ComboFix 10-02-16.03 - Owner 02/17/2010 17:39:38.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1524 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ADASPROT
-------\Service_ADASPROT
((((((((((((((((((((((((( Files Created from 2010-01-17 to 2010-02-17 )))))))))))))))))))))))))))))))
.
2010-02-16 04:46 . 2010-02-16 04:46 -------- d-----w- c:\program files\Common Files\Java
2010-02-16 04:46 . 2010-02-16 04:46 348160 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-58030aed-n\msvcr71.dll
2010-02-16 04:46 . 2010-02-16 04:46 503808 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-58030aed-n\msvcp71.dll
2010-02-16 04:46 . 2010-02-16 04:46 499712 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-58030aed-n\jmc.dll
2010-02-16 04:45 . 2010-02-16 04:45 61440 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-72c690e5-n\decora-sse.dll
2010-02-16 04:45 . 2010-02-16 04:45 12800 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-72c690e5-n\decora-d3d.dll
2010-02-16 04:18 . 2010-01-07 22:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-16 04:18 . 2010-02-16 04:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-16 04:18 . 2010-01-07 22:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-16 03:12 . 2010-02-16 03:12 52224 ----a-w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-02-16 03:12 . 2010-02-16 03:12 117760 ----a-w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-02-16 02:46 . 2010-02-16 02:46 -------- d-----w- c:\program files\CCleaner
2010-02-14 04:13 . 2010-02-14 04:13 -------- d-----w- c:\windows\Sun
2010-02-10 21:09 . 2009-11-27 17:23 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-02-10 21:09 . 2009-11-27 16:07 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2010-02-10 21:09 . 2009-11-27 16:07 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-02-10 21:08 . 2009-12-04 17:25 456832 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-08 01:09 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-08 01:09 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-08 01:09 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-08 01:09 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-08 01:09 . 2010-02-11 18:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-08 01:09 . 2010-02-11 18:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-08 01:09 . 2010-02-11 18:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-08 01:09 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-08 01:09 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-08 01:09 . 2010-02-08 01:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-07 23:39 . 2010-02-16 03:11 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-02-07 06:00 . 2010-01-14 17:12 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-02-07 05:29 . 2010-02-07 05:29 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Threat Expert
2010-02-06 19:40 . 2010-02-16 06:01 -------- d-----w- c:\program files\Trend Micro
2010-02-06 12:29 . 2010-02-06 20:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Systweak
2010-02-06 12:25 . 2010-02-06 20:08 -------- d-----w- c:\documents and settings\Owner\Application Data\Systweak
2010-02-06 12:19 . 2010-02-06 19:11 0 ----a-w- c:\windows\IntIgn0xF28456.dat
2010-02-02 14:15 . 2009-12-17 06:09 49241 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_BunkerHill.dll
2010-02-02 14:15 . 2009-12-16 13:07 136528 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\Vercopy.exe
2010-02-02 14:15 . 2009-12-15 12:33 120144 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\SBFix.exe
2010-02-02 14:15 . 2009-12-15 12:14 95568 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\RunOnce.exe
2010-02-02 14:15 . 2009-12-15 10:35 106496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_Raga_Refresh.dll
2010-02-02 14:15 . 2009-12-14 22:00 106496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_Almaak.dll
2010-02-02 14:15 . 2009-12-14 20:06 106496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_Thailand.dll
2010-02-02 14:15 . 2009-12-14 20:03 106496 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4482\sb_Strauss.dll
2010-01-29 12:51 . 2010-01-29 12:51 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Yahoo
2010-01-29 12:51 . 2010-01-29 12:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-01-26 00:26 . 2010-02-16 02:35 -------- d-----w- c:\program files\Unlocker
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-17 23:43 . 2009-08-06 06:25 720 ----a-w- c:\documents and settings\All Users\Application Data\ArcSoft\kodak-printcreations-22-080812-oem\acforall.dll
2010-02-17 09:17 . 2009-06-03 20:59 -------- d-----w- c:\program files\Defraggler
2010-02-16 04:45 . 2009-11-19 06:15 -------- d-----w- c:\program files\Java
2010-02-16 03:11 . 2009-08-14 03:44 -------- d-----w- c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com
2010-02-16 03:11 . 2009-12-22 23:15 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-08 01:09 . 2009-06-03 20:58 -------- d-----w- c:\program files\Alwil Software
2010-02-07 05:41 . 2009-09-12 18:10 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-04 16:06 . 2009-09-01 20:10 -------- d-----w- c:\documents and settings\Owner\Application Data\AOL
2010-02-02 14:15 . 2009-09-01 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads
2010-01-29 12:51 . 2009-08-15 14:52 -------- d-----w- c:\documents and settings\Owner\Application Data\Yahoo!
