Help Needed - MyDoom

[soms2m]

Hey guys,
i need help badly.....i am unable to access a lot of microsoft and antivirus websites.......

I have executed the filed - ComboFix.exe and have the log file generated.

Please respond quickly......

thanks,
soma

=======================================================
c:\mydoom.txt
ComboFix 09-03-10.03 - comp3 2009-03-12 20:46:07.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2037.1482 [GMT 5.5:30]
Running from: c:\documents and settings\comp3\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090311-1] *On-access scanning disabled* (Updated)
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\AutoRun.inf
c:\windows\system32\Cache
c:\windows\system32\drivers\ati6hjxx.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ATI6HJXX
-------\Legacy_icf
-------\Legacy_TCPSR
-------\Service_ati6hjxx
-------\Service_tcpsr


((((((((((((((((((((((((( Files Created from 2009-02-12 to 2009-03-12 )))))))))))))))))))))))))))))))
.

2009-03-12 19:37 . 2009-03-12 19:35 297,088 --a------ C:\FxMydoom.exe
2009-03-12 19:15 . 2009-03-12 19:15 <DIR> d-------- c:\program files\CCleaner
2009-03-12 19:12 . 2009-02-21 07:36 3,171,208 --a------ C:\ccsetup216.exe
2009-03-12 19:00 . 2009-03-12 19:00 <DIR> d-------- c:\documents and settings\comp3\Application Data\TeamViewer
2009-03-12 18:59 . 2009-03-12 18:59 <DIR> d-------- c:\documents and settings\comp3\temp
2009-03-12 17:07 . 2009-03-12 17:07 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-03-12 17:06 . 2009-03-12 17:06 <DIR> d-------- c:\documents and settings\comp3\Application Data\Simply Super Software
2009-03-12 17:06 . 2003-02-02 20:06 153,088 --a------ c:\windows\system32\UNRAR3.dll
2009-03-12 17:06 . 2002-03-06 01:00 75,264 --a------ c:\windows\system32\unacev2.dll
2009-03-12 16:54 . 2009-03-12 16:54 <DIR> d-------- c:\program files\Alwil Software
2009-03-12 11:46 . 2009-03-12 11:46 <DIR> d-------- c:\documents and settings\comp3\Application Data\Malwarebytes
2009-03-12 11:46 . 2009-03-12 11:46 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-12 10:32 . 2009-03-12 20:51 96,110 --a------ c:\windows\system32\drivers\2262f094.sys
2009-03-12 10:32 . 2009-03-12 10:32 33,280 --a------ c:\documents and settings\All Users\lhigp.dll
2009-03-11 17:46 . 2009-03-11 21:16 99,950 --a------ c:\windows\system32\drivers\87f5a810.sys
2009-03-11 17:45 . 2009-03-11 17:45 33,280 --a------ c:\windows\system32\acnjup.dll
2009-03-11 17:25 . 2009-03-11 17:25 33,280 --a------ c:\documents and settings\comp3\bnvuskwj.dll
2009-03-11 17:24 . 2009-03-11 17:24 33,280 --a------ c:\documents and settings\All Users\jkso.dll
2009-03-11 17:23 . 2009-03-11 17:42 99,950 --a------ c:\windows\system32\drivers\24f8dff7.sys
2009-03-11 15:21 . 2009-03-11 15:21 <DIR> d-------- c:\program files\MSDN
2009-03-11 15:09 . 2009-03-11 15:09 <DIR> d-------- c:\program files\Microsoft Device Emulator
2009-03-11 15:09 . 2009-03-11 15:09 <DIR> d-------- c:\program files\Business Objects
2009-03-11 15:08 . 2009-03-11 15:08 <DIR> d-------- c:\program files\Windows Mobile 5.0 SDK R2
2009-03-11 15:01 . 2009-03-11 15:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\PreEmptive Solutions
2009-03-11 14:56 . 2009-03-11 14:56 <DIR> d-------- c:\windows\symbols
2009-03-11 14:54 . 2009-03-11 14:54 <DIR> d-------- c:\program files\Microsoft SDKs
2009-03-11 14:54 . 2009-03-11 14:57 <DIR> d-------- c:\program files\HTML Help Workshop
2009-03-11 14:54 . 2009-03-11 15:01 <DIR> d-------- c:\program files\Common Files\Merge Modules
2009-03-11 14:54 . 2009-03-11 14:54 <DIR> d-------- c:\program files\CE Remote Tools
2009-03-11 14:52 . 2009-03-11 14:52 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-11 14:51 . 2009-03-11 14:51 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-11 14:48 . 2009-03-11 14:48 <DIR> d-------- c:\program files\MSXML 6.0
2009-03-11 13:31 . 2009-03-11 13:31 <DIR> d-------- c:\program files\MagicISO
2009-03-11 13:16 . 2009-03-11 14:52 <DIR> d-------- c:\program files\MSBuild
2009-03-11 11:00 . 2009-03-11 11:00 247,656 --a------ c:\windows\system32\ht8x4.exe
