roaming\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
2009-12-28 20:36 . 2009-12-28 20:36 335872 ----a-r- c:\users\Danny\AppData\Roaming\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
2009-12-28 20:35 . 2009-12-28 20:35 57344 ----a-r- c:\users\Danny\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2009-12-28 20:30 . 2009-12-28 20:30 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-12-28 20:30 . 2009-12-28 20:36 -------- d-----w- c:\program files\Common Files\Nikon
2009-12-28 20:30 . 2009-12-28 20:30 -------- d-----w- c:\programdata\Nikon
2009-12-28 20:30 . 2009-12-28 20:32 -------- d-----w- c:\program files\Nikon
2009-12-17 21:40 . 2009-12-17 21:40 -------- d-----w- c:\users\Danny\AppData\Local\Blizzard Entertainment
2009-12-17 08:17 . 2009-12-26 19:51 -------- d-----w- C:\World of Warcraft
2009-12-17 04:05 . 2009-12-17 04:05 -------- d-----w- c:\program files\CCleaner
2009-12-16 22:09 . 2009-12-16 22:09 -------- d-----w- C:\$AVG
2009-12-16 22:09 . 2009-12-16 22:09 -------- d-----w- c:\program files\AVG
2009-12-16 22:08 . 2009-12-16 22:09 -------- d-----w- c:\programdata\avg9
2009-12-16 22:03 . 2009-12-17 04:08 -------- d-----w- c:\program files\Panda Security
2009-12-16 22:02 . 2009-12-16 22:02 -------- d-----w- c:\users\Danny\AppData\Roaming\AVG8
2009-12-15 21:52 . 2009-12-16 04:54 -------- d-----w- c:\program files\Porrasturvat - Stair Dismount
2009-12-15 07:44 . 2009-12-15 07:44 22673728 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{83159B41-288E-E729-84F2-CEC72DDECAE2}-AgeOfConan.exe
2009-12-14 22:38 . 2009-12-14 22:38 -------- d-----w- c:\users\Danny\AppData\Local\Funcom
2009-12-10 22:31 . 2009-12-10 22:31 138240 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_d.dll
2009-12-10 22:31 . 2009-12-10 22:31 138240 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_c.dll
2009-12-10 22:31 . 2009-12-10 22:31 138240 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_b.dll
2009-12-10 22:31 . 2009-12-10 22:31 138240 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_1_14_0_a.dll
2009-12-10 17:39 . 2009-12-10 18:09 -------- d-----w- c:\users\Danny\AppData\Roaming\Tropico 3 Demo
2009-12-10 17:39 . 2009-03-09 20:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-12-10 17:39 . 2009-03-09 20:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-12-10 17:39 . 2009-03-16 19:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-12-10 17:39 . 2009-03-16 19:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-12-10 17:39 . 2009-03-09 20:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-12-10 17:39 . 2009-03-16 19:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-12-10 17:39 . 2008-10-15 11:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-12-10 17:39 . 2008-10-15 11:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-12-10 17:39 . 2008-10-15 11:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-12-10 16:58 . 2009-12-10 16:58 247296 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_d_ind.dll
2009-12-10 16:58 . 2009-12-10 16:58 247296 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_c_ind.dll
2009-12-10 16:58 . 2009-12-10 16:58 247296 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_b_ind.dll
2009-12-10 16:58 . 2009-12-10 16:58 247296 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_srl_4_0_11_0_a_ind.dll
2009-12-10 16:42 . 2009-12-10 16:42 -------- d-----w- c:\program files\Windows Portable Devices
2009-12-10 16:24 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-10 16:24 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-10 16:24 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-10 16:22 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-12-10 16:22 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-12-10 16:22 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-12-10 16:05 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2009-12-10 16:04 . 2009-11-03 21:43 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 16:04 . 2009-11-03 21:42 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-10 16:04 . 2009-11-03 19:41 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 05:35 . 2009-12-10 21:24 680 ----a-w- c:\users\Danny\AppData\Local\d3d9caps.dat
2009-12-10 01:53 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-12-10 01:53 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2009-12-10 01:28 . 2009-12-10 01:28 -------- d-----w- c:\program files\Innovative Solutions
