Due to inactivity, the following topic is closed. I still need help. Here is the link to the issue. I was late by 24 hours and it got closed. Please help.....
viewtopic.php?f=11&t=48379&p=498539&e=498539
Here is the combofix log requested by my original helper.....
ComboFix 10-01-11.01 - Shiva 01/11/2010 17:54:06.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.265 [GMT -5:00]
Running from: D:\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Thumbs.db
c:\windows\MailSwitch.ocx
c:\windows\run.log
c:\windows\system32\_002620_.tmp.dll
c:\windows\system32\_002626_.tmp.dll
c:\windows\system32\_002632_.tmp.dll
c:\windows\system32\_002805_.tmp.dll
c:\windows\system32\_002806_.tmp.dll
c:\windows\system32\_002809_.tmp.dll
c:\windows\system32\_002810_.tmp.dll
c:\windows\system32\_002811_.tmp.dll
c:\windows\system32\_002812_.tmp.dll
c:\windows\system32\_002819_.tmp.dll
c:\windows\system32\_002820_.tmp.dll
c:\windows\system32\_002821_.tmp.dll
c:\windows\system32\_002823_.tmp.dll
c:\windows\system32\_002824_.tmp.dll
c:\windows\system32\_002827_.tmp.dll
c:\windows\system32\_002828_.tmp.dll
c:\windows\system32\_002830_.tmp.dll
c:\windows\system32\_002831_.tmp.dll
c:\windows\system32\_002832_.tmp.dll
c:\windows\system32\_002834_.tmp.dll
c:\windows\system32\_002835_.tmp.dll
c:\windows\system32\_002836_.tmp.dll
c:\windows\system32\_002837_.tmp.dll
c:\windows\system32\_002841_.tmp.dll
c:\windows\system32\_002842_.tmp.dll
c:\windows\system32\_002844_.tmp.dll
c:\windows\system32\_002847_.tmp.dll
c:\windows\system32\_002849_.tmp.dll
c:\windows\system32\_002850_.tmp.dll
c:\windows\system32\_002851_.tmp.dll
c:\windows\system32\_002852_.tmp.dll
c:\windows\system32\_002855_.tmp.dll
c:\windows\system32\_002857_.tmp.dll
c:\windows\system32\_002858_.tmp.dll
c:\windows\system32\_002859_.tmp.dll
c:\windows\system32\_002863_.tmp.dll
c:\windows\system32\_002865_.tmp.dll
c:\windows\system32\_002882_.tmp.dll
c:\windows\system32\_002883_.tmp.dll
c:\windows\system32\_002884_.tmp.dll
c:\windows\system32\_002885_.tmp.dll
c:\windows\system32\_002888_.tmp.dll
c:\windows\system32\_002889_.tmp.dll
c:\windows\system32\_002890_.tmp.dll
c:\windows\system32\_002891_.tmp.dll
c:\windows\system32\_002898_.tmp.dll
c:\windows\system32\_002899_.tmp.dll
c:\windows\system32\_002900_.tmp.dll
c:\windows\system32\_002902_.tmp.dll
c:\windows\system32\_002903_.tmp.dll
c:\windows\system32\_002906_.tmp.dll
c:\windows\system32\_002907_.tmp.dll
c:\windows\system32\_002909_.tmp.dll
c:\windows\system32\_002910_.tmp.dll
c:\windows\system32\_002911_.tmp.dll
c:\windows\system32\_002913_.tmp.dll
c:\windows\system32\_002914_.tmp.dll
c:\windows\system32\_002916_.tmp.dll
c:\windows\system32\_002920_.tmp.dll
c:\windows\system32\_002921_.tmp.dll
c:\windows\system32\_002923_.tmp.dll
c:\windows\system32\_002925_.tmp.dll
c:\windows\system32\_002926_.tmp.dll
c:\windows\system32\_002928_.tmp.dll
c:\windows\system32\_002929_.tmp.dll
c:\windows\system32\_002930_.tmp.dll
c:\windows\system32\_002931_.tmp.dll
c:\windows\system32\_002934_.tmp.dll
c:\windows\system32\_002936_.tmp.dll
c:\windows\system32\_002937_.tmp.dll
c:\windows\system32\_002938_.tmp.dll
c:\windows\system32\_002942_.tmp.dll
c:\windows\system32\_002944_.tmp.dll
c:\windows\system32\_004643_.tmp.dll
c:\windows\system32\_004644_.tmp.dll
c:\windows\system32\_004645_.tmp.dll
c:\windows\system32\_004646_.tmp.dll
c:\windows\system32\_004653_.tmp.dll
c:\windows\system32\_004654_.tmp.dll
c:\windows\system32\_004655_.tmp.dll
c:\windows\system32\_004656_.tmp.dll
c:\windows\system32\_004658_.tmp.dll
c:\windows\system32\_004659_.tmp.dll
c:\windows\system32\_004662_.tmp.dll
c:\windows\system32\_004663_.tmp.dll
c:\windows\system32\_004665_.tmp.dll
c:\windows\system32\_004666_.tmp.dll
c:\windows\system32\_004667_.tmp.dll
c:\windows\system32\_004669_.tmp.dll
c:\windows\system32\_004672_.tmp.dll
c:\windows\system32\_004673_.tmp.dll
c:\windows\system32\_004677_.tmp.dll
c:\windows\system32\_004678_.tmp.dll
c:\windows\system32\_004680_.tmp.dll
c:\windows\system32\_004682_.tmp.dll
c:\windows\system32\_004683_.tmp.dll
c:\windows\system32\_004685_.tmp.dll
c:\windows\system32\_004686_.tmp.dll
c:\windows\system32\_004687_.tmp.dll
c:\windows\system32\_004688_.tmp.dll
c:\windows\system32\_004689_.tmp.dll
c:\windows\system32\_004692_.tmp.dll
c:\windows\system32\_004693_.tmp.dll
c:\windows\system32\_004694_.tmp.dll
c:\windows\system32\_004695_.tmp.dll
c:\windows\system32\_004696_.tmp.dll
c:\windows\system32\_004701_.tmp.dll
c:\windows\system32\_004703_.tmp.dll
c:\windows\system32\_004704_.tmp.dll
c:\windows\system32\BSTIEPrintCtl1.dll
c:\windows\system32\Data
----- BITS: Possible infected sites -----
hxxp://armmf.adobe.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_POOF
((((((((((((((((((((((((( Files Created from 2009-12-11 to 2010-01-11 )))))))))))))))))))))))))))))))
.