2009-03-10 20:19 . 2009-03-10 20:40 <DIR> d-------- c:\windows\SxsCaPendDel
2009-03-10 17:45 . 2009-03-12 19:48 <DIR> d-------- c:\documents and settings\comp3\Application Data\nidle
2009-03-10 17:38 . 2009-03-10 17:38 <DIR> d---s---- c:\documents and settings\comp3\UserData
2009-03-10 17:31 . 2009-03-10 17:31 <DIR> d-------- c:\windows\IIS Temporary Compressed Files
2009-03-10 12:26 . 2009-03-10 12:26 0 -rahs---- C:\kht
2009-03-10 12:22 . 2009-03-10 12:25 1,517 -rahs---- c:\windows\system32\autorun.in
2009-03-10 12:22 . 2009-03-10 12:25 1,470 -rahs---- c:\windows\system32\autorun.i
2009-03-09 21:43 . 2009-03-11 18:29 <DIR> d-------- c:\program files\Microsoft SQL Server
2009-03-09 21:41 . 2009-03-09 21:41 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition
2009-03-09 21:32 . 2009-03-10 20:14 <DIR> d-------- c:\program files\Microsoft.NET
2009-03-09 21:32 . 2009-03-09 21:32 <DIR> d-------- c:\program files\Microsoft Web Designer Tools
2009-03-09 21:32 . 2009-03-11 15:09 <DIR> d-------- c:\program files\Microsoft Visual Studio 9.0
2009-03-09 21:29 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-09 12:51 . 2009-02-12 05:54 37,183 --a------ C:\addmember.php
2009-03-05 17:51 . 2009-03-05 17:51 <DIR> d-------- c:\program files\Real
2009-03-05 17:51 . 2009-03-05 17:51 <DIR> d-------- c:\program files\Common Files\xing shared
2009-03-05 17:51 . 2009-03-05 17:51 <DIR> d-------- c:\program files\Common Files\Real
2009-03-05 13:51 . 2009-03-05 13:51 84,992 -ra-s---- c:\windows\system32\rmtrx.dll
2009-03-04 12:15 . 2009-03-11 13:57 <DIR> d--h----- C:\$AVG8.VAULT$
2009-03-03 19:40 . 2009-03-03 19:40 <DIR> d-------- c:\program files\ESET
2009-03-03 19:40 . 2009-03-03 19:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET
2009-03-03 19:18 . 2009-03-03 19:18 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-03-03 19:18 . 2009-03-03 19:18 <DIR> d-------- c:\program files\AVG
2009-03-03 19:18 . 2009-03-03 19:25 <DIR> d-------- c:\documents and settings\comp3\Application Data\AVGTOOLBAR
2009-03-03 19:18 . 2009-03-03 19:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-03-03 19:18 . 2009-03-03 19:18 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-03-03 19:18 . 2009-03-03 19:18 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-03-03 18:41 . 2009-03-03 19:18 <DIR> d-------- c:\documents and settings\Administrator
2009-03-03 18:12 . 2009-03-03 19:18 <DIR> d-------- c:\documents and settings\Guest
2009-02-28 11:46 . 2009-02-28 11:47 <DIR> d-------- c:\program files\Sizer
2009-02-26 19:22 . 2009-02-27 12:14 <DIR> d-------- c:\documents and settings\comp3\Application Data\dvdcss
2009-02-26 12:42 . 2009-02-26 12:42 <DIR> d-------- c:\program files\Apple Software Update
2009-02-26 12:42 . 2009-02-26 12:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2009-02-21 16:39 . 2009-02-21 16:41 <DIR> d-------- c:\documents and settings\comp3\Application Data\Ahead
2009-02-21 16:39 . 2009-02-21 19:58 69 --a------ c:\windows\NeroDigital.ini
2009-02-21 16:38 . 2009-02-21 16:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Ahead
2009-02-20 18:24 . 2009-03-10 20:40 <DIR> d-------- c:\program files\Google
2009-02-20 13:23 . 2009-02-20 13:23 <DIR> d-------- c:\program files\Flash Movie Player
2009-02-19 19:20 . 2009-03-11 17:29 57,992 --ah----- c:\windows\system32\mlfcache.dat
2009-02-17 13:55 . 2009-02-17 13:55 <DIR> d-------- c:\documents and settings\comp3\Application Data\Media Player Classic
2009-02-14 17:23 . 2009-02-26 12:43 <DIR> d-------- c:\documents and settings\comp3\Application Data\Apple Computer
2009-02-13 20:33 . 2009-02-16 20:13 <DIR> d-------- c:\documents and settings\comp3\Application Data\Xilisoft Corporation
2009-02-13 16:42 . 2009-02-13 16:43 <DIR> d-------- c:\documents and settings\comp3\Application Data\vlc
2009-02-13 12:52 . 2009-02-13 12:52 <DIR> d-------- c:\program files\YouTube Downloader
2009-02-13 10:40 . 2009-03-12 12:10 <DIR> d-------- C:\My Web Sites
2009-02-13 10:39 . 2009-02-13 10:39 <DIR> d-------- c:\program files\WinHTTrack

