Thread: Help Request
View Single Post
Old 07-04-2009, 01:23 AM   #4 (permalink)
Canniballistic
Registered User
 
Join Date: Jun 2009
Location: N.S.W., Australia
Posts: 10
OS: XP Service Pack 3


Send a message via MSN to Canniballistic
Finished Combo-Fix Scan
ComboFix 09-07-03.03 - Canniballistic 04/07/2009 17:14.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.1023.730 [GMT 10:00]
Running from: c:\documents and settings\Canniballistic\Desktop\Combo-Fix.exe
AV: COMODO Antivirus *On-access scanning disabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\CANNIB~1\LOCALS~1\Temp\install_flash_player.exe
c:\windows\system32\drivers\MSIVXyedvjxvveqmtjppxpuwmyxijyovtxdrj.sys
c:\windows\system32\MSIVXaoyproeulalnqggwspqdxyyqgskrlgna.dll
c:\windows\system32\MSIVXcount
c:\windows\system32\MSIVXdfjjwtdonsoafrrdfkqxiljsmolckhmt.dll
c:\windows\system32\tmp32.tmp

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MSIVXserv.sys


((((((((((((((((((((((((( Files Created from 2009-06-04 to 2009-07-04 )))))))))))))))))))))))))))))))
.

2009-07-04 01:15 . 2009-07-04 01:15 -------- d-----w- c:\documents and settings\Canniballistic\Local Settings\Application Data\Doom_Productions
2009-06-30 03:09 . 2009-06-17 01:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-30 03:09 . 2009-06-30 03:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-30 03:09 . 2009-06-17 01:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-30 03:08 . 2009-06-30 03:08 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-30 02:30 . 2009-06-30 02:30 -------- d-sh--w- c:\documents and settings\Canniballistic\IECompatCache
2009-06-28 22:13 . 2009-06-28 22:13 -------- d-sh--w- c:\documents and settings\Canniballistic\PrivacIE
2009-06-28 13:45 . 2009-06-28 13:45 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-06-24 07:49 . 2006-02-28 12:00 838144 -c--a-w- c:\windows\system32\dllcache\chtbrkr.dll
2009-06-24 07:49 . 2006-02-28 12:00 838144 ----a-w- c:\windows\system32\chtbrkr.dll
2009-06-24 07:49 . 2006-02-28 12:00 70656 -c--a-w- c:\windows\system32\dllcache\korwbrkr.dll
2009-06-24 07:49 . 2006-02-28 12:00 70656 ----a-w- c:\windows\system32\korwbrkr.dll
2009-06-24 07:49 . 2006-02-28 12:00 1677824 -c--a-w- c:\windows\system32\dllcache\chsbrkr.dll
2009-06-24 07:49 . 2006-02-28 12:00 1677824 ----a-w- c:\windows\system32\chsbrkr.dll
2009-06-24 07:49 . 2006-02-28 12:00 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll
2009-06-24 07:49 . 2006-02-28 12:00 98304 ----a-w- c:\windows\system32\msir3jp.dll
2009-06-24 07:26 . 2001-08-17 12:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-06-24 07:26 . 2001-08-17 12:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-06-24 07:26 . 2001-08-17 12:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-06-24 07:26 . 2001-08-17 12:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-06-24 07:26 . 2001-08-17 04:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-06-24 07:26 . 2001-08-17 04:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-06-24 07:26 . 2001-08-17 04:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-06-24 07:26 . 2001-08-17 04:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-06-24 07:25 . 2008-04-14 01:09 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-06-24 07:25 . 2008-04-14 01:09 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-06-24 07:25 . 2001-08-17 04:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-06-24 07:25 . 2001-08-17 04:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-06-20 09:13 . 2009-06-20 09:13 -------- d-----w- c:\documents and settings\Canniballistic\Local Settings\Application Data\COMODO
2009-06-16 10:24 . 2009-06-16 10:24 4096 ----a-w- c:\windows\system32\drivers\nocashio.sys
2009-06-16 03:22 . 2009-06-16 03:22 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-06-16 03:21 . 2009-06-16 03:21 -------- d-sh--w- c:\documents and settings\Canniballistic\IETldCache
2009-06-16 03:05 . 2009-06-16 03:05 -------- d-----w- c:\documents and settings\LocalService\Application Data\Xfire
2009-06-16 03:05 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-16 03:05 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-16 03:05 . 2009-06-16 03:05 -------- d-----w- c:\windows\ie8updates
2009-06-16 03:05 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-06-16 03:04 . 2009-06-16 03:05 -------- dc-h--w- c:\windows\ie8
