Tech Support Forum - View Single Post - heres my new scans help plz my computer is running so slow!!!!!!!

klowery11115 · 06-09-2009, 04:45 AM

ComboFix 09-06-08.03 - Owner 06/09/2009 2:39.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.104 [GMT -8:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MRTRATE
-------\Legacy_POHCI13F
-------\Service_mrtRate
-------\Service_pohci13F

((((((((((((((((((((((((( Files Created from 2009-05-09 to 2009-06-09 )))))))))))))))))))))))))))))))
.

2009-06-08 13:05 . 2009-06-08 13:05 -------- d-sh--w- c:\documents and settings\Owner\IECompatCache
2009-06-08 13:04 . 2009-06-08 13:04 -------- d-sh--w- c:\documents and settings\Owner\PrivacIE
2009-05-30 05:23 . 2009-05-30 05:23 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-05-30 05:16 . 2009-05-30 05:16 -------- d-sh--w- c:\documents and settings\Owner\IETldCache
2009-05-30 05:12 . 2009-05-30 05:12 -------- d-----w- c:\windows\ie8updates
2009-05-30 05:11 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-05-30 05:09 . 2009-05-30 05:10 -------- dc-h--w- c:\windows\ie8
2009-05-27 01:17 . 2009-05-27 01:17 321536 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\engine_vx.dll
2009-05-27 01:16 . 2009-05-27 01:16 18724 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\bass.dll
2009-05-27 01:16 . 2009-05-27 01:16 26200 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\qwadjb.dll
2009-05-27 01:16 . 2009-05-27 01:16 16952 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\1eaadjc.dll
2009-05-27 01:16 . 2009-05-27 01:16 15416 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\rsaadjd.dll
2009-05-27 01:16 . 2009-05-27 01:16 14392 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\kfgresk.dll
2009-05-27 01:16 . 2009-05-27 01:16 13984 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\mjcriu.dll
2009-05-27 01:16 . 2009-05-27 01:16 10808 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\peaadje.dll
2009-05-22 02:37 . 2002-11-05 23:16 57344 ----a-w- c:\windows\system32\Wnaspint.dll
2009-05-18 01:04 . 2009-05-18 01:04 2967799 -c--a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-15 18:41 . 2009-06-09 10:13 -------- dc----w- c:\documents and settings\All Users\Application Data\Napster
2009-05-15 11:52 . 2009-05-17 02:10 -------- dc----w- C:\Downloads
2009-05-11 15:51 . 2009-05-11 15:51 -------- d-----w- c:\program files\Windows Media Connect 2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-09 10:48 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf.sys
2009-06-09 10:28 . 2004-05-25 22:26 -------- d-----w- c:\program files\Common Files\Java
2009-06-09 10:28 . 2003-12-25 18:46 -------- d-----w- c:\program files\Java
2009-06-09 10:13 . 2003-08-23 14:19 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-07 12:14 . 2006-12-15 00:09 -------- d-----w- c:\program files\AIM6
2009-06-06 13:46 . 2008-02-04 02:53 -------- dc--a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-06 07:21 . 2004-12-07 02:09 -------- d-----w- c:\program files\Common Files\Motive
2009-06-06 07:15 . 2004-12-28 10:57 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-06 07:13 . 2006-11-21 05:37 -------- d-----w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com
2009-06-06 04:30 . 2004-12-07 02:09 -------- d-----w- c:\program files\SBC Self Support Tool
2009-06-06 04:28 . 2003-08-24 03:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive
2009-05-18 01:04 . 2008-11-16 02:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-09 19:09 . 2004-12-03 05:16 -------- d-----w- c:\program files\Yahoo!
2009-05-06 17:02 . 2008-12-23 07:31 -------- d-----w- c:\documents and settings\Owner\Application Data\IObit
2009-04-06 23:32 . 2008-11-16 02:37 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 23:32 . 2008-11-16 02:37 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-03-28 02:41 . 2009-03-28 02:41 152576 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2005-11-26 22:48 . 2005-11-26 22:49 774144 -c--a-w- c:\program files\RngInterstitial.dll
2001-09-29 01:00 . 2005-03-16 07:34 164864 -c--a-w- c:\program files\UNWISE.EXE
2005-09-20 08:05 . 2004-01-18 17:29 152 -csh--r- c:\windows\system32\3741FB9001.sys
2003-12-29 06:15 . 2003-12-26 02:07 56 -csh--r- c:\windows\system32\BC2C6383F0.sys
2006-04-05 23:24 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(10)(2).sys
2005-05-28 09:02 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(10)(3).sys
2005-05-28 09:02 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(10)(4).sys
2005-05-31 00:47 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(10)(5).sys
2006-04-09 18:20 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(10)(6).sys
2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(100)(2).sys
2006-03-13 22:51 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(104)(2).sys
2006-04-05 23:09 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(11)(2).sys
2005-05-28 08:31 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(11)(3).sys
2005-05-28 08:31 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(11)(4).sys
2006-04-09 16:51 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(11)(5).sys
2006-04-04 22:52 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(12)(2).sys
2005-05-28 01:25 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(12)(3).sys
2005-05-28 01:25 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(12)(4).sys
2006-04-09 15:57 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(12)(5).sys
2006-04-04 20:16 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(13)(2).sys
2005-05-27 22:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(13)(3).sys
2005-05-27 22:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(13)(4).sys
2006-04-08 23:04 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(13)(5).sys
2006-04-04 17:35 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(14)(2).sys
2005-05-27 05:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(14)(3).sys
2005-05-27 05:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(14)(4).sys
2006-04-08 09:21 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(14)(5).sys
2006-04-04 15:31 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(15)(2).sys
2005-05-26 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(15)(3).sys
2005-05-26 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(15)(4).sys
2006-04-08 08:52 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(15)(5).sys
2006-04-04 07:02 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(16)(2).sys
2005-05-25 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(16)(3).sys
2005-05-25 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(16)(4).sys
2006-04-07 22:57 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(16)(5).sys
2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(17)(2).sys
2005-05-24 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(17)(3).sys
2005-05-24 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(17)(4).sys
2006-04-07 21:07 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(17)(5).sys
2006-03-31 23:05 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(18)(2).sys
2005-05-23 23:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(18)(3).sys
2005-05-23 23:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(18)(4).sys
2006-04-07 20:57 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(18)(5).sys
2006-03-31 13:36 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(19)(2).sys
2005-05-23 00:23 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(19)(3).sys
2005-05-23 00:23 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(19)(4).sys
2006-04-07 16:41 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(19)(5).sys
2004-07-07 22:57 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(2).sys
2006-03-31 12:37 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(20)(2).sys
2005-05-21 20:31 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(20)(3).sys
2005-05-21 20:31 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(20)(4).sys
2006-04-07 07:18 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(20)(5).sys
2006-03-31 08:53 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(21)(2).sys
2005-05-21 10:14 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(21)(3).sys
2005-05-21 10:14 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(21)(4).sys
2006-04-07 06:08 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(21)(5).sys
2006-03-31 08:43 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(22)(2).sys
2005-05-21 09:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(22)(3).sys
2005-05-21 09:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(22)(4).sys
2006-03-30 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(23)(2).sys
2005-05-21 08:41 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(23)(3).sys
2005-05-21 08:41 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(23)(4).sys
2006-03-30 21:29 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(24)(2).sys
2005-05-21 03:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(24)(3).sys
2005-05-21 03:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(24)(4).sys
2006-03-29 22:55 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(25)(2).sys
2005-05-21 03:09 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(25)(3).sys
2005-05-21 03:09 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(25)(4).sys
2005-05-20 22:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(26)(2).sys
2006-03-29 22:22 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(26)(3).sys
2005-05-20 01:05 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(27)(2).sys
2006-03-29 06:47 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(27)(3).sys
2005-05-19 23:28 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(28)(2).sys
2006-04-03 23:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(28)(3).sys
2006-03-12 21:41 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(28)(4).sys
2005-05-19 22:50 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(29)(2).sys
2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(29)(3).sys
2004-07-08 00:55 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(3).sys
2005-05-19 02:13 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(30)(2).sys
2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(30)(3).sys
2005-05-18 23:23 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(31)(2).sys
2006-04-03 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(31)(3).sys
2005-05-18 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(32)(2).sys
2005-05-18 06:44 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(33)(2).sys