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-12 14:47 --------- d-----w c:\program files\Mozilla Firefox 3 Beta 2
2009-03-12 11:44 --------- d-----w c:\documents and settings\comp3\Application Data\uTorrent
2009-03-11 10:03 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-03-11 07:46 --------- d-----w c:\program files\Microsoft Works
2009-02-26 07:13 --------- d-----w c:\program files\Safari
2009-02-20 08:01 --------- d-----w c:\program files\Macromedia
2009-02-20 08:01 --------- d-----w c:\program files\Common Files\Macromedia
2009-02-11 12:59 --------- d-----w c:\program files\uTorrent
2009-02-10 06:17 --------- d-----w c:\documents and settings\All Users\Application Data\Macrovision
2009-02-10 06:11 --------- d-----w c:\program files\Common Files\Adobe
2009-02-10 06:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-10 06:06 --------- d-----w c:\program files\Common Files\Macromedia Shared
2009-02-09 13:26 --------- d-----w c:\program files\VideoLAN
2009-02-09 08:25 --------- d-----w c:\documents and settings\All Users\Application Data\Adobe Systems
2009-02-09 06:04 --------- d-----w c:\program files\GlobalSCAPE
2009-02-09 06:04 --------- d-----w c:\documents and settings\comp3\Application Data\GlobalSCAPE
2009-02-09 06:04 --------- d-----w c:\documents and settings\All Users\Application Data\GlobalSCAPE
2009-02-09 05:18 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-09 05:17 --------- d-----w c:\program files\Opera
2009-02-09 05:17 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-02-08 06:58 --------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-02-05 07:46 --------- d-----w c:\documents and settings\comp3\Application Data\InterTrust
2009-02-05 07:41 315,392 ----a-w c:\windows\HideWin.exe
2009-02-05 07:41 --------- d-----w c:\program files\Realtek
2009-02-05 07:38 --------- d-----w c:\documents and settings\comp3\Application Data\InstallShield
2009-02-05 07:34 --------- d-----w c:\program files\Intel
2009-02-05 07:28 --------- d-----w c:\program files\microsoft frontpage
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"Google Update"="c:\documents and settings\comp3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-10 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-07-11 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-07-11 155648]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-07-11 131072]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-03 1234712]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-06 81000]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-11 c:\windows\RTHDCPL.exe]

c:\documents and settings\comp3\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Sizer.lnk - c:\program files\Sizer\sizer.exe [2002-12-08 18944]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-02-05 106560]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
--a------ 2007-01-02 02:52 3739648 c:\program files\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Documents and Settings\\comp3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\comp3\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56795:TCP"= 56795:TCP:BuildIntel SystemSpeech
"25551:TCP"= 25551:TCP:BuildIntel PackagesGames
"47906:TCP"= 47906:TCP:BuildIntel Microsofttwain
"14747:UDP"= 14747:UDP:BuildIntel OptionsOptions
"12180:TCP"= 12180:TCP:BuildIntel MakerVideo
"35691:UDP"= 35691:UDP:BuildIntel Documentswinsxs
"30545:UDP"= 30545:UDP:BuildIntel OfficeDownloaded
"15919:UDP"= 15919:UDP:BuildIntel Documentsinf