2010-01-29 12:51 . 2009-08-15 14:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-01-29 12:51 . 2009-08-15 14:52 -------- d-----w- c:\program files\Yahoo!
2010-01-17 13:12 . 2009-11-19 06:30 -------- d-----w- c:\program files\Common Files\AVSMedia
2010-01-17 13:11 . 2009-11-19 06:29 -------- d-----w- c:\program files\AVS4YOU
2010-01-17 03:00 . 2009-06-04 14:07 67880 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-17 02:56 . 2010-01-16 02:26 -------- d-----w- c:\program files\Roxio
2010-01-17 02:56 . 2010-01-16 02:25 -------- d-----w- c:\program files\Common Files\Roxio Shared
2010-01-17 02:55 . 2010-01-16 02:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Roxio
2010-01-16 02:37 . 2010-01-16 02:34 -------- d-----w- c:\documents and settings\Owner\Application Data\Roxio
2010-01-16 02:35 . 2010-01-16 02:35 -------- d-----w- c:\documents and settings\LocalService\Application Data\Roxio
2010-01-16 02:30 . 2010-01-16 02:30 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2010-01-16 02:29 . 2010-01-16 02:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
2010-01-16 02:27 . 2009-06-10 17:29 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-16 02:25 . 2010-01-16 02:25 -------- d-----w- c:\program files\DivX
2010-01-15 21:17 . 2010-01-15 21:17 -------- d-----w- c:\program files\Windows Media Connect 2
2010-01-13 19:53 . 2010-01-13 19:53 -------- d-----w- c:\documents and settings\All Users\Application Data\XoftSpySE
2010-01-12 00:42 . 2010-01-12 00:39 164 ----a-w- c:\windows\install.dat
2010-01-05 09:57 . 2008-10-16 19:24 841216 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2007-08-13 15:45 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2007-01-08 16:01 17408 ----a-w- c:\windows\system32\corpol.dll
2010-01-01 07:58 . 2008-09-08 10:37 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 23:15 . 2009-12-22 23:12 -------- d-----w- c:\program files\LeapFrog
2009-12-22 23:14 . 2009-12-22 23:14 28696928 ----a-w- c:\documents and settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Updates\UPCInstaller.exe
2009-12-22 23:13 . 2009-12-22 23:13 4852064 ----a-w- c:\documents and settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Updates\Leapster2Plugin.exe
2009-12-22 23:12 . 2009-12-22 23:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Leapfrog
2009-12-17 23:14 . 2009-11-19 06:15 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-16 18:43 . 2009-06-03 20:44 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2008-04-14 10:41 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 18:20 . 2008-08-14 09:39 2145280 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:40 . 2008-08-14 04:09 2023936 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 17:25 . 2008-10-24 10:41 456832 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:23 . 2008-05-07 04:04 1291776 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:23 . 2008-04-14 05:42 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07 . 2006-02-28 11:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2001-08-17 22:36 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2008-04-14 10:42 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:07 . 2008-04-14 10:41 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2008-04-14 05:41 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-21 15:51 . 2008-04-14 10:41 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-07-11 13:53 . 2009-07-11 13:53 36122624 ----a-w- c:\program files\ess_nt32_enu.msi
.