2006-04-04 02:21 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(33)(3).sys
2005-05-18 05:50 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(34)(2).sys
2006-03-14 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(34)(3).sys
2005-05-17 22:53 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(35)(2).sys
2006-03-15 02:10 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(35)(3).sys
2005-05-17 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(36)(2).sys
2006-03-15 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(36)(3).sys
2005-05-16 23:08 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(37)(2).sys
2006-03-16 04:20 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(37)(3).sys
2005-05-16 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(38)(2).sys
2006-03-16 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(38)(3).sys
2005-05-16 07:18 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(39)(2).sys
2006-03-17 14:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(39)(3).sys
2004-07-08 00:52 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(4).sys
2005-05-16 05:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(40)(2).sys
2006-03-17 22:27 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(40)(3).sys
2005-05-16 02:13 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(41)(2).sys
2006-03-17 22:50 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(41)(3).sys
2005-05-15 20:36 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(42)(2).sys
2006-03-18 22:07 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(42)(3).sys
2005-05-15 20:06 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(43)(2).sys
2006-03-19 09:14 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(43)(3).sys
2005-05-15 19:24 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(44)(2).sys
2006-03-19 18:45 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(44)(3).sys
2005-05-15 11:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(45)(2).sys
2006-03-20 02:41 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(45)(3).sys
2005-05-15 00:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(46)(2).sys
2006-03-20 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(46)(3).sys
2005-05-28 21:35 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(47)(2).sys
2005-05-16 02:13 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(47)(3).sys
2005-05-15 00:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(48)(2).sys
2005-05-15 11:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(49)(2).sys
2005-05-29 20:34 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(10).sys
2005-05-29 01:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(11).sys
2006-04-03 23:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(12).sys
2006-04-07 05:36 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(13).sys
2006-04-03 23:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(14).sys
2006-04-03 23:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(15).sys
2006-04-10 00:58 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(5)(16).sys
2008-04-22 10:44 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf(5)(17).sys
2004-08-04 06:01 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(2).sys
2005-05-14 23:09 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(3).sys
2006-04-06 21:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(4).sys
2006-03-28 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(5).sys
2005-06-01 23:05 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(6).sys
2005-05-29 20:34 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(7).sys
2005-05-29 20:34 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(8).sys
2005-06-12 18:12 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(5)(9).sys
2005-05-16 05:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(54)(2).sys
2005-05-16 07:18 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(55)(2).sys
2005-05-16 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(56)(2).sys
2005-05-16 23:08 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(57)(2).sys
2005-05-17 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(58)(2).sys
2005-05-17 22:53 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(59)(2).sys
2005-05-28 09:02 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(10).sys
2006-04-03 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(11).sys
2006-04-07 02:45 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(12).sys
2006-04-03 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(13).sys
2006-04-03 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(14).sys
2006-04-10 00:15 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(6)(15).sys
2008-04-22 09:20 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf(6)(16).sys
2006-02-06 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(2).sys
2006-04-06 04:53 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(3).sys
2005-05-31 00:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(4).sys
2005-05-29 04:27 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(5).sys
2005-05-15 11:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(6).sys
2005-06-12 17:59 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(6)(7).sys
2005-05-29 04:27 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(8).sys
2005-05-15 20:36 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(9).sys
2005-05-18 05:50 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(60)(2).sys
2005-05-18 06:44 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(61)(2).sys
2006-03-12 07:36 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(61)(3).sys
2005-05-18 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(62)(2).sys
2006-03-11 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(62)(3).sys
2005-05-18 23:23 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(63)(2).sys
2006-03-10 20:29 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(63)(3).sys
2005-05-19 02:13 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(64)(2).sys
2006-03-09 23:19 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(64)(3).sys
2005-05-19 22:50 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(65)(2).sys
2006-03-08 20:33 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(65)(3).sys
2006-03-08 00:58 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(66)(2).sys
2006-03-07 22:33 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(67)(2).sys
2006-03-07 19:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(68)(2).sys
2006-03-06 19:20 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(69)(2).sys
2006-10-04 05:08 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(10).sys
2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(11).sys
2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(12).sys
2006-04-09 21:05 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(7)(13).sys
2008-04-22 08:51 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf(7)(14).sys
2006-04-06 04:47 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(2).sys
2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(3).sys
2005-05-29 04:17 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(4).sys
2005-05-15 19:24 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(5).sys
2005-06-12 03:28 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(7)(6).sys
2005-05-29 04:17 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(7).sys
2005-05-15 20:06 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(8).sys
2005-05-27 22:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(9).sys
2006-03-06 06:35 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(70)(2).sys
2006-03-05 19:20 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(71)(2).sys
2006-03-05 05:51 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(72)(2).sys
2006-03-04 22:22 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(73)(2).sys
2006-03-04 18:40 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(74)(2).sys
2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(75)(2).sys
2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(8)(10).sys
2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(8)(11).sys
2006-04-09 20:03 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(8)(12).sys
2008-04-20 21:21 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf(8)(13).sys
2006-04-06 04:40 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(8)(2).sys
2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(8)(3).sys
2005-05-29 01:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(4).sys
2005-05-15 20:06 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(5).sys
2005-06-12 03:19 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(8)(6).sys
2005-05-29 01:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(7).sys
2005-05-15 19:24 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(8).sys
2005-05-27 05:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(9).sys
2006-04-04 07:02 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(87)(2).sys
2006-04-04 15:31 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(88)(2).sys
2006-04-04 17:35 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(89)(2).sys
2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(10).sys
2006-04-09 19:43 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(9)(11).sys
2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(12).sys
2006-04-06 04:20 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(2).sys
2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(3).sys
2005-05-28 21:35 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(9)(4).sys
2005-05-15 20:36 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(9)(5).sys
2005-06-12 06:59 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(9)(6).sys
2005-05-28 21:35 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(9)(7).sys
2005-05-14 23:09 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(9)(8).sys
2006-04-06 22:50 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(9).sys
2006-04-04 20:16 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(90)(2).sys
2005-06-01 19:19 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(90)(3).sys
2006-04-04 22:52 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(91)(2).sys
2006-04-05 23:09 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(92)(2).sys
2006-04-05 23:24 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(93)(2).sys
2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(99)(2).sys
2004-12-17 23:29 . 2004-12-17 23:29 71 -csha-w- c:\windows\system32\SYSDRVREB.SYS
.