2009-06-16 03:01 . 2009-06-16 03:01 152576 ----a-w- c:\documents and settings\Canniballistic\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-11 22:29 . 2009-06-11 22:29 41808 ----a-w- c:\windows\system32\xfcodec.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-04 07:06 . 2009-04-03 01:24 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\Azureus
2009-07-04 07:06 . 2009-04-03 00:53 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\Xfire
2009-07-04 06:27 . 2009-04-29 23:48 188968 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-04 04:56 . 2009-04-29 23:49 138736 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-04 04:18 . 2009-03-02 10:34 21992 ----a-w- c:\documents and settings\Canniballistic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-04 03:18 . 2009-03-08 05:55 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-04 01:27 . 2009-05-18 10:40 77456 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-07-03 23:49 . 2009-05-14 11:43 183912 ----a-w- c:\windows\system32\guard32.dll
2009-07-03 23:49 . 2009-05-14 11:43 86976 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-07-03 23:49 . 2009-05-14 11:43 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-07-03 23:49 . 2009-05-14 11:43 131912 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-07-01 11:15 . 2009-05-22 07:45 -------- d-----w- c:\program files\Electronic Arts
2009-07-01 11:15 . 2009-03-02 10:44 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-30 03:08 . 2009-04-03 01:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-30 02:25 . 2009-05-16 23:03 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-06-24 08:21 . 2009-05-12 11:25 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\gtk-2.0
2009-06-16 07:18 . 2009-05-13 14:25 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\TrueCrypt
2009-06-16 03:01 . 2009-04-03 00:46 -------- d-----w- c:\program files\Java
2009-06-15 02:50 . 2009-03-02 13:42 -------- d-----w- c:\program files\PunkBuster
2009-06-11 09:29 . 2009-03-02 11:16 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\U3
2009-06-11 09:26 . 2009-03-02 13:40 -------- d-----w- c:\program files\Warcraft III
2009-05-26 06:22 . 2009-04-29 23:49 22328 ----a-w- c:\documents and settings\Canniballistic\Application Data\PnkBstrK.sys
2009-05-26 06:22 . 2009-04-29 23:49 22328 ----a-w- c:\documents and settings\Canniballistic\Application Data\PnkBstrK.sys
2009-05-26 06:21 . 2009-04-29 23:48 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-05-26 06:06 . 2009-03-02 13:41 -------- d-----w- c:\program files\Activision
2009-05-25 09:26 . 2009-05-25 09:26 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\CyberLink
2009-05-24 07:02 . 2009-05-24 07:02 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\Petroglyph
2009-05-24 06:40 . 2009-05-24 06:35 -------- d-----w- c:\program files\LucasArts
2009-05-24 06:33 . 2009-05-24 06:33 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\InstallShield
2009-05-23 10:28 . 2009-03-28 05:12 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\dvdcss
2009-05-22 23:22 . 2009-05-22 23:09 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\My The Lord of the Rings, The Rise of the Witch-king Files
2009-05-22 08:01 . 2009-05-22 07:53 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\My Battle for Middle-earth(tm) II Files
2009-05-22 03:54 . 2009-04-29 23:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft
2009-05-22 03:24 . 2009-05-22 03:24 -------- d-----w- c:\program files\Ubisoft
2009-05-21 04:32 . 2009-05-21 04:19 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-05-21 04:32 . 2009-05-21 04:19 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-05-21 04:32 . 2009-05-21 04:18 12067 ----atw- c:\windows\system32\SIntf16.dll
2009-05-21 04:26 . 2009-05-21 04:23 -------- d-----w- c:\program files\Fox
2009-05-21 01:33 . 2009-04-03 00:46 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-18 10:44 . 2009-05-18 10:44 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\InstallShield Installation Information
2009-05-18 10:44 . 2009-05-18 10:44 -------- d-----w- c:\program files\Bethesda Softworks
2009-05-18 10:40 . 2009-05-18 10:40 -------- d-----w- c:\program files\MSBuild
2009-05-18 10:16 . 2009-05-18 10:16 -------- d-----w- c:\program files\Reference Assemblies
2009-05-18 10:06 . 2009-05-18 12:46 147456 ----a-w- c:\documents and settings\Canniballistic\Application Data\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\_setup.dll