2010-01-06 00:55 . 2010-01-06 00:54 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-05 01:23 . 2009-12-30 19:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-05 01:22 . 2010-01-05 01:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-05 01:22 . 2009-12-30 19:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 01:13 . 2010-01-05 01:13 -------- d-----w- C:\_OTM
2010-01-05 01:08 . 2010-01-05 01:08 -------- d-----w- c:\program files\ERUNT
2010-01-04 00:19 . 2010-01-04 00:20 -------- d-----w- C:\rsit
2010-01-03 01:31 . 2010-01-03 01:31 -------- d-----w- c:\documents and settings\Shiva\Application Data\Malwarebytes
2010-01-03 01:31 . 2010-01-03 01:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-01 06:31 . 2010-01-01 06:31 20 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\bases\apu\ForDiff\apu0001.dat.drv
2009-12-20 12:38 . 2009-12-20 12:38 -------- d-----w- c:\program files\Trend Micro
2009-12-19 22:52 . 2009-12-19 23:26 -------- d-----w- c:\windows\system32\scripting
2009-12-19 22:52 . 2009-12-19 23:25 -------- d-----w- c:\windows\l2schemas
2009-12-19 22:52 . 2009-12-19 23:26 -------- d-----w- c:\windows\system32\en
2009-12-19 22:20 . 2004-08-12 13:55 21504 ----a-w- c:\windows\system32\dllcache\agt040c.dll
2009-12-19 22:19 . 2007-06-13 10:23 1033216 ----a-w- c:\windows\system32\dllcache\explorer.exe
2009-12-19 22:18 . 2004-08-12 13:56 82432 ----a-w- c:\windows\system32\dllcache\dmscript.dll
2009-12-19 22:17 . 2009-04-15 15:11 584192 ----a-w- c:\windows\system32\dllcache\rpcrt4.dll
2009-12-19 22:16 . 2004-08-12 14:04 48384 ----a-w- c:\windows\system32\drivers\raspptp.sys
2009-12-19 21:56 . 2009-12-19 21:56 -------- d-sh--w- c:\documents and settings\Shiva\IECompatCache
2009-12-19 21:55 . 2009-12-19 21:55 -------- d-sh--w- c:\documents and settings\Shiva\PrivacIE
2009-12-19 21:48 . 2009-12-19 21:48 -------- d-sh--w- c:\documents and settings\Shiva\IETldCache
2009-12-19 21:41 . 2009-10-29 07:45 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-19 21:41 . 2009-10-29 07:45 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-19 21:41 . 2009-10-29 07:45 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-19 21:41 . 2009-10-29 07:45 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-19 21:41 . 2009-10-29 07:45 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-19 21:41 . 2009-10-29 07:45 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-19 21:41 . 2009-12-19 21:41 -------- d-----w- c:\windows\ie8updates
2009-12-19 21:39 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-19 21:37 . 2009-12-19 21:39 -------- dc-h--w- c:\windows\ie8
2009-12-15 23:29 . 2009-12-15 23:29 932368 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-12-15 23:29 . 2009-12-15 23:29 678416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-12-15 23:29 . 2009-12-15 23:29 604688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-12-15 23:29 . 2009-12-15 23:29 1096208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-12-15 23:29 . 2009-12-15 23:29 522768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-12-15 23:14 . 2010-01-11 23:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-12-15 23:14 . 2009-12-15 23:14 -------- d-----w- c:\program files\Kaspersky Lab
2009-12-15 22:58 . 2009-12-15 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-06 00:53 . 2006-09-10 15:28 -------- d-----w- c:\program files\Java
2010-01-06 00:48 . 2003-08-19 23:08 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-20 20:13 . 2003-07-16 07:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-20 15:45 . 2002-09-03 13:58 79707 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-12-15 23:20 . 2009-12-15 23:20 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-12-11 22:05 . 2007-01-14 13:45 -------- d-----w- c:\program files\TomTom HOME
2009-12-11 22:01 . 2009-05-10 11:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-12-11 22:01 . 2009-05-10 11:46 -------- d-----w- c:\program files\NOS
2009-12-10 23:28 . 2009-12-10 23:28 -------- d-----w- c:\program files\Common Files\SupportSoft
2009-12-10 23:28 . 2009-12-10 23:28 -------- d-----w- c:\program files\ComcastUI
2009-10-29 07:45 . 2004-08-12 14:09 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 06:00 . 2004-08-12 14:06 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:00 . 2004-08-12 13:57 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2009-12-19 22:21 263552 ----a-w- c:\windows\system32\drivers\http.sys
