ComboFix ran this time. Here are the results. I'll be back in a while.
ComboFix 10-07-30.04 - steve 07/31/2010 9:16.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1604 [GMT -4:00]
Running from: c:\documents and settings\steve\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Favorites\_favdata.dat
c:\documents and settings\deborah\Application Data\028C0CA68054239B315BD294733F9D4E
c:\documents and settings\deborah\Application Data\028C0CA68054239B315BD294733F9D4E\appmodule719.exe
c:\documents and settings\deborah\Application Data\028C0CA68054239B315BD294733F9D4E\enemies-names.txt
c:\documents and settings\deborah\Application Data\028C0CA68054239B315BD294733F9D4E\local.ini
c:\documents and settings\deborah\Application Data\028C0CA68054239B315BD294733F9D4E\lsrslt.ini
c:\documents and settings\deborah\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
c:\documents and settings\deborah\Desktop\Antimalware Doctor.lnk
c:\documents and settings\deborah\Start Menu\Antimalware Doctor.lnk
c:\documents and settings\deborah\Start Menu\Programs\Antimalware Doctor
c:\documents and settings\deborah\Start Menu\Programs\Antimalware Doctor\Antimalware Doctor.lnk
c:\documents and settings\deborah\Start Menu\Programs\Antimalware Doctor\Uninstall.lnk
c:\documents and settings\deborah\Start Menu\Programs\Startup\Antimalware Doctor.lnk
c:\windows\system32\fsc.txt
c:\windows\system32\ide.txt
c:\windows\system32\klgd.bmp
c:\windows\system32\lrg.txt
c:\windows\system32\qks.txt
c:\windows\system32\xef.txt
.
((((((((((((((((((((((((( Files Created from 2010-06-28 to 2010-07-31 )))))))))))))))))))))))))))))))
.
2010-07-31 11:54 . 2010-07-31 11:54 -------- d-----w- C:\_OTM
2010-07-30 03:52 . 2010-06-23 17:51 69120 ----a-w- c:\windows\system32\zlcomm.dll
2010-07-30 03:52 . 2010-06-23 17:51 103936 ----a-w- c:\windows\system32\zlcommdb.dll
2010-07-30 03:51 . 2010-06-23 17:51 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2010-07-30 03:44 . 2010-07-30 03:44 -------- d-----w- c:\documents and settings\All Users\Application Data\ZA_PreservedFiles
2010-07-26 23:38 . 2010-07-26 23:38 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-07-21 12:23 . 2010-07-21 12:23 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-21 12:07 . 2010-07-21 12:07 -------- d-----w- c:\documents and settings\steve\Local Settings\Application Data\Sunbelt Software
2010-07-16 13:08 . 2010-05-04 17:20 52224 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-07-16 13:08 . 2010-05-04 17:20 459264 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-07-16 13:08 . 2010-05-04 17:20 268288 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-07-16 13:08 . 2010-05-04 17:20 6067200 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-07-16 13:08 . 2010-05-04 17:20 380928 ------w- c:\windows\system32\dllcache\ieapfltr.dll
2010-07-16 13:08 . 2010-05-04 17:20 63488 ------w- c:\windows\system32\dllcache\icardie.dll
2010-07-16 13:08 . 2010-04-16 13:24 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe
2010-07-16 13:08 . 2010-02-22 22:04 2452872 ------w- c:\windows\system32\dllcache\ieapfltr.dat
2010-07-15 02:25 . 2010-07-21 13:31 -------- d-----w- c:\documents and settings\steve\Local Settings\Application Data\tawlugjli
2010-07-14 21:03 . 2009-08-13 15:16 512000 ------w- c:\windows\system32\dllcache\jscript.dll
2010-07-14 14:24 . 2010-07-14 14:24 -------- d-----w- c:\windows\system32\scripting
2010-07-14 14:24 . 2010-07-14 14:24 -------- d-----w- c:\windows\l2schemas
2010-07-14 14:24 . 2010-07-14 14:24 -------- d-----w- c:\windows\system32\en
2010-07-14 14:24 . 2010-07-14 14:24 -------- d-----w- c:\windows\system32\bits
2010-07-14 02:30 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-13 07:10 . 2010-07-13 07:10 -------- d-----w- c:\documents and settings\deborah\Application Data\CheckPoint
2010-07-11 14:37 . 2010-07-11 14:37 -------- d-----w- c:\documents and settings\steve\Application Data\Malwarebytes
2010-07-11 14:37 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-11 14:37 . 2010-07-11 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-11 14:37 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-11 13:37 . 2010-07-11 13:38 -------- d-----w- c:\documents and settings\steve\Local Settings\Application Data\Temp
2010-07-11 13:37 . 2010-07-11 13:37 -------- d-----w- c:\documents and settings\steve\Local Settings\Application Data\Deployment