((((((((((((((((((((((((((((( SnapShot@2009-06-09_05.11.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-09 10:48 . 2009-06-09 10:48 16384 c:\windows\Temp\Perflib_Perfdata_f8.dat
+ 2009-06-09 10:45 . 2009-06-09 10:45 60416 c:\windows\Temp\Perflib_Perfdata__755.dat
- 2009-06-09 05:08 . 2009-06-09 05:08 60416 c:\windows\Temp\Perflib_Perfdata__755.dat
+ 2009-06-09 06:47 . 2009-06-09 06:47 53248 c:\windows\Temp\catchme.dll
- 2009-06-09 05:11 . 2009-06-09 05:11 53248 c:\windows\Temp\catchme.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2003-08-09 139264]
"IPInSightLAN 01"="c:\program files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" [2003-06-11 380928]
"Ulead Quick-Drop"="c:\program files\Ulead Systems\Ulead DVD MovieFactory 4.0 Disc Creator TBYB\Ulead Quick-Drop 1.0\Quick-Drop.exe" [2005-02-01 102400]
"USIUDF_Eject_Monitor"="c:\program files\Common Files\Ulead Systems\DVD\USISrv.exe" [2004-12-24 81920]
"IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520]
"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-22 129536]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

c:\documents and settings\Owner\Start Menu\Programs\Startup\
spamsubtract.lnk - c:\program files\interMute\SpamSubtract\SpamSubtract.exe [2003-8-28 552960]

c:\documents and settings\Administrator.KJL4LIFE.000\Start Menu\Programs\Startup\
AutoTBar.exe [2003-6-18 53248]
mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-7 27136]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Quicken Scheduled Updates.lnk - c:\program files\Quicken\bagent.exe [2002-9-20 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE"=
"c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Outlook Express\\wab.exe"=
"c:\\Program Files\\Yahoo!\\browser\\ybrowser.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YPAGER.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\yserver.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\1145570059\\ee\\aim6.exe"=
"c:\\Program Files\\Common Files\\AOL\\1145570059\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
R2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [1/25/2004 7:00 PM 2560]
R2 vvlppc2;vvlppc2;c:\windows\system32\drivers\vvlppc2.sys [1/17/2004 9:01 PM 30112]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [12/17/2008 8:36 PM 33792]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [6/6/2007 2:58 PM 42112]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-05-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 20:34]

2009-01-04 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 19:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
IE: &AIM Search
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
LSP: c:\windows\system32\DRWEBSP.DLL
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-08 22:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1033579849-865041543-3952056309-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \7B89AC59B91B61F6]
"1"=hex:e2,7f,28,b3,f4,78,a8,90,a3,fe,4e,87,45,83,70,cb,36,b1,2e,f7,56,49,5f,
1a
"2"=hex:75,4f,d5,56,e6,9d,1a,13,c8,71,03,1e,73,6c,6e,62,58,a8,9a,49,4f,b9,cd,
0f,5b,63,25,a5,82,25,ac,36
"3"=hex:e2,7f,28,b3,f4,78,a8,90,a3,fe,4e,87,45,83,70,cb,f0,b4,6d,ee,bc,c7,ac,
0b,c8,17,e0,ea,3a,b9,a9,b3,2b,85,23,84,db,a5,db,15,57,06,da,7a,f2,b6,f8,62,\