2009-12-09 20:16 . 2009-12-09 20:17 -------- d-----w- c:\users\Danny\AppData\Local\Deployment
2009-12-09 20:16 . 2009-12-09 20:16 -------- d-----w- c:\users\Danny\AppData\Local\Apps
2009-12-09 20:12 . 2009-12-09 17:53 -------- d-----w- c:\windows\Panther
2009-12-09 20:10 . 2007-11-12 11:07 330240 ----a-w- c:\windows\system32\drivers\stwrt.sys
2009-12-09 20:10 . 2007-11-12 11:07 595456 ----a-w- c:\windows\system32\stapo.dll
2009-12-09 20:10 . 2007-11-12 11:07 328704 ----a-w- c:\windows\system32\stcplx.dll
2009-12-09 20:10 . 2007-11-12 11:07 299520 ----a-w- c:\windows\system32\stapi32.dll
2009-12-09 20:10 . 2007-11-12 11:07 45568 ----a-w- c:\windows\system32\ctppld.dll
2009-12-09 20:10 . 2007-11-12 11:07 146944 ----a-w- c:\windows\system32\staco.dll
2009-12-09 20:10 . 2007-11-12 11:07 492544 ----a-w- c:\windows\system32\ctapo32.dll
2009-12-09 20:10 . 2009-12-09 20:10 -------- d-----w- c:\windows\system32\OEM
2009-12-09 20:03 . 2009-12-09 20:03 -------- d-----w- C:\$WINDOWS.~Q
2009-12-09 19:59 . 2009-12-09 19:59 -------- d-----w- C:\$INPLACE.~TR
2009-12-09 19:33 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-09 19:31 . 2009-09-04 22:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-12-09 19:31 . 2009-09-04 22:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-12-09 19:21 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-12-09 19:20 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-12-09 19:20 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-12-09 19:20 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-12-09 19:20 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-12-09 19:17 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-12-09 18:46 . 2009-12-09 18:46 -------- d-----w- c:\windows\system32\ca-ES
2009-12-09 18:46 . 2009-12-09 18:46 -------- d-----w- c:\windows\system32\eu-ES
2009-12-09 18:46 . 2009-12-09 18:46 -------- d-----w- c:\windows\system32\vi-VN
2009-12-09 18:42 . 2009-12-09 18:42 -------- d-----w- c:\windows\system32\SPReview
2009-12-09 18:31 . 2009-04-11 04:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2009-12-09 18:29 . 2009-04-11 04:32 265688 ----a-w- c:\windows\system32\drivers\acpi.sys
2009-12-09 18:00 . 2009-12-09 18:00 65800 ----a-w- c:\users\Danny\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-09 17:56 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-12-09 17:56 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-12-09 17:56 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-12-09 17:56 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-12-09 17:55 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-12-09 17:55 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-12-09 17:55 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-12-09 17:55 . 2009-08-07 00:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-12-09 17:55 . 2009-08-06 23:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-12-09 17:44 . 2009-12-09 17:44 21316 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-09 17:43 . 2009-12-17 04:07 -------- d-----w- c:\windows\Debug
2009-12-09 17:39 . 2009-12-09 17:39 -------- d-----w- c:\users\Default\video
2009-12-09 17:19 . 2009-12-09 17:19 -------- d-----w- c:\program files\CONEXANT
2009-12-09 17:19 . 2009-12-09 17:19 -------- d-----w- c:\program files\Sigmatel
2009-12-09 17:19 . 2007-11-12 11:07 1601536 ----a-w- c:\windows\system32\stlang.dll
2009-12-09 17:19 . 2007-11-12 11:07 102400 ----a-w- c:\windows\system32\stacsv.exe
2009-12-09 17:19 . 2007-11-12 11:07 73728 ------w- c:\windows\system32\AEstSrv.exe
2009-12-09 17:19 . 2007-11-12 11:07 647168 ----a-w- c:\windows\system32\aestecap.dll
2009-12-09 17:19 . 2007-11-12 11:07 53248 ----a-w- c:\windows\system32\aestaren.dll
2009-12-09 17:19 . 2007-11-12 11:07 131072 ----a-w- c:\windows\system32\aestacap.dll
2009-12-09 17:19 . 2009-12-09 17:19 -------- d-----w- c:\program files\DellTPad
2009-12-09 15:26 . 2009-12-09 17:32 -------- d-----w- c:\windows\CheckSur
2009-12-09 14:57 . 2009-12-09 17:25 -------- d-----w- c:\program files\Microsoft Security Essentials
2009-12-09 05:34 . 2009-12-09 17:37 -------- d-----w- c:\users\Danny\AppData\Roaming\InstallShield
2009-12-09 05:31 . 2009-12-09 17:32 -------- d-----w- c:\windows\system32\EventProviders
2009-12-09 05:28 . 2009-12-10 22:31 -------- d-----w- c:\program files\SystemRequirementsLab
2009-12-09 05:28 . 2009-12-10 22:31 -------- d-----w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab
2009-12-09 05:28 . 2009-12-09 05:28 290816 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_4.dll