R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-12 114768]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-03 97928]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2007-12-21 30728]
R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-12 20560]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-03 231704]
R2 MsDtsServer;SQL Server Integration Services;c:\program files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2005-10-14 199384]
R2 msftesql$MASTER;SQL Server FullText Search (MASTER);c:\program files\Microsoft SQL Server\MSSQL.5\MSSQL\Binn\msftesql.exe [2006-02-14 92880]
R2 msftesql$MYMATE;SQL Server FullText Search (MYMATE);c:\program files\Microsoft SQL Server\MSSQL.4\MSSQL\Binn\msftesql.exe [2006-02-14 92880]
R2 msftesql$SQLEXPRESS_MAS;SQL Server FullText Search (SQLEXPRESS_MAS);c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe [2006-02-14 92880]
R2 MSSQL$MASTER;SQL Server (MASTER);c:\program files\Microsoft SQL Server\MSSQL.5\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
R2 MSSQL$MYMATE;SQL Server (MYMATE);c:\program files\Microsoft SQL Server\MSSQL.4\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
R2 MSSQL$SQLEXPRESS_MAS;SQL Server (SQLEXPRESS_MAS);c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
R3 slnt;Silan SC92031 PCI Fast Ethernet Adapter;c:\windows\system32\drivers\slnt.sys [2009-02-09 18004]
S2 jfmyihpecs;jfmyihpecs;c:\windows\System32\svchost.exe -k netsvcs [2004-08-04 14336]
S2 ReportServer$SQLEXPRESS;SQL Server Reporting Services (SQLEXPRESS); [x]
S2 ReportServer;SQL Server Reporting Services (MSSQLSERVER); [x]
S2 W32mon;Config Time;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
W32mon
Jnfoe
oafkez
ayxisuhag
JfmyIhpecs
.
Contents of the 'Scheduled Tasks' folder

2009-03-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-261903793-725345543-1003.job
- c:\documents and settings\comp3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-10 15:19]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-TkBellExe - realsched.exe
MSConfigStartUp-Email Protection - c:\progra~1\QUICKH~1\QUICKH~1\EMLPROUI.EXE
MSConfigStartUp-Messenger - c:\progra~1\QUICKH~1\QUICKH~1\SCANMSG.EXE
MSConfigStartUp-On-Line Protection - c:\progra~1\QUICKH~1\QUICKH~1\cateye.exe
MSConfigStartUp-ResumeQuickupDownload - c:\progra~1\QUICKH~1\QUICKH~1\acappaa.exe
MSConfigStartUp-Startup Scan - c:\progra~1\QUICKH~1\QUICKH~1\Sensor.EXE
MSConfigStartUp-Update Scheduler - c:\progra~1\QUICKH~1\QUICKH~1\UPSCHD.EXE


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bleepingcomputer.com/combofix/how-to-use-combofix
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {22BCDE5B-6F85-4EE9-8A86-DA3C2A943747} = 198.168.0.1
TCP: {7E698D0B-D550-4676-A421-B6F2526946C4} = 202.138.96.2,202.138.103.100
FF - ProfilePath - c:\documents and settings\comp3\Application Data\Mozilla\Firefox\Profiles\6blig0c1.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\comp3\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\comp3\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Opera\program\plugins\nppdf32.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-12 20:50:31
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet005\Services\msftesql$MASTER]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.5\MSSQL\Binn\msftesql.exe\" -s:MSSQL.5 -f:MASTER"

[HKEY_LOCAL_MACHINE\System\ControlSet005\Services\msftesql$MYMATE]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.4\MSSQL\Binn\msftesql.exe\" -s:MSSQL.4 -f:MYMATE"

[HKEY_LOCAL_MACHINE\System\ControlSet005\Services\msftesql$SQLEXPRESS_MAS]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\msftesql.exe\" -s:MSSQL.3 -f:SQLEXPRESS_MAS"

[HKEY_LOCAL_MACHINE\System\ControlSet005\Services\2262f094]
"ImagePath"="\SystemRoot\System32\drivers\2262f094.sys"
--

[HKEY_LOCAL_MACHINE\System\ControlSet005\Services\W32mon]
"ServiceDll"="c:\windows\system32\rmtrx.dll"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\documents and settings\comp3\temp\TeamViewer\Version4\TeamViewer.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Completion time: 2009-03-12 20:56:34 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-12 15:26:30

Pre-Run: 19,773,566,976 bytes free
Post-Run: 19,594,235,904 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Current=5 Default=5 Failed=4 LastKnownGood=6 Sets=1,2,3,4,5,6
289

[amateur]

Hello and welcome to TSF.

Apologies for the long delay in response. However, please note that ComboFix is not a commercial malware removal tool.

If you’ve read the Disclaimer (which you should have) you would have seen the statement in no uncertain terms that this tool is meant for private use and should never be used in an unsupervised environment.

As such, please note that any support, be it personal or public, is not provided. Any continued use without supervision is done so at your own risk.

Quote:

Why we don't ask you to run ComboFix from the onset

As stated by the author of ComboFix:

ComboFix is a very powerful tool which when improperly used may render your machine to a doorstop.

We first need to verify if there's any rootkits present and how they could affect our tools. DDS & GMER are preliminary scans. We use their logs to map our strategy for attack.

With these logs we can determine the infections present & decide whether to deploy ComboFix.