Hello.
My name is Zack, and I have an infected computer +)
The problem seems to be that AVG is either correctly or incorrectly diagnosing my computer as being infected via the atapi.sys file.
Usually I am able to take care of these problems myself, but I lack the deeper understanding of computer coding to take manual action without a guide.
I have searched your forums and found what appears to be a near identical problem.
The topic is here
http://www.computerhope.com/forum/index.php?topic=94511.0I have run Malware and the Combo fix programs, here are their logs.
Malwarebytes' Anti-Malware 1.44
Database version: 3523
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
2/13/2010 4:02:16 PM
mbam-log-2010-02-13 (16-02-16).txt
Scan type: Full Scan (A:\|C:\|D:\|)
Objects scanned: 386379
Time elapsed: 1 hour(s), 55 minute(s), 39 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
----------------------------------------------------------------
ComboFix 10-02-12.01 - Zack Newbold 02/13/2010 16:42:51.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.818 [GMT -7:00]
Running from: c:\documents and settings\Zack Newbold\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\AskSearch\bin\DefaultSearch.dll
C:\s
C:\smp.bat
c:\windows\system32\18467.exe
c:\windows\system32\tmp.reg
c:\windows\system32\warning.html
.
((((((((((((((((((((((((( Files Created from 2010-01-13 to 2010-02-13 )))))))))))))))))))))))))))))))
.
2010-01-30 22:56 . 2010-01-30 22:56 -------- d-----w- C:\WTablet
2010-01-20 04:36 . 2010-01-20 04:51 -------- d-----w- c:\documents and settings\Zack Newbold\Local Settings\Application Data\V-Safe 100
2010-01-19 06:50 . 2010-01-19 06:50 1260800 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2010-01-17 20:31 . 2009-03-09 18:34 971776 ----a-w- c:\documents and settings\Zack Newbold\Application Data\Mozilla\Firefox\Profiles\jo5nazo0.default\extensions\
[email protected]\platform\WINNT_x86-msvc\plugins\npmnqmp071303000006.dll
2010-01-17 03:42 . 2010-01-17 03:42 1794376 ----a-w- c:\documents and settings\Zack Newbold\Application Data\Move Networks\MoveMediaPlayerWin_071701000008.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-13 22:09 . 2010-01-14 07:04 0 ----a-w- c:\documents and settings\Zack Newbold\Local Settings\Application Data\prvlcl.dat
2010-02-13 20:31 . 2008-12-22 21:59 7 ----a-w- c:\windows\sbacknt.bin
2010-02-13 20:31 . 2008-07-09 05:18 -------- d-----w- c:\documents and settings\Zack Newbold\Application Data\WTablet
2010-02-13 20:23 . 2008-07-09 07:11 -------- d-----w- c:\documents and settings\LocalService\Application Data\WTablet
2010-02-06 03:05 . 2009-10-05 17:19 -------- d-----w- c:\documents and settings\Zack Newbold\Application Data\Skype
2010-02-05 23:18 . 2009-10-05 17:21 -------- d-----w- c:\documents and settings\Zack Newbold\Application Data\skypePM
2010-02-03 21:52 . 2006-01-30 20:23 -------- d-----w- c:\program files\Downloads
2010-02-03 04:29 . 2010-01-13 01:19 -------- d-----w- c:\program files\Cryptic Studios
2010-02-02 18:22 . 2007-10-04 06:41 -------- d-----w- c:\documents and settings\Zack Newbold\Application Data\uTorrent
2010-01-29 03:56 . 2007-12-01 06:22 -------- d-----w- c:\program files\Zune
2010-01-28 06:02 . 2006-02-19 06:39 -------- d-----w- c:\program files\Activision