2009-12-09 05:28 . 2009-12-09 05:28 290816 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_3.dll
2009-12-09 05:28 . 2009-12-09 05:28 290816 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_2.dll
2009-12-09 05:28 . 2009-12-09 05:28 290816 ----a-w- c:\users\Danny\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_1.dll
2009-12-09 05:17 . 2009-12-09 17:37 -------- d-sh--w- c:\users\Danny\.COMMgr
2009-12-03 21:15 . 2007-02-28 13:49 102400 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\dlbkpp5c.dll
2009-11-30 23:02 . 2009-11-30 23:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 23:02 . 2009-11-30 23:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-29 20:49 . 2009-12-29 20:49 52224 ----a-w- c:\users\Danny\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-29 20:49 . 2009-07-05 13:18 117760 ----a-w- c:\users\Danny\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-29 20:47 . 2009-02-21 23:21 -------- d-----w- c:\program files\LimeWire
2009-12-29 20:45 . 2009-01-31 22:16 -------- d-----w- c:\program files\Trillian
2009-12-28 21:05 . 2009-12-28 20:29 20 ---h--w- c:\programdata\PKP_DLdu.DAT
2009-12-28 21:04 . 2009-12-28 20:31 20 ---h--w- c:\programdata\PKP_DLdw.DAT
2009-12-28 20:44 . 2009-01-26 20:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-28 20:31 . 2009-12-28 20:29 -------- d-----w- c:\programdata\Ultima_T15
2009-12-28 20:31 . 2009-12-28 20:29 -------- d-----w- c:\programdata\EnterNHelp
2009-12-28 20:29 . 2009-01-26 20:37 106496 ----a-w- c:\windows\system32\ATL71.DLL
2009-12-28 20:29 . 2009-12-28 20:29 1148760 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{2F3BE89F-8E50-1108-3B98-5671A97A2774}-Welcome.exe
2009-12-24 20:21 . 2009-12-24 20:21 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-12-17 22:29 . 2009-07-04 18:55 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-12-15 18:01 . 2009-03-03 15:09 -------- d-----w- c:\program files\Steam
2009-12-15 07:53 . 2009-03-03 15:24 -------- d-----w- c:\programdata\Media Center Programs
2009-12-10 19:12 . 2009-02-09 04:45 3024 ----a-w- c:\users\Danny\AppData\Roaming\wklnhst.dat
2009-12-10 16:42 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-09 20:18 . 2009-01-26 20:32 -------- d-----w- c:\program files\Intel
2009-12-09 19:37 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-09 18:58 . 2009-10-28 23:35 -------- d-----w- c:\program files\DrWeb
2009-12-09 18:46 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-12-09 18:46 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-12-09 18:46 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-12-09 18:46 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-12-09 18:46 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-12-09 17:37 . 2009-06-02 20:55 -------- d-----w- c:\users\Danny\AppData\Roaming\Logitech
2009-12-09 17:37 . 2009-05-06 04:12 -------- d-----w- c:\users\Danny\AppData\Roaming\Downloaded Installations
2009-12-09 17:37 . 2009-03-12 02:37 -------- d-----w- c:\users\Danny\AppData\Roaming\DivX
2009-12-09 17:37 . 2009-02-01 22:40 -------- d-----w- c:\users\Danny\AppData\Roaming\CyberLink
2009-12-09 17:37 . 2009-01-31 23:51 -------- d-----w- c:\users\Danny\AppData\Roaming\Apple Computer
2009-12-09 17:37 . 2009-01-31 21:03 -------- d-----w- c:\users\Danny\AppData\Roaming\Dell
2009-12-09 17:37 . 2009-01-31 20:24 -------- d-----w- c:\users\Danny\AppData\Roaming\Creative
2009-12-09 17:32 . 2009-11-18 21:12 -------- d-sh--w- c:\programdata\WSDDSys
2009-12-09 17:32 . 2009-10-15 17:50 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-12-09 17:32 . 2009-05-04 01:56 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-12-09 17:32 . 2009-04-27 01:44 -------- d--h--w- c:\programdata\~0
2009-12-09 17:32 . 2009-04-14 17:16 -------- d-----w- c:\programdata\WindowsSearch
2009-12-09 17:32 . 2009-03-16 01:56 -------- d-----w- c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-12-09 17:32 . 2009-01-26 20:46 -------- d-----w- c:\programdata\WildTangent
2009-12-09 17:30 . 2009-11-18 21:11 -------- d-sh--w- c:\programdata\a3fd625
2009-12-09 17:30 . 2009-08-17 13:07 -------- d-----w- c:\programdata\Blizzard Entertainment
2009-12-09 17:30 . 2009-04-04 00:42 -------- d-----w- c:\programdata\America's Army Deploy Client
2009-12-09 17:30 . 2009-02-21 23:16 -------- d-----w- c:\programdata\1B134
2009-12-09 17:30 . 2009-01-31 23:49 -------- d-----w- c:\programdata\Apple Computer
2009-12-09 17:30 . 2009-01-31 23:48 -------- d-----w- c:\programdata\Apple
2009-12-09 17:30 . 2009-01-31 22:00 -------- d-----w- c:\programdata\Blizzard
2009-12-09 17:30 . 2009-01-26 20:37 -------- d-----w- c:\programdata\CyberLink
2009-12-09 17:30 . 2009-01-26 20:22 -------- d-----w- c:\programdata\Creative Labs
2009-12-09 17:30 . 2009-01-26 20:22 -------- d-----w- c:\programdata\Creative
2009-12-09 17:27 . 2009-01-26 20:46 -------- d-----w- c:\program files\WildTangent
2009-12-09 17:27 . 2009-08-05 04:04 -------- d-----w- c:\program files\VideoLAN
2009-12-09 17:27 . 2009-08-29 20:27 -------- d-----w- c:\program files\Trend Micro
2009-12-09 17:27 . 2009-07-05 13:17 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-09 17:26 . 2009-10-28 20:44 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-09 17:26 . 2009-06-02 20:50 -------- d-----w- c:\program files\SetPoint
2009-12-09 17:26 . 2009-10-28 20:42 -------- d-----w- c:\program files\Safer Networking
2009-12-09 17:26 . 2009-01-26 20:40 -------- d-----w- c:\program files\Roxio
2009-12-09 17:26 . 2009-10-15 17:48 -------- d-----w- c:\program files\QuickTime
2009-12-09 17:26 . 2009-02-03 17:57 -------- d-----w- c:\program files\Norton Security Scan
2009-12-09 17:26 . 2009-01-26 20:22 -------- d-----w- c:\program files\NetWaiting
2009-12-09 17:26 . 2009-08-24 04:27 -------- d-----w- c:\program files\NavNetApp
2009-12-09 17:26 . 2009-10-28 20:40 -------- d-----w- c:\program files\Mozilla Firefox(154)
2009-12-09 17:26 . 2009-10-27 15:38 -------- d-----w- c:\program files\NavNet
2009-12-09 17:25 . 2009-01-26 20:40 -------- d-----w- c:\program files\Microsoft Works
2009-12-09 17:25 . 2009-01-26 20:21 -------- d-----w- c:\program files\Modem Diagnostic Tool
2009-12-09 17:25 . 2009-03-24 23:58 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-09 17:25 . 2009-05-02 03:27 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-12-09 17:25 . 2009-10-15 17:50 -------- d-----w- c:\program files\iTunes
2009-12-09 17:25 . 2009-01-26 20:20 -------- d-----w- c:\program files\Java
2009-12-09 17:25 . 2009-10-15 17:50 -------- d-----w- c:\program files\iPod
2009-12-09 17:25 . 2009-01-26 20:34 -------- d-----w- c:\program files\Google
2009-12-09 17:25 . 2009-09-22 13:54 -------- d-----w- c:\program files\Free RAR Extract Frog
2009-12-09 17:25 . 2009-07-25 16:20 -------- d-----w- c:\program files\DivX
2009-12-09 17:25 . 2009-02-02 04:49 -------- d-----w- c:\program files\Electronic Arts
2009-12-09 17:25 . 2009-01-26 20:22 -------- d-----w- c:\program files\Digital Line Detect
2009-12-09 17:24 . 2009-01-26 20:50 -------- d-----w- c:\program files\Dell Support Center
2009-12-09 17:24 . 2009-01-26 20:46 -------- d-----w- c:\program files\Dell DataSafe Online
2009-12-09 17:24 . 2009-01-26 20:24 -------- d-----w- c:\program files\Dell
2009-12-09 17:20 . 2009-12-09 17:20 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-12-09 17:19 . 2009-12-09 17:19 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2009-12-09 15:23 . 2009-09-19 12:55 -------- d-----w- c:\program files\Telltale Games
2009-12-09 15:21 . 2009-07-24 22:01 -------- d-----w- c:\program files\NortonInstaller
2009-11-18 22:18 . 2009-11-18 22:18 295936 ----a-w- c:\windows\system32\ironclk.exe
2009-11-18 21:48 . 2009-11-18 21:48 56 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\exec.sys
2009-11-18 21:38 . 2009-11-18 21:12 2 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll
2009-11-18 21:27 . 2009-11-18 21:27 52 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\sld.dll
2009-11-18 21:13 . 2009-11-18 21:13 80 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\dudl.exe
2009-11-18 21:13 . 2009-11-18 21:13 47 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\SICKBOY.drv
2009-11-18 21:12 . 2009-11-18 21:12 11 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\tjd.sys
2009-11-18 21:12 . 2009-11-18 21:12 58 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\cb.exe
2009-11-18 21:12 . 2009-11-18 21:12 80 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\sld.drv
2009-11-18 21:12 . 2009-11-18 21:12 75 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\pal.drv
2009-11-18 21:12 . 2009-11-18 21:12 11 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\energy.drv
2009-11-18 21:12 . 2009-11-18 21:12 35 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\hymt.sys
2009-11-18 21:12 . 2009-11-18 21:12 8 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\grid.exe
2009-11-18 21:12 . 2009-11-18 21:12 8 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\eb.sys