2010-07-07 21:43 . 2010-07-07 21:43 -------- d-----w- c:\documents and settings\steve\Application Data\CheckPoint
2010-07-07 21:38 . 2010-07-07 21:38 -------- d-----w- c:\program files\CheckPoint
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-31 12:50 . 2010-04-17 17:35 -------- d-----w- c:\program files\Panda Security
2010-07-31 12:15 . 2010-04-17 17:26 -------- d-----w- c:\documents and settings\steve\Application Data\QuickScan
2010-07-31 03:42 . 2010-05-12 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\PrevxCSI
2010-07-30 03:52 . 2006-10-02 16:56 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-07-29 11:58 . 2008-09-29 13:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-07-15 12:51 . 2006-12-01 16:27 -------- d-----w- c:\documents and settings\steve\Application Data\Canon
2010-07-14 14:27 . 2005-08-16 08:41 88699 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-13 02:28 . 2006-12-01 17:57 -------- d-----w- c:\documents and settings\steve\Application Data\Apple Computer
2010-07-12 11:47 . 2006-10-20 14:47 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2010-07-11 14:37 . 2010-04-22 13:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-08 01:32 . 2010-05-12 18:51 68120 ----a-w- c:\windows\system32\PxSecure.dll
2010-07-08 01:32 . 2010-05-12 18:51 61752 ----a-w- c:\windows\system32\drivers\pxrts.sys
2010-07-08 01:32 . 2010-05-12 18:51 30320 ----a-w- c:\windows\system32\drivers\pxscan.sys
2010-07-08 01:32 . 2010-05-12 18:51 24400 ----a-w- c:\windows\system32\drivers\pxkbf.sys
2010-07-08 01:32 . 2010-05-12 18:51 -------- d-----w- c:\program files\Prevx
2010-07-08 01:32 . 2010-06-04 00:45 936392 ----a-w- c:\documents and settings\All Users\Application Data\PrevxCSI\~PrevxCSIUpdate.exe
2010-06-14 14:31 . 2005-08-16 08:40 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-05-31 20:34 . 2010-06-25 10:52 702120 ----a-w- c:\documents and settings\steve\Application Data\Mozilla\Firefox\Profiles\xasojl8t.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
2010-05-31 20:34 . 2010-06-25 10:52 868456 ----a-w- c:\documents and settings\steve\Application Data\Mozilla\Firefox\Profiles\xasojl8t.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-05-27 23:11 . 2010-05-27 23:11 61440 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6aa30aed-n\decora-sse.dll
2010-05-27 23:11 . 2010-05-27 23:11 503808 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c710efa-n\msvcp71.dll
2010-05-27 23:11 . 2010-05-27 23:11 499712 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c710efa-n\jmc.dll
2010-05-27 23:11 . 2010-05-27 23:11 348160 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c710efa-n\msvcr71.dll
2010-05-27 23:11 . 2010-05-27 23:11 12800 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6aa30aed-n\decora-d3d.dll
2010-05-24 02:56 . 2010-05-24 02:56 58004 ---ha-w- c:\windows\system32\mlfcache.dat
2010-05-24 02:55 . 2006-10-01 03:28 76896 -c--a-w- c:\documents and settings\deborah\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-23 03:09 . 2010-05-23 03:09 503808 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2fd401c3-n\msvcp71.dll
2010-05-23 03:09 . 2010-05-23 03:09 499712 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2fd401c3-n\jmc.dll
2010-05-23 03:09 . 2010-05-23 03:09 61440 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6725733a-n\decora-sse.dll
2010-05-23 03:09 . 2010-05-23 03:09 348160 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2fd401c3-n\msvcr71.dll
2010-05-23 03:09 . 2010-05-23 03:09 12800 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-6725733a-n\decora-d3d.dll
2010-05-17 20:01 . 2010-05-17 20:01 65536 ----a-r- c:\documents and settings\steve\Application Data\Microsoft\Installer\{2B10CE30-4316-11D0-86A0-00C0F003261B}\Uni.exe
2010-05-17 20:01 . 2010-05-17 20:01 65536 ----a-r- c:\documents and settings\steve\Application Data\Microsoft\Installer\{2B10CE30-4316-11D0-86A0-00C0F003261B}\_FA7EDA30DA22_11D5_B840_00105A1EFFF1.exe
2010-05-17 20:01 . 2010-05-17 20:01 65536 ----a-r- c:\documents and settings\steve\Application Data\Microsoft\Installer\{2B10CE30-4316-11D0-86A0-00C0F003261B}\_DFB96E40DA22_11D5_B840_00105A1EFFF1.exe
2010-05-17 20:01 . 2010-05-17 20:01 65536 ----a-r- c:\documents and settings\steve\Application Data\Microsoft\Installer\{2B10CE30-4316-11D0-86A0-00C0F003261B}\_C2F10C20DA22_11D5_B840_00105A1EFFF1.exe
