Yeah I did actually, I was looking around on the internet for a possible fix and came across combo fix and it sounded pretty good so I thought hey, why not give it a try. Seemed to get the virus at first but the popups came back anyway. At startup now it says that I'm missing molidano.dll and a different file I forget which but both are located in the systems32 folder... but everything seems to be working fine.
So anyway, here is the combofix log.
ComboFix 08-11-27.07 - HP_Owner 2008-11-28 15:03:01.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.663 [GMT -5:00]
Running from: c:\documents and settings\HP_Owner\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\demojesa.dll
c:\windows\system32\molidano.dll
c:\windows\system32\pepimude.dll
c:\windows\system32\sikasiso.dll
D:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_TDSSSERV
-------\Service_TDSSserv
((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-28 )))))))))))))))))))))))))))))))
.
2008-11-28 14:45 . 2008-11-28 14:46 <DIR> d-------- C:\rsit
2008-11-28 14:45 . 2008-11-28 14:45 <DIR> d-------- c:\program files\trend micro
2008-11-28 13:28 . 2008-07-29 11:27 208,896 --a------ c:\windows\system32\ConTest.dll
2008-11-28 13:28 . 2008-08-20 17:44 45,056 --a------ c:\windows\system32\CreateLog.dll
2008-11-28 13:28 . 2007-07-03 11:48 36,864 --a------ c:\windows\system32\ascbalon.dll
2008-11-28 13:28 . 2007-07-03 11:48 20,480 --a------ c:\windows\system32\SysRestore.dll
2008-11-28 13:27 . 2008-11-28 13:27 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\InstallShield
2008-11-28 13:20 . 2008-11-28 14:40 <DIR> d-------- c:\program files\RogueRemover FREE
2008-11-25 15:32 . 2008-11-25 15:33 <DIR> d-------- c:\program files\iTunes
2008-11-25 15:32 . 2008-11-25 15:32 <DIR> d-------- c:\program files\iPod
2008-11-25 15:32 . 2008-11-25 15:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-25 15:21 . 2008-11-25 15:21 <DIR> d-------- c:\program files\Bonjour
2008-11-22 10:48 . 2008-11-22 10:48 <DIR> d-------- c:\program files\Program shim
2008-11-18 15:36 . 2008-11-18 15:36 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Omega Messenger
2008-11-18 15:09 . 2008-11-18 15:09 <DIR> d-------- c:\documents and settings\HP_Owner\Application Data\Tencent
2008-11-18 15:07 . 2008-11-18 15:07 <DIR> d-------- c:\program files\Common Files\Software Update Utility
2008-11-18 15:07 . 2008-11-18 15:07 <DIR> d-------- c:\program files\AIM Toolbar
2008-11-18 15:07 . 2008-11-18 15:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\AIM Toolbar
2008-11-18 15:06 . 2008-11-18 15:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\acccore
2008-11-12 15:20 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 15:15 . 2008-09-04 12:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-04 10:30 . 2008-11-04 10:30 90,112 --a------ c:\windows\system32\QuickTimeVR.qtx
2008-11-04 10:30 . 2008-11-04 10:30 57,344 --a------ c:\windows\system32\QuickTime.qts
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-28 18:28 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-28 16:54 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-11-25 20:19 --------- d-----w c:\program files\QuickTime
2008-11-22 15:49 --------- d-----w c:\documents and settings\HP_Owner\Application Data\Program shim
2008-11-22 15:48 --------- d-----w c:\documents and settings\All Users\Application Data\great coal love default
2008-11-18 20:09 --------- d-----w c:\program files\AIM6
2008-11-18 20:06 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-11-18 20:04 --------- d-----w c:\documents and settings\All Users\Application Data\AOL Downloads
2008-11-18 20:03 --------- d-----w c:\program files\SUPERAntiSpyware
2008-11-16 15:33 --------- d-----w c:\documents and settings\HP_Owner\Application Data\uTorrent
2008-11-09 02:27 --------- d-----w c:\program files\AIMTunes
2008-11-07 04:48 --------- d-----w c:\program files\Warcraft III
2008-11-06 20:35 --------- d-----w c:\documents and settings\HP_Owner\Application Data\AVGTOOLBAR
2008-10-26 05:04 --------- d-----w c:\program files\Brainhouse Labs
2008-10-26 03:54 --------- d-----w c:\program files\Sun
2008-10-26 03:54 --------- d-----w c:\program files\Java
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-20 02:43 --------- d-----w c:\program files\GameSpy Arcade
2008-10-20 00:32 97,928 ----a-w c:\windows\system32\drivers\avgldx86.sys
2008-10-20 00:32 76,040 ----a-w c:\windows\system32\drivers\avgtdix.sys
2008-10-20 00:32 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2008-10-20 00:32 --------- d-----w c:\program files\AVG
2008-10-20 00:31 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-10-19 15:57 --------- d-----w c:\documents and settings\All Users\Application Data\Grisoft
2008-10-19 15:43 --------- d-----w c:\program files\MSN Messenger
2008-10-19 15:20 98,304 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Pavilion\XPHWWBF4Duet\plugin\bin\PluginCtrl.dll
2008-10-19 15:20 69,632 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Pavilion\XPHWWBF4Duet\plugin\bin\msxmlwrapper.dll
2008-10-19 15:20 5,632 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Pavilion\XPHWWBF4Duet\plugin\bin\jsharpde\GUI.dll
2008-10-19 15:20 315,392 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Pavilion\XPHWWBF4Duet\plugin\bin\jsharpde\pchmsxml.dll
2008-10-19 15:20 3,072 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Pavilion\XPHWWBF4Duet\plugin\bin\jsharpde\pchealthde.exe
2008-10-19 15:20 282,624 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Pavilion\XPHWWBF4Duet\plugin\bin\jsharpde\clientutil52.dll
2008-10-19 15:20 213,089 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Pavilion\XPHWWBF4Duet\plugin\bin\jsharpde\motive.zip
2008-10-19 15:20 139,264 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Pavilion\XPHWWBF4Duet\plugin\bin\ContentUpdater.exe
2008-10-18 21:19 --------- d-----w c:\documents and settings\HP_Owner\Application Data\QQ Games
2008-10-17 19:30 --------- d-----w c:\documents and settings\HP_Owner\Application Data\QQ Games Plugin
2008-10-17 19:29 --------- d-----w c:\program files\Tencent
2008-10-17 19:25 --------- d-----w c:\documents and settings\All Users\Application Data\AOL