2010-01-19 06:50 . 2010-01-06 19:05 3777280 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\setup.exe
2010-01-17 03:43 . 2007-10-04 06:30 -------- d-----w- c:\documents and settings\Zack Newbold\Application Data\Move Networks
2010-01-13 01:28 . 2010-01-12 01:41 -------- d-----w- c:\documents and settings\Zack Newbold\Application Data\IGN_DLM
2010-01-12 01:40 . 2010-01-12 01:40 -------- d-----w- c:\program files\Download Manager
2010-01-12 01:27 . 2010-01-12 01:26 -------- d-----w- c:\program files\StarTrek Online
2010-01-10 07:46 . 2009-03-31 19:47 -------- d-----w- c:\program files\Windows Live Safety Center
2010-01-09 00:05 . 2010-01-08 02:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-09 00:05 . 2010-01-09 00:05 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-09 00:02 . 2007-12-04 06:45 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-08 02:41 . 2010-01-08 02:41 -------- d-----w- c:\documents and settings\Zack Newbold\Application Data\Malwarebytes
2010-01-08 02:41 . 2010-01-08 02:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-07 23:37 . 2009-11-05 08:45 79488 ----a-w- c:\documents and settings\Zack Newbold\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-07 23:07 . 2010-01-08 02:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 23:07 . 2010-01-08 02:41 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-07 21:38 . 2010-01-07 21:38 447216 ----a-w- c:\windows\system32\ZuneWlanCfgSvc.exe
2010-01-07 21:38 . 2010-01-07 21:38 58592 ----a-w- c:\windows\system32\ZuneBusEnum.exe
2010-01-07 21:22 . 2009-09-02 06:28 40832 ----a-w- c:\windows\system32\drivers\zumbus.sys
2010-01-07 18:55 . 2010-01-07 18:55 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-01-07 18:00 . 2009-12-07 21:21 -------- d-----w- c:\program files\Steam
2010-01-06 18:56 . 2009-04-01 04:07 -------- d-----w- c:\program files\AVG
2010-01-06 18:56 . 2009-04-01 04:07 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-01-06 18:56 . 2009-04-01 04:07 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-01-06 18:56 . 2009-04-01 04:07 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-06 18:55 . 2009-04-01 04:07 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-16 21:42 . 2010-01-07 07:57 872960 ----a-w- c:\documents and settings\Zack Newbold\Application Data\Mozilla\Firefox\Profiles\jo5nazo0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-12-16 21:42 . 2010-01-07 07:57 43008 ----a-w- c:\documents and settings\Zack Newbold\Application Data\Mozilla\Firefox\Profiles\jo5nazo0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-16 21:42 . 2010-01-07 07:57 340480 ----a-w- c:\documents and settings\Zack Newbold\Application Data\Mozilla\Firefox\Profiles\jo5nazo0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-16 21:41 . 2010-01-07 07:57 346624 ----a-w- c:\documents and settings\Zack Newbold\Application Data\Mozilla\Firefox\Profiles\jo5nazo0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-07 01:02 . 2009-12-07 01:02 965344 ----a-w- c:\documents and settings\Zack Newbold\Application Data\Move Networks\MoveMediaPlayer_win_mozilla_071303000006.exe
2008-02-29 19:40 . 2008-02-29 19:40 423736 ----a-w- c:\program files\avgarkt-setup-1.1.0.42.exe
2006-03-10 00:22 . 2006-03-10 00:21 692014058 ----a-w- c:\program files\Poser6E_W_app.zip
.