2010-05-17 20:01 . 2010-05-17 20:01 40960 ----a-r- c:\documents and settings\steve\Application Data\Microsoft\Installer\{2B10CE30-4316-11D0-86A0-00C0F003261B}\UPlug98P.exe
2010-05-12 02:42 . 2006-09-29 19:17 76896 -c--a-w- c:\documents and settings\steve\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-08 03:11 . 2010-05-08 03:11 61440 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1a74a437-n\decora-sse.dll
2010-05-08 03:11 . 2010-05-08 03:11 503808 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5e72a23a-n\msvcp71.dll
2010-05-08 03:11 . 2010-05-08 03:11 499712 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5e72a23a-n\jmc.dll
2010-05-08 03:11 . 2010-05-08 03:11 348160 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5e72a23a-n\msvcr71.dll
2010-05-08 03:11 . 2010-05-08 03:11 12800 ----a-w- c:\documents and settings\steve\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1a74a437-n\decora-d3d.dll
2010-05-08 02:07 . 2010-05-08 02:07 61440 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1281375f-n\decora-sse.dll
2010-05-08 02:07 . 2010-05-08 02:07 503808 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6ac21396-n\msvcp71.dll
2010-05-08 02:07 . 2010-05-08 02:07 499712 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6ac21396-n\jmc.dll
2010-05-08 02:07 . 2010-05-08 02:07 348160 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6ac21396-n\msvcr71.dll
2010-05-08 02:07 . 2010-05-08 02:07 12800 ----a-w- c:\documents and settings\deborah\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1281375f-n\decora-d3d.dll
2010-05-08 02:06 . 2010-05-08 02:07 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-04 17:20 . 2005-08-16 08:18 832512 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 17:20 . 2005-08-16 08:18 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-04 17:20 . 2005-08-16 08:18 17408 ----a-w- c:\windows\system32\corpol.dll
2010-05-03 13:05 . 2009-12-07 15:09 10752 ----a-w- c:\windows\DCEBoot.exe
2007-03-17 17:41 . 2006-10-04 16:31 825 ----a-w- c:\program files\Shortcut to HijackThis.lnk
1999-05-11 20:47 . 2006-10-06 15:39 398848 ----a-w- c:\program files\Spider.exe
2008-01-30 21:37 . 2007-03-17 02:45 848 --sha-w- c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"SigmatelSysTrayApp"="stsystra.exe" [2006-02-10 282624]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"tgcmd"="c:\program files\support.com\bin\tgcmd.exe" [2002-04-25 1544192]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-9-27 24576]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellHelp]
2004-04-01 19:51 1589248 -c--a-w- c:\dell\DellHelp\DellHelp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2005-10-05 07:12 94208 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-07-11 13:37 136176 ----atw- c:\documents and settings\steve\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2003-02-12 13:27 1232896 ------w- c:\program files\Ahead\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISW]
2010-05-26 13:35 730600 ----a-w- c:\program files\CheckPoint\ZAForceField\ForceField.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-11-12 20:33 141600 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2002-10-08 10:03 155648 ----a-r- c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 16:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 03:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MskService"=2 (0x2)
"mcupdmgr.exe"=2 (0x2)
"McTskshd.exe"=2 (0x2)
"McShield"=2 (0x2)
"McDetect.exe"=2 (0x2)
"AVGEMS"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
"avg8wd"=2 (0x2)
"AVGIDSAgent"=2 (0x2)
"avg9wd"=2 (0x2)
"SharedAccess"=2 (0x2)
"iPod Service"=3 (0x3)
"Fax"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"CCALib8"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"Lavasoft Ad-Aware Service"=2 (0x2)
"MDM"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\support.com\\bin\\tgcmd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\WEB Framework\\wbfrmwrk.exe"=
R0 BsStor;InCD Storage Helper Driver;c:\windows\system32\drivers\bsstor.sys [10/2/2006 10:12 AM 9344]
R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [5/12/2010 2:51 PM 30320]