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-14 19:18 --------- d-----w c:\documents and settings\All Users\Application Data\Blizzard
2008-10-01 01:03 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-19 02:21 108,144 ----a-w c:\windows\system32\CmdLineExt.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-29 15:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 14:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2006-02-23 04:04 1,352,439 -c--a-w c:\program files\secretofmana.zip
1999-07-07 00:00 6 -csh--r c:\windows\@desktop@.dat
2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{03402f96-3dc7-4285-bc50-9e81fefafe43}"= "c:\program files\AIM Toolbar\aimtb.dll" [2008-10-07 1275176]
[HKEY_CLASSES_ROOT\clsid\{03402f96-3dc7-4285-bc50-9e81fefafe43}]
[HKEY_CLASSES_ROOT\AIMTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{f8ec99b3-c2ca-4a5f-9505-c049766dc883}]
[HKEY_CLASSES_ROOT\AIMTb.AOLTBSearch]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b0cda128-b425-4eef-a174-61a11ac5dbf8}]
2008-10-07 14:09 1275176 --a------ c:\program files\AIM Toolbar\aimtb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{61539ecd-cc67-4437-a03c-9aaccbd14326}"= "c:\program files\AIM Toolbar\aimtb.dll" [2008-10-07 1275176]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{61539ECD-CC67-4437-A03C-9AACCBD14326}"= "c:\program files\AIM Toolbar\aimtb.dll" [2008-10-07 1275176]
[HKEY_CLASSES_ROOT\clsid\{61539ecd-cc67-4437-a03c-9aaccbd14326}]
[HKEY_CLASSES_ROOT\AIMTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{f8ec99b3-c2ca-4a5f-9505-c049766dc883}]
[HKEY_CLASSES_ROOT\AIMTb.AOLToolBand]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-11-18 1805552]
"more mfcd"="c:\docume~1\HP_Owner\APPLIC~1\PROGRA~1\does acid.exe" [2008-11-22 823808]
"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-31 50480]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-08-20 118784]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"PS2"="c:\windows\system32\ps2.exe" [2002-10-16 81920]
"lxccmon.exe"="c:\program files\Lexmark 3300 Series\lxccmon.exe" [2005-02-21 192512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-08-20 155648]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-01-10 69632]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2005-11-22 221184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"Love default global mess"="c:\documents and settings\All Users\Application Data\great coal love default\Roam List.exe" [2008-11-28 4453376]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 c:\windows\AGRSMMSG.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 c:\windows\ALCXMNTR.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-21 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-08-27 11:14 352256 c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll schannel.dll digest.dll msnsspc.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" /s
"iTunesHelper"=c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Lavasoft\\Ad-Aware\\aawservice.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6112:TCP"= 6112:TCP:Warcraft III Battle.net
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-10-19 97928]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-10-19 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-10-19 76040]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" [2007-10-25 24652]
R2 WUSB54Gv42SVC;WUSB54Gv42SVC;"c:\program files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv42.exe" [2008-08-15 53307]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-10-19 875288]
S3 XDva002;XDva002;\??\c:\windows\system32\XDva002.sys []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0ac6908-923c-11db-b384-806d6172696f}]
\Shell\AutoRun\command - E:\chooser.EXE
.
Contents of the 'Scheduled Tasks' folder
2008-11-28 c:\windows\Tasks\AC1444CA918BFB3E.job
- c:\docume~1\hp_owner\applic~1\progra~1\four upload axis.exe [2008-11-22 10:49]
2008-11-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2008-11-26 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe []
.
- - - - ORPHANS REMOVED - - - -
BHO-{c30d95c8-3883-4020-87ec-437d14ba4b0e} - c:\windows\system32\demojesa.dll
HKCU-Run-Performance Center - c:\program files\Ascentive\Performance Center\ApcMain.exe
HKCU-Run-PC SpeedScan Pro - c:\program files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe
HKCU-RunOnce-Shockwave Updater - c:\windows\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1100465 -Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3
HKLM-Run-VTTimer - VTTimer.exe
HKLM-Run-WheelMouse - Amoumain.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\dldgtpez.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query=
FF -: plugin - c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF -: plugin - c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\dldgtpez.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF -: plugin - c:\program files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdnu.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF -: plugin - c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF -: plugin - c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF -: plugin - c:\program files\Yahoo!\Shared\npYState.dll
FF -: plugin - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-11-28 15:10:12
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(852)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\IME\IMJP8_1\Dicts\IMJPCD.DIC
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\GE\97769 Dual Scroll Optical Mouse\Amoumain.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\progra~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\lxcccoms.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\AIM6\aolsoftware.exe
c:\program files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe
.
**************************************************************************
.
Completion time: 2008-11-28 15:19:40 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-28 20:19:30
Pre-Run: 14,017,052,672 bytes free
Post-Run: 13,949,534,208 bytes free
288 --- E O F --- 2008-11-13 21:09:54