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \7B89AC59B91B61F6\BC8EEB13EC0E80C548E5EE71D72FCCB1]
"1"=hex:7e,63,ed,e4,ff,c6,da,b0,3c,b3,ff,e0,03,2b,bc,b2,da,51,f5,e7,5b,21,e3,
14
"2"=hex:ff,46,a9,cd,53,d2,ef,98
"3"=hex:04,d1,c8,a3,3b,6b,9d,2b,f4,66,3f,34,93,65,a4,2e,0e,13,96,f1,e8,c7,83,
09,69,d3,c6,5b,db,c3,51,5e,90,dd,dd,a5,d2,90,5b,e1,ca,b0,b2,49,e8,b2,87,c4,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:e2,7f,28,b3,f4,78,a8,90,a3,fe,4e,87,45,83,70,cb,56,45,d4,09,32,3d,f1,
bb,f7,48,93,b9,38,3c,15,e4,8d,f5,b4,8e,82,72,66,0b,c7,96,98,35,f9,2a,2c,db,\
"8"=hex:63,5a,d7,1b,b1,d4,18,46,1a,71,d0,d8,f4,aa,c9,dc,12,96,5a,35,4b,e0,a7,
97,aa,2b,0b,0b,17,06,5b,f5,f7,ed,c8,65,48,a5,05,1f,94,84,cd,49,ed,e7,fc,e7
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:55,0c,d6,b4,90,c5,27,45
"11"=hex:7d,ba,74,77,fe,09,92,36
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(900)
c:\windows\system32\DRWEBSP.DLL

- - - - - - - > 'explorer.exe'(2180)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\libusbd-nt.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Viewpoint\Common\ViewpointService.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\Yahoo!\browser\ycommon.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\program files\Microsoft IntelliType Pro\dpupdchk.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-06-09 22:55 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-09 06:54
ComboFix2.txt 2009-06-09 05:19

Pre-Run: 56,327,225,344 bytes free
Post-Run: 56,329,396,224 bytes free

446 --- E O F --- 2009-05-30 05:13

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Tuesday, June 9, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Tuesday, June 09, 2009 08:46:59
Records in database: 2330123
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
G:\
H:\
J:\
K:\
L:\

Scan statistics:
Files scanned: 105701
Threat name: 7
Infected objects: 46
Suspicious objects: 0
Duration of the scan: 02:42:09

File name / Threat name / Threats count
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6AAC7B61.exe Infected: not-a-virus:AdWare.Win32.BlazeFind.b 1
C:\Documents and Settings\Owner\.housecall\Quarantine\adobemgr.exe.bac_a00724 Infected: Trojan-Clicker.Win32.VB.ku 1
C:\Documents and Settings\Owner\.housecall\Quarantine\adobemgr.exe.bac_a02536 Infected: Trojan-Clicker.Win32.VB.ku 1
C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-3973bd34-645e9210.zip.bac_a02536 Infected: Trojan.Java.Femad 4
C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-3973bd34-645e9210.zip.bac_a02536 Infected: Hoax.Win32.Renos.bb 1
C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-5d6c59a1-5d7f637a.zip.bac_a02536 Infected: Trojan.Java.Femad 4
C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-5d6c59a1-5d7f637a.zip.bac_a02536 Infected: Trojan-Downloader.Win32.Tiny.bw 1
C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-5f5cccb6-64350184.zip.bac_a02536 Infected: Trojan.Java.Femad 4
C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-5f5cccb6-64350184.zip.bac_a02536 Infected: Trojan.Win32.Small.ev 1
C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-76c9ea78-504f5bbf.zip.bac_a02536 Infected: Trojan.Java.Femad 4
C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-76c9ea78-504f5bbf.zip.bac_a02536 Infected: Trojan.Win32.Small.ev 1
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\adobemgr.exe.bac_a00724 Infected: Trojan-Clicker.Win32.VB.ku 1
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\adobemgr.exe.bac_a02536 Infected: Trojan-Clicker.Win32.VB.ku 1
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-3973bd34-645e9210.zip.bac_a02536 Infected: Trojan.Java.Femad 4
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-3973bd34-645e9210.zip.bac_a02536 Infected: Hoax.Win32.Renos.bb 1
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-5d6c59a1-5d7f637a.zip.bac_a02536 Infected: Trojan.Java.Femad 4
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-5d6c59a1-5d7f637a.zip.bac_a02536 Infected: Trojan-Downloader.Win32.Tiny.bw 1
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-5f5cccb6-64350184.zip.bac_a02536 Infected: Trojan.Java.Femad 4
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-5f5cccb6-64350184.zip.bac_a02536 Infected: Trojan.Win32.Small.ev 1
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-76c9ea78-504f5bbf.zip.bac_a02536 Infected: Trojan.Java.Femad 4
C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-76c9ea78-504f5bbf.zip.bac_a02536 Infected: Trojan.Win32.Small.ev 1
C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP1120\A0240430.dll Infected: not-a-virus:FraudTool.Win32.Ascentive.b 1

The selected area was scanned.