R2 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe [5/12/2010 2:51 PM 6384592]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [5/26/2010 9:35 AM 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [5/26/2010 9:35 AM 493032]
R2 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [5/12/2010 2:51 PM 61752]
R3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [5/12/2010 2:51 PM 24400]
S4 BsUDF;InCD UDF Driver;c:\windows\system32\drivers\bsudf.sys [10/2/2006 10:12 AM 389504]
.
Contents of the 'Scheduled Tasks' folder
2010-07-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2010-07-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2810448116-9971513-1748473005-1006Core.job
- c:\documents and settings\steve\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-07-11 13:37]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title = Microsoft Internet Explorer provided by Comcast
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: musicmatch.com\online
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\steve\Application Data\Mozilla\Firefox\Profiles\xasojl8t.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\steve\Application Data\Move Networks\plugins\npqmp071701000002.dll
FF - plugin: c:\documents and settings\steve\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
BHO-{9FE088DC-C3B2-479C-A314-08F90CE5166F} - vecrits93.dll
ActiveSetup-{4925B664-BDFA-4E68-B325-EC00937E8110} - vecrits93.dll
**************************************************************************
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Pcmcia]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PDCOMP]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PDFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PDRELI]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PDRFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\perc2]
"ImagePath"="\SystemRoot\system32\DRIVERS\perc2.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\perc2hib]
"ImagePath"="\SystemRoot\system32\DRIVERS\perc2hib.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PerfDisk]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PerfNet]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PerfOS]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PerfProc]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PQNTDrv]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\PxHelp20]
"ImagePath"="System32\Drivers\PxHelp20.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\pxkbf]
"ImagePath"="System32\drivers\pxkbf.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\pxrts]
"ImagePath"="System32\drivers\pxrts.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\pxscan]
"ImagePath"="System32\drivers\pxscan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ql1080]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql1080.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Ql10wnt]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql10wnt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ql12160]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql12160.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ql1240]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql1240.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ql1280]
"ImagePath"="\SystemRoot\system32\DRIVERS\ql1280.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RDPDD]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\rdpdr]
"ImagePath"="system32\DRIVERS\rdpdr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RDPNP]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RDPWD]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RDSessMgr]
"ImagePath"="c:\windows\system32\sessmgr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ScsiPort]
"ImagePath"="%SystemRoot%\system32\drivers\scsiport.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\serenum]
"ImagePath"="system32\DRIVERS\serenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Serial]
"ImagePath"="system32\DRIVERS\serial.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ServiceModelEndpoint 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ServiceModelOperation 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ServiceModelService 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Sfloppy]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Simbad]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\sisagp]