2009-05-18 10:05 . 2009-03-03 03:23 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-05-16 04:51 . 2009-03-02 13:37 -------- d-----w- c:\program files\THQ
2009-05-16 04:09 . 2009-03-02 13:32 -------- d-----w- c:\program files\Steam
2009-05-15 08:14 . 2009-05-15 06:17 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\GarageGames
2009-05-15 08:13 . 2009-05-15 08:13 61136 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\100\install\xinput9_1_0.dll
2009-05-15 08:13 . 2009-05-15 08:13 4308992 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\100\install\marbleBlast.exe
2009-05-15 08:13 . 2009-05-15 08:13 3495784 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\100\install\d3dx9_33.dll
2009-05-15 08:13 . 2009-05-15 08:13 319488 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\100\install\d3dx8dll.dll
2009-05-15 08:13 . 2009-05-15 08:13 316416 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\100\install\fmodex.dll
2009-05-15 07:41 . 2009-05-15 07:41 68888 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\7000\install\xinput1_3.dll
2009-05-15 07:41 . 2009-05-15 07:41 3026944 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\7000\install\Zap.exe
2009-05-15 07:41 . 2009-05-15 07:41 60416 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\7000\install\OpenAL32.dll
2009-05-15 07:41 . 2009-05-15 07:41 2319568 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\7000\install\d3dx9_27.dll
2009-05-15 07:41 . 2009-05-15 07:41 184320 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\7000\install\d3dx8dll.dll
2009-05-15 07:25 . 2009-05-15 07:25 971544 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\101\install\d3dx9_31.dll
2009-05-15 07:25 . 2009-05-15 07:25 60416 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\101\install\OpenAL32.dll
2009-05-15 07:25 . 2009-05-15 07:25 4214784 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\101\install\ThinkTanks.exe
2009-05-15 07:25 . 2009-05-15 07:25 316416 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\101\install\fmodex.dll
2009-05-15 07:25 . 2009-05-15 07:25 270336 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\101\install\d3dx8dll.dll
2009-05-15 07:25 . 2009-05-15 07:25 1338728 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\101\install\d3dx9_33.dll
2009-05-15 07:13 . 2009-05-15 07:13 4608 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\9500\install\dist\w9xpopen.exe
2009-05-15 07:13 . 2009-05-15 07:13 438272 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\9500\install\dist\SDL_image.dll
2009-05-15 07:13 . 2009-05-15 07:13 364544 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\9500\install\dist\SDL.dll
2009-05-15 07:13 . 2009-05-15 07:13 348160 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\9500\install\dist\MSVCR71.dll
2009-05-15 07:13 . 2009-05-15 07:13 282624 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\9500\install\dist\SDL_mixer.dll
2009-05-15 07:13 . 2009-05-15 07:13 274432 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\9500\install\dist\SDL_ttf.dll
2009-05-15 07:13 . 2009-05-15 07:13 2113536 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\9500\install\dist\python25.dll
2009-05-15 07:13 . 2009-05-15 07:13 204800 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\9500\install\dist\smpeg.dll
2009-05-15 07:13 . 2009-05-15 07:13 34304 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\9500\install\dist\main.exe
2009-05-15 06:38 . 2009-05-15 06:38 971544 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\6500\install\d3dx9_31.dll
2009-05-15 06:38 . 2009-05-15 06:38 34512 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\6500\install\xinput9_1_0.dll
2009-05-15 06:38 . 2009-05-15 06:38 335360 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\6500\install\fmodex.dll
2009-05-15 06:38 . 2009-05-15 06:38 1457160 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\6500\install\d3dx9_36.dll
2009-05-15 06:38 . 2009-05-15 06:38 2043392 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\6500\install\Lore.exe
2009-05-15 06:20 . 2009-05-15 06:20 4878336 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\102\install\Legions.exe
2009-05-15 06:20 . 2009-05-15 06:20 3727720 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\102\install\d3dx9_35.dll