2009-11-18 21:12 . 2009-11-18 21:12 55 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\gid.exe
2009-11-18 21:12 . 2009-11-18 21:12 42 ----a-w- c:\users\Danny\AppData\Roaming\Microsoft\Windows\Recent\delfile.dll
2009-11-07 21:17 . 2009-11-18 21:11 457688 ----a-w- c:\programdata\a3fd625\sqlite3.dll
2009-11-07 21:17 . 2009-11-18 21:11 722392 ----a-w- c:\programdata\a3fd625\mozcrt19.dll
2009-12-17 08:20 . 2009-01-31 20:13 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-01-26 20:28 . 2009-01-26 20:28 75 --sha-r- c:\windows\CT4CET.bin
2009-01-26 21:47 . 2009-01-26 21:42 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((( SnapShot@2009-12-28_23.01.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-12-09 17:21 . 2009-12-28 20:48 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-09 17:21 . 2009-12-29 20:52 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-09 17:21 . 2009-12-29 20:52 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-09 17:21 . 2009-12-28 20:48 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-09 17:21 . 2009-12-29 20:52 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-09 17:21 . 2009-12-28 20:48 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-10 00:49 . 2009-12-29 20:42 237060 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"COM+ Manager"="c:\users\Danny\.COMMgr\complmgr.exe" [2009-12-28 369152]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-05-04 167936]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-10-27 3563520]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-17 30192]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"ick"="ironclk.exe" [2009-11-18 295936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-01-11 101136]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2009-09-13 1048392]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-11 101136]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-02-24 479232]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-1-26 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]
SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2009-6-2 679936]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorUser"= 2 (0x2)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 16:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-01-26 20:43 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Users^Danny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk]
backup=c:\windows\pss\Dell Dock.lnk.Startup
backupExtension=.Startup
path=c:\users\Danny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):59,b1,69,e7,00,79,ca,01
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [6/23/2009 10:01 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [6/23/2009 10:01 AM 72944]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [12/9/2009 12:19 PM 73728]
R2 dlbk_device;dlbk_device;c:\windows\system32\dlbkcoms.exe -service --> c:\windows\system32\dlbkcoms.exe -service [?]
R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [9/23/2008 11:09 PM 155648]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [12/9/2009 3:11 PM 111616]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\System32\drivers\MpNWMon.sys [6/18/2009 6:48 PM 42480]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [6/23/2009 10:01 AM 7408]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [1/20/2008 9:33 PM 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [1/26/2009 3:35 PM 30192]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - MPFILTER
*NewlyCreated* - MPNWMON
*Deregistered* - DwProt
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/ig/dell?hl=en&cli ... bd=1090126uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) =
hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} -
hxxp://support.dell.com/systemprofiler/ ... emLite.CABFF - ProfilePath - c:\users\Danny\AppData\Roaming\Mozilla\Firefox\Profiles\1btmjvgn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://www.msn.com/FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-12-29 16:40
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
COM+ Manager = "c:\users\Danny\.COMMgr\complmgr.exe"?
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(2772)
c:\program files\SetPoint\lgscroll.dll
.
Completion time: 2009-12-29 16:42:19
ComboFix-quarantined-files.txt 2009-12-29 21:42
ComboFix2.txt 2009-12-28 23:03
Pre-Run: 115,288,813,568 bytes free
Post-Run: 115,339,894,784 bytes free
- - End Of File - - 7FA2935A119C0CEF6E36F1E3C84D4DED