"ImagePath"="\SystemRoot\system32\DRIVERS\sisagp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\SMSvcHost 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Sparrow]
"ImagePath"="\SystemRoot\system32\DRIVERS\sparrow.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\srservice]
"ServiceDll"="%SystemRoot%\system32\srsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\STHDA]
"ImagePath"="system32\drivers\sthda.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\SwPrv]
"ImagePath"="c:\windows\system32\dllhost.exe /Processid:{6F6160A9-C71A-4D34-91A0-5B9E71074979}"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\swwd]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\symc810]
"ImagePath"="\SystemRoot\system32\DRIVERS\symc810.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\symc8xx]
"ImagePath"="\SystemRoot\system32\DRIVERS\symc8xx.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\sym_hi]
"ImagePath"="\SystemRoot\system32\DRIVERS\sym_hi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\sym_u3]
"ImagePath"="\SystemRoot\system32\DRIVERS\sym_u3.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Tcpip6]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\TDPIPE]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\TDTCP]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\TlntSvr]
"ImagePath"="c:\windows\system32\tlntsvr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\TosIde]
"ImagePath"="\SystemRoot\system32\DRIVERS\toside.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\TSDDD]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Udfs]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ultra]
"ImagePath"="\SystemRoot\system32\DRIVERS\ultra.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\usb]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\USBAAPL]
"ImagePath"="System32\Drivers\usbaapl.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\usbuhci]
"ImagePath"="system32\DRIVERS\usbuhci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\viaagp]
"ImagePath"="\SystemRoot\system32\DRIVERS\viaagp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\ViaIde]
"ImagePath"="\SystemRoot\system32\DRIVERS\viaide.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\VolSnap]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\vsdatant]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Vxd]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\w32time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\W3SVC]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\wanatw]
"ImagePath"="system32\DRIVERS\wanatw4.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WDICA]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\winachsf]
"ImagePath"="system32\DRIVERS\HSF_CNXT.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Windows Workflow Foundation 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Winsock]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WinSock2]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WinTrust]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WmdmPmSN]
"ServiceDll"="c:\windows\system32\MsPMSNSv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\Wmi]
"ServiceDll"="%SystemRoot%\System32\advapi32.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WmiApRpl]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WmiApSrv]
"ImagePath"="c:\windows\system32\wbem\wmiapsrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WMPNetworkSvc]
"ImagePath"="\"c:\program files\Windows Media Player\WMPNetwk.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WS2IFSL]
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\wuauserv]
"ServiceDll"="c:\windows\system32\wuauserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WudfPf]
"ImagePath"="system32\DRIVERS\WudfPf.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WudfRd]
"ImagePath"="system32\DRIVERS\wudfrd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WudfSvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\{5823CCB5-97EB-4EF4-B451-61390CF475F5}]
.
Completion time: 2010-07-31 09:24:00
ComboFix-quarantined-files.txt 2010-07-31 13:23
ComboFix2.txt 2010-05-08 04:44
Pre-Run: 38,035,632,128 bytes free
Post-Run: 38,198,448,128 bytes free
Current=7 Default=7 Failed=6 LastKnownGood=9 Sets=1,2,6,7,9
- - End Of File - - 9478D4FBEFFDED77C87D163EB51608FA