------- Sigcheck -------
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 19:40 . 92EE84D93035566F9EF1E244CEB9BC12 . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-09 04:08 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-09 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-09 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-05 81920]
"Google Update"="c:\documents and settings\Zack Newbold\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-14 133104]
"igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-10-27 1103216]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-21 131072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-01 136600]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-01-07 158448]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-28 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-28 13918208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-04-17 9117696]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
c:\documents and settings\Zack Newbold\Start Menu\Programs\Startup\
DesktopVideoPlayer.LNK - c:\program files\vghd\vghd.exe [2009-11-15 423248]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Wireless Configuration Utility HW.14.lnk - c:\program files\802.11 Wireless LAN\802.11g USB 2.0 WLAN Dongle\WlanCU.exe [2007-8-29 606208]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-01-06 18:55 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Activision\\Sfc3\\SFC3.exe"=
"c:\\Program Files\\Curious Labs\\Poser 6\\Poser.exe"=
"c:\\Program Files\\VentSrv\\ventrilo_srv.exe"=
"c:\\Program Files\\Teamspeak2_RC2\\server_windows.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\z Clean\\WOWEx_Blizcon-downloader.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Roxio\\Media Manager 9\\MediaManager9.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Sony\\Station\\LaunchPad\\LaunchPad.exe"=
"c:\\Program Files\\FrostWire\\FrostWire.exe"=
"c:\\Program Files\\THQ\\Company of Heroes\\RelicCOH.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Tortun\\gui.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Soulstorm\\Soulstorm.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Empire at War\\GameData\\sweaw.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Empire at War Forces of Corruption\\swfoc.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\Dragon Age Origins Character Creator\\bin_ship\\DAOCharacterCreator.exe"=
"c:\\Program Files\\Dragon Age Origins Character Creator\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3/31/2009 9:07 PM 333192]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3/31/2009 9:07 PM 360584]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [1/7/2010 11:55 AM 285392]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [11/24/2008 1:20 AM 14976]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [7/8/2008 10:18 PM 1373480]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [11/1/2007 3:35 PM 24652]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [9/10/2009 1:27 PM 215040]
R3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [10/2/2002 8:57 AM 13532]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 6:19 PM 13592]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [7/23/2003 12:16 PM 22821]
S3 Flis18mwns;Flis18mwns;c:\windows\system32\keystone.exe [2/18/2009 1:44 PM 436768]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - SJYPKT
.
Contents of the 'Scheduled Tasks' folder
2010-02-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
2010-02-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-854245398-725345543-1004Core.job
- c:\documents and settings\Zack Newbold\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-14 06:32]
2010-02-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-854245398-725345543-1004UA.job
- c:\documents and settings\Zack Newbold\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-14 06:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com?o=101676&l=dis
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101664&gct=&gc=1&q=%s
IE: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
IE: &Search - ?p=ZNxdm414DQUS
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
DPF: {E3E02F12-2ADB-478C-8742-5F0819F9F0F4} - hxxp://qmedia.xlontech.net/100170/sdk/latest/qsp2ie06041001.cab
FF - ProfilePath - c:\documents and settings\Zack Newbold\Application Data\Mozilla\Firefox\Profiles\jo5nazo0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1231307&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101664&gct=&gc=1&q=
FF - component: c:\documents and settings\Zack Newbold\Application Data\Mozilla\Firefox\Profiles\jo5nazo0.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\Zack Newbold\Application Data\Mozilla\Firefox\Profiles\jo5nazo0.default\extensions\
[email protected]\platform\WINNT_x86-msvc\plugins\npmnqmp071303000006.dll
FF - plugin: c:\documents and settings\Zack Newbold\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Download Manager\npfpdlm.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
- - - - ORPHANS REMOVED - - - -
URLSearchHooks-{C94E154B-1459-4A47-966B-4B843BEFC7DB} - c:\program files\AskSearch\bin\DefaultSearch.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Plazmic CDK 4.2.2 for BlackBerry - c:\program files\Plazmic CDK 4.2.2\Uninstall Plazmic CDK 4.2.2 for BlackBerry\Uninstall Plazmic CDK 4.2.2
AddRemove-ShipEdit - c:\program files\taldren software inc\tools and such\Uninst.isu
AddRemove-_{0C180787-F8C8-42FD-A9D3-689BA44BEAAF} - c:\program files\Corel\Corel Painter Essentials 3\MSILauncher {0C180787-F8C8-42FD-A9D3-689BA44BEAAF}
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-02-13 16:51
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2010-02-13 16:57:20
ComboFix-quarantined-files.txt 2010-02-13 23:57
Pre-Run: 21,284,114,432 bytes free
Post-Run: 22,785,761,280 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 86A8459A3CB406B4A3735681A4980E68
-------------------------------------------------------------------------------
Thank you for any assistance you are able to offer me in advance.
Please let me know if there is any additional information that you require from me.