and i have the microsoft defealt firewall and spybot search and destroy

06-09-2009, 04:45 AM	#6 (permalink)
klowery11115 Registered User Join Date: Jun 2009 Location: detroit michigan Posts: 7 OS: windows xp	Re: heres my new scans help plz my computer is running so slow!!!!!!! ComboFix 09-06-08.03 - Owner 06/09/2009 2:39.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.104 [GMT -8:00] Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt FW: Norton Internet Worm Protection disabled {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MRTRATE -------\Legacy_POHCI13F -------\Service_mrtRate -------\Service_pohci13F ((((((((((((((((((((((((( Files Created from 2009-05-09 to 2009-06-09 ))))))))))))))))))))))))))))))) . 2009-06-08 13:05 . 2009-06-08 13:05 -------- d-sh--w- c:\documents and settings\Owner\IECompatCache 2009-06-08 13:04 . 2009-06-08 13:04 -------- d-sh--w- c:\documents and settings\Owner\PrivacIE 2009-05-30 05:23 . 2009-05-30 05:23 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-05-30 05:16 . 2009-05-30 05:16 -------- d-sh--w- c:\documents and settings\Owner\IETldCache 2009-05-30 05:12 . 2009-05-30 05:12 -------- d-----w- c:\windows\ie8updates 2009-05-30 05:11 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-05-30 05:09 . 2009-05-30 05:10 -------- dc-h--w- c:\windows\ie8 2009-05-27 01:17 . 2009-05-27 01:17 321536 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\engine_vx.dll 2009-05-27 01:16 . 2009-05-27 01:16 18724 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\bass.dll 2009-05-27 01:16 . 2009-05-27 01:16 26200 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\qwadjb.dll 2009-05-27 01:16 . 2009-05-27 01:16 16952 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\1eaadjc.dll 2009-05-27 01:16 . 2009-05-27 01:16 15416 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\rsaadjd.dll 2009-05-27 01:16 . 2009-05-27 01:16 14392 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\kfgresk.dll 2009-05-27 01:16 . 2009-05-27 01:16 13984 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\mjcriu.dll 2009-05-27 01:16 . 2009-05-27 01:16 10808 ----atw- c:\documents and settings\Owner\Application Data\Microsoft\peaadje.dll 2009-05-22 02:37 . 2002-11-05 23:16 57344 ----a-w- c:\windows\system32\Wnaspint.dll 2009-05-18 01:04 . 2009-05-18 01:04 2967799 -c--a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-05-15 18:41 . 2009-06-09 10:13 -------- dc----w- c:\documents and settings\All Users\Application Data\Napster 2009-05-15 11:52 . 2009-05-17 02:10 -------- dc----w- C:\Downloads 2009-05-11 15:51 . 2009-05-11 15:51 -------- d-----w- c:\program files\Windows Media Connect 2 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-09 10:48 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf.sys 2009-06-09 10:28 . 2004-05-25 22:26 -------- d-----w- c:\program files\Common Files\Java 2009-06-09 10:28 . 2003-12-25 18:46 -------- d-----w- c:\program files\Java 2009-06-09 10:13 . 2003-08-23 14:19 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-07 12:14 . 2006-12-15 00:09 -------- d-----w- c:\program files\AIM6 2009-06-06 13:46 . 2008-02-04 02:53 -------- dc--a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-06 07:21 . 2004-12-07 02:09 -------- d-----w- c:\program files\Common Files\Motive 2009-06-06 07:15 . 2004-12-28 10:57 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-06-06 07:13 . 2006-11-21 05:37 -------- d-----w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com 2009-06-06 04:30 . 2004-12-07 02:09 -------- d-----w- c:\program files\SBC Self Support Tool 2009-06-06 04:28 . 2003-08-24 03:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive 2009-05-18 01:04 . 2008-11-16 02:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-05-09 19:09 . 2004-12-03 05:16 -------- d-----w- c:\program files\Yahoo! 2009-05-06 17:02 . 2008-12-23 07:31 -------- d-----w- c:\documents and settings\Owner\Application Data\IObit 2009-04-06 23:32 . 2008-11-16 02:37 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-04-06 23:32 . 2008-11-16 02:37 15504 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-03-28 02:41 . 2009-03-28 02:41 152576 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_13\lzma.dll 2005-11-26 22:48 . 2005-11-26 22:49 774144 -c--a-w- c:\program files\RngInterstitial.dll 2001-09-29 01:00 . 2005-03-16 07:34 164864 -c--a-w- c:\program files\UNWISE.EXE 2005-09-20 08:05 . 2004-01-18 17:29 152 -csh--r- c:\windows\system32\3741FB9001.sys 2003-12-29 06:15 . 2003-12-26 02:07 56 -csh--r- c:\windows\system32\BC2C6383F0.sys 2006-04-05 23:24 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(10)(2).sys 2005-05-28 09:02 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(10)(3).sys 2005-05-28 09:02 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(10)(4).sys 2005-05-31 00:47 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(10)(5).sys 2006-04-09 18:20 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(10)(6).sys 2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(100)(2).sys 2006-03-13 22:51 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(104)(2).sys 2006-04-05 23:09 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(11)(2).sys 2005-05-28 08:31 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(11)(3).sys 2005-05-28 08:31 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(11)(4).sys 2006-04-09 16:51 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(11)(5).sys 2006-04-04 22:52 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(12)(2).sys 2005-05-28 01:25 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(12)(3).sys 2005-05-28 01:25 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(12)(4).sys 2006-04-09 15:57 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(12)(5).sys 2006-04-04 20:16 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(13)(2).sys 2005-05-27 22:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(13)(3).sys 2005-05-27 22:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(13)(4).sys 2006-04-08 23:04 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(13)(5).sys 2006-04-04 17:35 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(14)(2).sys 2005-05-27 05:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(14)(3).sys 2005-05-27 05:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(14)(4).sys 2006-04-08 09:21 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(14)(5).sys 2006-04-04 15:31 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(15)(2).sys 2005-05-26 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(15)(3).sys 2005-05-26 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(15)(4).sys 2006-04-08 08:52 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(15)(5).sys 2006-04-04 07:02 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(16)(2).sys 2005-05-25 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(16)(3).sys 2005-05-25 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(16)(4).sys 2006-04-07 22:57 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(16)(5).sys 2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(17)(2).sys 2005-05-24 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(17)(3).sys 2005-05-24 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(17)(4).sys 2006-04-07 21:07 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(17)(5).sys 2006-03-31 23:05 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(18)(2).sys 2005-05-23 23:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(18)(3).sys 2005-05-23 23:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(18)(4).sys 2006-04-07 20:57 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(18)(5).sys 2006-03-31 13:36 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(19)(2).sys 