2009-05-15 06:20 . 2009-05-15 06:20 345088 ----a-w- c:\documents and settings\Canniballistic\Application Data\GarageGames\IAPlayer\products\www_instantaction_com\102\install\fmodex.dll
2009-05-14 21:31 . 2009-05-14 11:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo
2009-05-14 11:43 . 2009-05-14 11:43 -------- d-----w- c:\program files\COMODO
2009-05-13 14:21 . 2009-05-13 14:21 217536 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2009-05-13 05:15 . 2006-02-28 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 20:52 . 2009-05-09 10:03 441408 ----a-w- c:\documents and settings\Canniballistic\Application Data\id Software\quakelive\home\baseq3\qagamex86.dll
2009-05-09 20:51 . 2009-05-09 10:03 334912 ----a-w- c:\documents and settings\Canniballistic\Application Data\id Software\quakelive\home\baseq3\cgamex86.dll
2009-05-09 20:51 . 2009-05-09 10:03 171072 ----a-w- c:\documents and settings\Canniballistic\Application Data\id Software\quakelive\home\baseq3\uix86.dll
2009-05-09 20:51 . 2009-05-09 10:03 874660 ----a-w- c:\documents and settings\Canniballistic\Application Data\id Software\quakelive\home\pb\pbcl.dll
2009-05-09 20:51 . 2009-05-09 10:03 57344 ----a-w- c:\documents and settings\Canniballistic\Application Data\id Software\quakelive\home\pb\pbag.dll
2009-05-09 20:51 . 2009-05-09 10:03 479232 ----a-w- c:\documents and settings\Canniballistic\Application Data\id Software\quakelive\home\pb\pbsv.dll
2009-05-09 20:51 . 2009-05-09 10:03 2669632 ----a-w- c:\documents and settings\Canniballistic\Application Data\id Software\quakelive\home\baseq3\quakelive.dll
2009-05-09 10:03 . 2009-05-09 10:03 874660 ----a-w- c:\documents and settings\Canniballistic\Application Data\id Software\quakelive\home\pb\pbcls.dll
2009-05-09 10:03 . 2009-05-09 10:03 57344 ----a-w- c:\documents and settings\Canniballistic\Application Data\id Software\quakelive\home\pb\pbags.dll
2009-05-09 09:58 . 2009-05-09 09:58 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\id Software
2009-05-09 09:56 . 2009-05-09 09:56 -------- d-----w- c:\documents and settings\All Users\Application Data\id Software
2009-05-08 00:50 . 2009-04-29 23:48 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-05-08 00:47 . 2009-05-08 00:47 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Xfire
2009-05-08 00:24 . 2009-05-08 00:24 -------- d-----w- c:\documents and settings\Canniballistic\Application Data\teamspeak2
2009-05-07 15:32 . 2006-02-28 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"DAEMON Tools Lite"="f:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-07-03 1793808]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-12-22 77824]
"Logitech Utility"="Logi_MwX.Exe" - c:\windows\LOGI_MWX.EXE [2003-12-11 20992]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-03-27 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Canniballistic\Start Menu\Programs\Startup\
Xfire.lnk - f:\program files\Xfire\Xfire.exe [2009-6-12 3182928]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - f:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Start GetRight.lnk - f:\program files\GetRight\getright.exe [2006-11-24 4572232]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"=
"c:\\Program Files\\THQ\\Company of Heroes\\RelicDownloader\\RelicDownloader.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [14/05/2009 9:43 PM 131912]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [14/05/2009 9:43 PM 25160]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-04 17:17
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-583907252-2147198587-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:41,6b,72,df,68,5f,a6,a2,4b,17,8b,d4,0b,22,43,97,a0,b6,b8,7c,a3,d4,43,
95,6b,ce,96,27,75,cb,46,c3,f8,17,f8,89,d1,4d,2c,d7,6b,e2,fb,99,bd,2a,7b,f1,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d

[HKEY_USERS\S-1-5-21-583907252-2147198587-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:0b,ad,b5,85,d8,19,01,2d,c6,d0,73,fe,19,f4,6b,47,11,ea,3f,21,4d,
74,5c,ee,f2,19,d4,c0,75,2a,22,8f,c2,90,9e,86,32,03,59,36,b5,ee,c9,16,13,e3,\
"rkeysecu"=hex:cf,fd,36,ed,8f,83,8f,67,d5,d5,68,a4,04,da,e7,c7
.
Completion time: 2009-07-04 17:19
ComboFix-quarantined-files.txt 2009-07-04 07:19

Pre-Run: 25,698,541,568 bytes free
Post-Run: 25,869,127,680 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

252 --- E O F --- 2009-06-16 03:05
Canniballistic is offline