2003-08-20 00:01 . 2003-08-19 23:08 16251072 -c--a-w- c:\program files\AdbeRdr60_enu_full.exe
2001-07-07 04:47 . 2001-07-07 04:47 3149 -c--a-w- c:\program files\ReadMe.txt
2001-07-06 21:59 . 2001-07-06 21:59 372736 -c--a-w- c:\program files\Dragnifier.exe
2004-10-26 22:48 . 2004-10-19 00:05 56 -csha-r- c:\windows\SYSTEM32\C996166E60.sys
2004-10-26 22:48 . 2004-10-19 00:05 1890 -csha-w- c:\windows\SYSTEM32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pdfSaver3"="c:\cadviewer4\PDF-XChange\pdfSaver\pdfSaver3.exe" [2004-09-05 380928]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 1961984]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-26 68856]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
"Desktop Software"="c:\program files\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2003-07-16 151597]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-21 172032]
"diagent"="c:\program files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 135264]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-16 28672]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2002-08-29 208953]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2002-08-29 44032]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-01-14 282624]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-06 149280]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2006-10-04 53760]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HotSync Manager.lnk - c:\program files\Palm\Hotsync.exe [2004-6-9 471040]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\SYSTEM32\DRIVERS\klbg.sys [12/15/2008 8:41 PM 33808]
R0 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [11/4/2006 11:18 AM 611064]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\SYSTEM32\DRIVERS\klim5.sys [5/13/2009 5:46 PM 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\SYSTEM32\DRIVERS\klmouflt.sys [5/16/2009 8:59 PM 19472]
S2 UGNX License Server;UGNX License Server;c:\program files\UGS\NX 3.0\UGFLEXLM\lmgrd.exe --> c:\program files\UGS\NX 3.0\UGFLEXLM\lmgrd.exe [?]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -
Toolbar-Locked - (no file)
HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKLM-Run-pdfSaver3 - (no file)
HKLM-Run-tgcmd - c:\program files\support.com\bin\tgcmd.exe
HKLM-Run-LogitechVideoRepair - c:\program files\Logitech\Video\ISStart.exe
AddRemove-BTLINK_DLL - c:\progra~1\COMMON~1\BTLINK\btlink.dll
AddRemove-NMIX!UninstallKey - c:\windows\UNNMIX.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-11 18:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
tgcmd = "c:\program files\support.com\bin\tgcmd.exe" /server?cmd.exe" /server
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x83B711D8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf87fdfc3
\Driver\ACPI -> ACPI.sys @ 0xf8670cb8
\Driver\atapi -> 0x83b711d8
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0084
ParseProcedure -> ntoskrnl.exe @ 0x8056f07e
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0084
ParseProcedure -> ntoskrnl.exe @ 0x8056f07e
NDIS: Intel(R) PRO/100 VE Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xf8535ba0
PacketIndicateHandler -> NDIS.sys @ 0xf8542b21
SendHandler -> NDIS.sys @ 0xf852087b
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\.application\bootstrap]
@DACL=(02 0000)
@="bootstrap.application.1"
[HKEY_LOCAL_MACHINE\software\Classes\.xaml\bootstrap]
@DACL=(02 0000)
@="bootstrap.xaml.1"
[HKEY_LOCAL_MACHINE\software\Classes\.xbap\bootstrap]
@DACL=(02 0000)
@="bootstrap.xbap.1"
[HKEY_LOCAL_MACHINE\software\Classes\.xps\bootstrap]
@DACL=(02 0000)
@="bootstrap.xps.1"
[HKEY_LOCAL_MACHINE\software\Classes\htafile\CLSID]
@DACL=(02 0000)
@="{3050f4d8-98B5-11CF-BB82-00AA00BDCE0B}"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1516)
c:\windows\System32\NavLogon.dll
- - - - - - - > 'explorer.exe'(3588)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\windows\BCMSMMSG.exe
c:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Completion time: 2010-01-11 18:18:35 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-11 23:18
Pre-Run: 39,456,038,912 bytes free
Post-Run: 39,734,669,312 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 58F9C062D65FA78FBAB93B3290B15AC3