2005-05-23 00:23 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(19)(3).sys 2005-05-23 00:23 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(19)(4).sys 2006-04-07 16:41 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(19)(5).sys 2004-07-07 22:57 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(2).sys 2006-03-31 12:37 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(20)(2).sys 2005-05-21 20:31 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(20)(3).sys 2005-05-21 20:31 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(20)(4).sys 2006-04-07 07:18 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(20)(5).sys 2006-03-31 08:53 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(21)(2).sys 2005-05-21 10:14 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(21)(3).sys 2005-05-21 10:14 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(21)(4).sys 2006-04-07 06:08 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(21)(5).sys 2006-03-31 08:43 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(22)(2).sys 2005-05-21 09:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(22)(3).sys 2005-05-21 09:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(22)(4).sys 2006-03-30 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(23)(2).sys 2005-05-21 08:41 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(23)(3).sys 2005-05-21 08:41 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(23)(4).sys 2006-03-30 21:29 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(24)(2).sys 2005-05-21 03:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(24)(3).sys 2005-05-21 03:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(24)(4).sys 2006-03-29 22:55 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(25)(2).sys 2005-05-21 03:09 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(25)(3).sys 2005-05-21 03:09 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(25)(4).sys 2005-05-20 22:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(26)(2).sys 2006-03-29 22:22 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(26)(3).sys 2005-05-20 01:05 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(27)(2).sys 2006-03-29 06:47 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(27)(3).sys 2005-05-19 23:28 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(28)(2).sys 2006-04-03 23:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(28)(3).sys 2006-03-12 21:41 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(28)(4).sys 2005-05-19 22:50 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(29)(2).sys 2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(29)(3).sys 2004-07-08 00:55 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(3).sys 2005-05-19 02:13 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(30)(2).sys 2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(30)(3).sys 2005-05-18 23:23 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(31)(2).sys 2006-04-03 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(31)(3).sys 2005-05-18 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(32)(2).sys 2005-05-18 06:44 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(33)(2).sys 2006-04-04 02:21 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(33)(3).sys 2005-05-18 05:50 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(34)(2).sys 2006-03-14 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(34)(3).sys 2005-05-17 22:53 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(35)(2).sys 2006-03-15 02:10 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(35)(3).sys 2005-05-17 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(36)(2).sys 2006-03-15 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(36)(3).sys 2005-05-16 23:08 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(37)(2).sys 2006-03-16 04:20 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(37)(3).sys 2005-05-16 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(38)(2).sys 2006-03-16 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(38)(3).sys 2005-05-16 07:18 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(39)(2).sys 2006-03-17 14:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(39)(3).sys 2004-07-08 00:52 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(4).sys 2005-05-16 05:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(40)(2).sys 2006-03-17 22:27 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(40)(3).sys 2005-05-16 02:13 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(41)(2).sys 2006-03-17 22:50 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(41)(3).sys 2005-05-15 20:36 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(42)(2).sys 2006-03-18 22:07 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(42)(3).sys 2005-05-15 20:06 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(43)(2).sys 2006-03-19 09:14 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(43)(3).sys 2005-05-15 19:24 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(44)(2).sys 2006-03-19 18:45 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(44)(3).sys 2005-05-15 11:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(45)(2).sys 2006-03-20 02:41 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(45)(3).sys 2005-05-15 00:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(46)(2).sys 2006-03-20 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(46)(3).sys 2005-05-28 21:35 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(47)(2).sys 2005-05-16 02:13 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(47)(3).sys 2005-05-15 00:07 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(48)(2).sys 2005-05-15 11:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(49)(2).sys 2005-05-29 20:34 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(10).sys 2005-05-29 01:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(11).sys 2006-04-03 23:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(12).sys 2006-04-07 05:36 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(13).sys 2006-04-03 23:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(14).sys 2006-04-03 23:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(15).sys 2006-04-10 00:58 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(5)(16).sys 2008-04-22 10:44 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf(5)(17).sys 2004-08-04 06:01 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(2).sys 2005-05-14 23:09 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(3).sys 2006-04-06 21:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(4).sys 2006-03-28 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(5)(5).sys 2005-06-01 23:05 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(6).sys 2005-05-29 20:34 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(7).sys 2005-05-29 20:34 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(5)(8).sys 2005-06-12 18:12 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(5)(9).sys 2005-05-16 05:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(54)(2).sys 2005-05-16 07:18 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(55)(2).sys 2005-05-16 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(56)(2).sys 2005-05-16 23:08 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(57)(2).sys 2005-05-17 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(58)(2).sys 2005-05-17 22:53 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(59)(2).sys 2005-05-28 09:02 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(10).sys 2006-04-03 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(11).sys 2006-04-07 02:45 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(12).sys 2006-04-03 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(13).sys 2006-04-03 22:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(14).sys 2006-04-10 00:15 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(6)(15).sys 2008-04-22 09:20 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf(6)(16).sys 2006-02-06 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(2).sys 2006-04-06 04:53 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(6)(3).sys 2005-05-31 00:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(4).sys 2005-05-29 04:27 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(5).sys 2005-05-15 11:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(6).sys 2005-06-12 17:59 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(6)(7).sys 2005-05-29 04:27 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(8).sys 2005-05-15 20:36 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(6)(9).sys 2005-05-18 05:50 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(60)(2).sys 2005-05-18 06:44 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(61)(2).sys 2006-03-12 07:36 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(61)(3).sys 2005-05-18 22:48 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(62)(2).sys 2006-03-11 22:48 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(62)(3).sys 2005-05-18 23:23 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(63)(2).sys 2006-03-10 20:29 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(63)(3).sys 2005-05-19 02:13 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(64)(2).sys 2006-03-09 23:19 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(64)(3).sys 2005-05-19 22:50 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(65)(2).sys 2006-03-08 20:33 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(65)(3).sys 2006-03-08 00:58 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(66)(2).sys 2006-03-07 22:33 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(67)(2).sys 2006-03-07 19:57 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(68)(2).sys 2006-03-06 19:20 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(69)(2).sys 2006-10-04 05:08 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(10).sys 2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(11).sys 2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(12).sys 2006-04-09 21:05 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(7)(13).sys 2008-04-22 08:51 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf(7)(14).sys 2006-04-06 04:47 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(2).sys 2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(7)(3).sys 2005-05-29 04:17 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(4).sys 2005-05-15 19:24 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(5).sys 2005-06-12 03:28 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(7)(6).sys 2005-05-29 04:17 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(7).sys 2005-05-15 20:06 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(8).sys 2005-05-27 22:47 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(7)(9).sys 2006-03-06 06:35 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(70)(2).sys 2006-03-05 19:20 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(71)(2).sys 2006-03-05 05:51 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(72)(2).sys 2006-03-04 22:22 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(73)(2).sys 2006-03-04 18:40 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(74)(2).sys 2006-04-02 21:06 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(75)(2).sys 2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(8)(10).sys 2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(8)(11).sys 2006-04-09 20:03 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(8)(12).sys 2008-04-20 21:21 . 2006-04-10 03:07 1057 --sha-w- c:\windows\system32\mmf(8)(13).sys 2006-04-06 04:40 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(8)(2).sys 2006-04-02 05:15 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(8)(3).sys 2005-05-29 01:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(4).sys 2005-05-15 20:06 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(5).sys 2005-06-12 03:19 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(8)(6).sys 2005-05-29 01:11 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(7).sys 2005-05-15 19:24 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(8).sys 2005-05-27 05:30 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(8)(9).sys 2006-04-04 07:02 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(87)(2).sys 2006-04-04 15:31 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(88)(2).sys 2006-04-04 17:35 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(89)(2).sys 2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(10).sys 2006-04-09 19:43 . 2006-04-07 06:08 1057 --sha-w- c:\windows\system32\mmf(9)(11).sys 2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(12).sys 2006-04-06 04:20 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(2).sys 2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(3).sys 2005-05-28 21:35 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(9)(4).sys 2005-05-15 20:36 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(9)(5).sys 2005-06-12 06:59 . 2005-06-01 19:29 1057 -csha-w- c:\windows\system32\mmf(9)(6).sys 2005-05-28 21:35 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(9)(7).sys 2005-05-14 23:09 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(9)(8).sys 2006-04-06 22:50 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(9)(9).sys 2006-04-04 20:16 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(90)(2).sys 2005-06-01 19:19 . 2004-01-26 03:00 1057 -csha-w- c:\windows\system32\mmf(90)(3).sys 2006-04-04 22:52 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(91)(2).sys 2006-04-05 23:09 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(92)(2).sys 2006-04-05 23:24 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(93)(2).sys 2006-04-01 19:49 . 2005-06-01 19:29 1057 --sha-w- c:\windows\system32\mmf(99)(2).sys 2004-12-17 23:29 . 2004-12-17 23:29 71 -csha-w- c:\windows\system32\SYSDRVREB.SYS . ((((((((((((((((((((((((((((( SnapShot@2009-06-09_05.11.26 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-09 10:48 . 2009-06-09 10:48 16384 c:\windows\Temp\Perflib_Perfdata_f8.dat + 2009-06-09 10:45 . 2009-06-09 10:45 60416 c:\windows\Temp\Perflib_Perfdata__755.dat - 2009-06-09 05:08 . 2009-06-09 05:08 60416 c:\windows\Temp\Perflib_Perfdata__755.dat + 2009-06-09 06:47 . 2009-06-09 06:47 53248 c:\windows\Temp\catchme.dll - 2009-06-09 05:11 . 2009-06-09 05:11 53248 c:\windows\Temp\catchme.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992] "Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2003-08-09 139264] "IPInSightLAN 01"="c:\program files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" [2003-06-11 380928] "Ulead Quick-Drop"="c:\program files\Ulead Systems\Ulead DVD MovieFactory 4.0 Disc Creator TBYB\Ulead Quick-Drop 1.0\Quick-Drop.exe" [2005-02-01 102400] "USIUDF_Eject_Monitor"="c:\program files\Common Files\Ulead Systems\DVD\USISrv.exe" [2004-12-24 81920] "IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520] "YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-22 129536] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] c:\documents and settings\Owner\Start Menu\Programs\Startup\ spamsubtract.lnk - c:\program files\interMute\SpamSubtract\SpamSubtract.exe [2003-8-28 552960] c:\documents and settings\Administrator.KJL4LIFE.000\Start Menu\Programs\Startup\ AutoTBar.exe [2003-6-18 53248] mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-7 27136] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696] Quicken Scheduled Updates.lnk - c:\program files\Quicken\bagent.exe [2002-9-20 53248] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "SynchronousMachineGroupPolicy"= 0 (0x0) "SynchronousUserGroupPolicy"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE"= "c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Outlook Express\\wab.exe"= "c:\\Program Files\\Yahoo!\\browser\\ybrowser.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YPAGER.EXE"= "c:\\Program Files\\Yahoo!\\Messenger\\yserver.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\AOL\\1145570059\\ee\\aim6.exe"= "c:\\Program Files\\Common Files\\AOL\\1145570059\\ee\\aolsoftware.exe"= "c:\\Program Files\\AIM6\\aim6.exe"= "c:\\WINDOWS\\system32\\java.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?] R2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [1/25/2004 7:00 PM 2560] R2 vvlppc2;vvlppc2;c:\windows\system32\drivers\vvlppc2.sys [1/17/2004 9:01 PM 30112] R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [12/17/2008 8:36 PM 33792] S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [6/6/2007 2:58 PM 42112] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-05-22 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 20:34] 2009-01-04 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job - c:\program files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 19:56] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = .local uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/http://www.yahoo.com IE: &AIM Search IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html LSP: c:\windows\system32\DRWEBSP.DLL DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java FF - ProfilePath - . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-08 22:47 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1033579849-865041543-3952056309-1003\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrllkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \7B89AC59B91B61F6] "1"=hex:e2,7f,28,b3,f4,78,a8,90,a3,fe,4e,87,45,83,70,cb,36,b1,2e,f7,56,49,5f, 1a "2"=hex:75,4f,d5,56,e6,9d,1a,13,c8,71,03,1e,73,6c,6e,62,58,a8,9a,49,4f,b9,cd, 0f,5b,63,25,a5,82,25,ac,36 "3"=hex:e2,7f,28,b3,f4,78,a8,90,a3,fe,4e,87,45,83,70,cb,f0,b4,6d,ee,bc,c7,ac, 0b,c8,17,e0,ea,3a,b9,a9,b3,2b,85,23,84,db,a5,db,15,57,06,da,7a,f2,b6,f8,62,\ [HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrllkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \7B89AC59B91B61F6\BC8EEB13EC0E80C548E5EE71D72FCCB1] "1"=hex:7e,63,ed,e4,ff,c6,da,b0,3c,b3,ff,e0,03,2b,bc,b2,da,51,f5,e7,5b,21,e3, 14 "2"=hex:ff,46,a9,cd,53,d2,ef,98 "3"=hex:04,d1,c8,a3,3b,6b,9d,2b,f4,66,3f,34,93,65,a4,2e,0e,13,96,f1,e8,c7,83, 09,69,d3,c6,5b,db,c3,51,5e,90,dd,dd,a5,d2,90,5b,e1,ca,b0,b2,49,e8,b2,87,c4,\ "4"=hex:2f,ad,a2,e7,8a,bf,05,5e "5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55, 1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\ "6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4, 51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20 "7"=hex:e2,7f,28,b3,f4,78,a8,90,a3,fe,4e,87,45,83,70,cb,56,45,d4,09,32,3d,f1, bb,f7,48,93,b9,38,3c,15,e4,8d,f5,b4,8e,82,72,66,0b,c7,96,98,35,f9,2a,2c,db,\ "8"=hex:63,5a,d7,1b,b1,d4,18,46,1a,71,d0,d8,f4,aa,c9,dc,12,96,5a,35,4b,e0,a7, 97,aa,2b,0b,0b,17,06,5b,f5,f7,ed,c8,65,48,a5,05,1f,94,84,cd,49,ed,e7,fc,e7 "9"=hex:81,20,8f,ab,28,6a,52,9c "18"=hex:70,56,26,33,e3,20,f8,ab "10"=hex:55,0c,d6,b4,90,c5,27,45 "11"=hex:7d,ba,74,77,fe,09,92,36 "12"=hex:81,20,8f,ab,28,6a,52,9c "13"=hex:81,20,8f,ab,28,6a,52,9c "14"=hex:81,20,8f,ab,28,6a,52,9c "24"=hex:81,20,8f,ab,28,6a,52,9c "26"=hex:81,20,8f,ab,28,6a,52,9c "27"=hex:81,20,8f,ab,28,6a,52,9c "19"=hex:81,20,8f,ab,28,6a,52,9c "22"=hex:81,20,8f,ab,28,6a,52,9c . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(900) c:\windows\system32\DRWEBSP.DLL - - - - - - - > 'explorer.exe'(2180) c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\libusbd-nt.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\program files\Viewpoint\Common\ViewpointService.exe c:\windows\system32\wscntfy.exe c:\progra~1\Yahoo!\browser\ycommon.exe c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe c:\program files\Microsoft IntelliType Pro\dpupdchk.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************* . Completion time: 2009-06-09 22:55 - machine was rebooted ComboFix-quarantined-files.txt 2009-06-09 06:54 ComboFix2.txt 2009-06-09 05:19 Pre-Run: 56,327,225,344 bytes free Post-Run: 56,329,396,224 bytes free 446 --- E O F --- 2009-05-30 05:13 -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Tuesday, June 9, 2009 Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Tuesday, June 09, 2009 08:46:59 Records in database: 2330123 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ G:\ H:\ J:\ K:\ L:\ Scan statistics: Files scanned: 105701 Threat name: 7 Infected objects: 46 Suspicious objects: 0 Duration of the scan: 02:42:09 File name / Threat name / Threats count C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6AAC7B61.exe Infected: not-a-virus:AdWare.Win32.BlazeFind.b 1 C:\Documents and Settings\Owner\.housecall\Quarantine\adobemgr.exe.bac_a00724 Infected: Trojan-Clicker.Win32.VB.ku 1 C:\Documents and Settings\Owner\.housecall\Quarantine\adobemgr.exe.bac_a02536 Infected: Trojan-Clicker.Win32.VB.ku 1 C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-3973bd34-645e9210.zip.bac_a02536 Infected: Trojan.Java.Femad 4 C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-3973bd34-645e9210.zip.bac_a02536 Infected: Hoax.Win32.Renos.bb 1 C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-5d6c59a1-5d7f637a.zip.bac_a02536 Infected: Trojan.Java.Femad 4 C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-5d6c59a1-5d7f637a.zip.bac_a02536 Infected: Trojan-Downloader.Win32.Tiny.bw 1 C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-5f5cccb6-64350184.zip.bac_a02536 Infected: Trojan.Java.Femad 4 C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-5f5cccb6-64350184.zip.bac_a02536 Infected: Trojan.Win32.Small.ev 1 C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-76c9ea78-504f5bbf.zip.bac_a02536 Infected: Trojan.Java.Femad 4 C:\Documents and Settings\Owner\.housecall\Quarantine\jar.jar-76c9ea78-504f5bbf.zip.bac_a02536 Infected: Trojan.Win32.Small.ev 1 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\adobemgr.exe.bac_a00724 Infected: Trojan-Clicker.Win32.VB.ku 1 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\adobemgr.exe.bac_a02536 Infected: Trojan-Clicker.Win32.VB.ku 1 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-3973bd34-645e9210.zip.bac_a02536 Infected: Trojan.Java.Femad 4 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-3973bd34-645e9210.zip.bac_a02536 Infected: Hoax.Win32.Renos.bb 1 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-5d6c59a1-5d7f637a.zip.bac_a02536 Infected: Trojan.Java.Femad 4 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-5d6c59a1-5d7f637a.zip.bac_a02536 Infected: Trojan-Downloader.Win32.Tiny.bw 1 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-5f5cccb6-64350184.zip.bac_a02536 Infected: Trojan.Java.Femad 4 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-5f5cccb6-64350184.zip.bac_a02536 Infected: Trojan.Win32.Small.ev 1 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-76c9ea78-504f5bbf.zip.bac_a02536 Infected: Trojan.Java.Femad 4 C:\Documents and Settings\Owner\.housecall6.6\Quarantine\jar.jar-76c9ea78-504f5bbf.zip.bac_a02536 Infected: Trojan.Win32.Small.ev 1 C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP1120\A0240430.dll Infected: not-a-virus:FraudTool.Win32.Ascentive.b 1 The selected area was scanned. and i have the microsoft defealt firewall and spybot search and destroy