((((((((((((((((((((((((((((( SnapShot@2010-02-17_22.03.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-17 23:43 . 2010-02-17 23:43 16384 c:\windows\temp\Perflib_Perfdata_8d4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DisCryptor Free"="c:\program files\DisCryptor Free\DisCryptor.exe" [2009-02-01 1671168]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-03 111856]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-03 111856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-12 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-12 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-12 141336]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-11 39792]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 196608]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2005-03-23 217088]
"Dorland Anywhere"="c:\program files\Dorland\Anywhere\DorAny.exe" [2008-01-23 409600]
"hp 1000 firmware"="c:\program files\hp LaserJet 1000\fwdl.exe" [2001-12-15 36864]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"HostManager"="c:\program files\Common Files\AOL\1251835694\ee\AOLSoftware.exe" [2008-06-24 41824]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2009-11-10 443728]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-08-25 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-08-25 81920]
"YMailAdvisor"="c:\program files\Yahoo!\Common\YMailAdvisor.exe" [2009-05-08 174424]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-03 111856]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Device Detector 4.lnk - c:\program files\OLYMPUS\DeviceDetector\DeviceDetector4.exe [2008-8-5 397312]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2009-7-10 323584]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\aol\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\aol\\1251835694\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.1\\waol.exe"=
"c:\\Program Files\\Common Files\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\aol\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\aol\\System Information\\sinf.exe"=
"c:\\Program Files\\OLYMPUS\\DSSPlayerStandard\\TranscriptionModule.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/7/2010 7:09 PM 162512]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [1/5/2010 7:56 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [1/5/2010 7:56 AM 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/7/2010 7:09 PM 19024]
R3 Olympus DVR Service;Olympus DVR Service;c:\program files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [8/5/2008 2:58 PM 167936]
R4 discryptor;discryptor;c:\program files\DisCryptor Free\discryptor.sys [2/1/2009 3:55 PM 265984]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [1/5/2010 7:56 AM 7408]
.
Contents of the 'Scheduled Tasks' folder
2010-02-17 c:\windows\Tasks\User_Feed_Synchronization-{8E86AB1F-EB25-48A4-AFD3-B0077CB92854}.job
- c:\windows\system32\msfeedssync.exe [2009-06-03 23:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
IE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
IE: &Search
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\lsimge42.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tb50ffTB50CLie7&query=
FF - prefs.js: browser.search.selectedEngine - AOL Search
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com
FF - prefs.js: keyword.URL - hxxp://search.aol.com/aolcom/search?invocationType=tb50ffTB50CLab&query=
FF - component: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\lsimge42.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\WinampPlayer.dll
FF - plugin: c:\documents and settings\Owner\Local Settings\Application Data\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-02-17 17:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(716)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\windows\System32\dimsntfy.dll
- - - - - - - > 'explorer.exe'(1056)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\zstatus.exe
.
**************************************************************************
.
Completion time: 2010-02-17 17:45:06 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-17 23:45
ComboFix2.txt 2010-02-17 22:04
Pre-Run: 145,485,348,864 bytes free
Post-Run: 145,380,700,160 bytes free
- - End Of File - - B72B4EEF571518FD2250AD7A3612872D
7-Zip 4.65
AC3Filter (remove only)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.1
Adobe Shockwave Player
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
AutoUpdate
avast! Free Antivirus
CCleaner
CCScore
CDBurnerXP
Defraggler
DisCryptor Free - Encryption Software
DivX
Dorland's Electronic Medical Speller
Download Updater (AOL LLC)
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
fflink
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
hp LaserJet 1000
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 18
K-Lite Mega Codec Pack 3.8.0
kgcbaby
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
LeapFrog Connect
LeapFrog Leapster2 Plugin
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 5.3
Microsoft IntelliType Pro 5.3
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Small Business Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.0.5)
MSXML 4.0 SP2 (KB973688)
netbrdg
OfotoXMI
Olympus DSS Player Standard
OpenOffice.org 3.0
QuickTime
Realtek High Definition Audio Driver
rjhExtensions
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
SFR
SHASTA
skin0001
SKINXSDK
staticcr
SUPERAntiSpyware Free Edition
Uninstall AOL Emergency Connect Utility 1.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
Viewpoint Media Player
VPRINTOL
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
Windows Vista Wallpapers
WIRELESS
XML Paper Specification Shared Components Pack 1.0
Yahoo! BrowserPlus
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Mail Advisor
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar