ComboFix 13-09-13.03 - Administrator 09/13/2013 21:43:57.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.1361 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
.
.
((((((((((((((((((((((((( Files Created from 2013-08-14 to 2013-09-14 )))))))))))))))))))))))))))))))
.
.
2013-09-13 16:01 . 2013-08-06 07:28 7166848 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4178448A-D2FA-49D7-936B-1AA86D7D41A2}\mpengine.dll
2013-09-11 23:07 . 2013-09-11 23:07 9430408 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-09-11 22:25 . 2013-08-06 07:28 7166848 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-11 03:07 . 2013-09-11 03:07 -------- d-----w- c:\documents and settings\LocalService\Application Data\Windows Desktop Search
2013-09-11 03:07 . 2013-09-11 03:07 -------- d-----w- c:\windows\ERUNT
2013-09-10 23:45 . 2013-09-10 23:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\Islands
2013-09-10 23:10 . 2013-09-10 23:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\YoudaGames
2013-09-10 23:08 . 2013-09-10 23:08 -------- d-----w- c:\program files\Youda Survivor
2013-09-10 23:07 . 2013-09-10 23:08 -------- d-----w- c:\program files\Farm Frenzy - Gone Fishing
2013-09-10 23:06 . 2013-09-10 23:07 -------- d-----w- c:\program files\Island Tribe
2013-09-10 21:13 . 2013-09-10 21:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2013-09-10 21:12 . 2013-09-10 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-09-10 21:12 . 2013-09-10 21:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-10 21:12 . 2013-04-04 18:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-10 00:44 . 2013-09-10 00:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\HipSoft
2013-09-09 01:28 . 2013-09-11 02:48 -------- d-----w- C:\AdwCleaner
2013-09-09 01:12 . 2013-09-09 01:12 -------- d-----w- c:\program files\CCleaner
2013-09-06 02:18 . 2013-09-06 02:18 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Search
2013-09-06 00:52 . 2013-09-06 00:52 -------- d-----w- c:\program files\Super Granny 5
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-09-04 02:55 . 2013-09-04 02:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\Rumbic Studio
2013-09-04 02:46 . 2013-09-04 02:47 -------- d-----w- c:\program files\Lost in Reefs 2
2013-09-04 00:10 . 2013-09-04 01:09 -------- d-----w- c:\program files\Oberon Media SIDR
2013-09-04 00:09 . 2013-09-04 00:09 -------- d-----w- c:\program files\Common Files\Oberon Media
2013-09-04 00:09 . 2013-09-04 22:13 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\GamesManager
2013-09-04 00:08 . 2013-09-04 00:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Oberon Media
2013-09-03 21:35 . 2013-09-03 21:35 -------- d-----w- c:\program files\Trivia Machine Reloaded
2013-09-03 21:35 . 2013-09-03 21:35 -------- d-----w- c:\program files\Asian Riddles
2013-09-03 21:34 . 2013-09-03 21:35 -------- d-----w- c:\program files\Lost Head
2013-09-03 20:15 . 2013-09-04 22:08 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory
2013-09-03 19:36 . 2013-09-03 19:36 -------- d-----w- c:\program files\Microsoft
2013-09-03 19:36 . 2013-09-03 19:36 -------- d-----w- c:\program files\Windows Live SkyDrive
2013-09-03 19:36 . 2013-09-03 19:36 -------- d-----w- c:\program files\Windows Live
2013-09-03 19:34 . 2013-09-03 19:34 -------- d-----w- c:\program files\Common Files\Windows Live
2013-09-03 19:02 . 2013-09-03 19:02 -------- d-----w- c:\windows\system32\winrm
2013-09-03 19:02 . 2013-09-03 19:03 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2013-09-03 19:02 . 2013-09-03 19:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Desktop Search
2013-09-03 19:02 . 2013-09-03 20:19 -------- d-----w- c:\program files\Windows Desktop Search
2013-09-03 19:02 . 2013-09-03 19:02 -------- d-----w- c:\windows\system32\GroupPolicy
2013-09-03 18:59 . 2013-09-03 18:59 -------- d-----w- c:\windows\system32\URTTEMP
2013-09-03 18:57 . 2011-08-16 10:32 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2013-09-02 16:24 . 2008-04-14 11:00 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2013-08-30 23:48 . 2005-04-15 23:58 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2013-08-30 23:48 . 2004-04-25 19:39 53248 ----a-w- c:\windows\system32\SSubTmr6.dll
2013-08-30 23:48 . 2003-06-23 07:05 262144 ----a-w- c:\windows\system32\vbaListView6.ocx
2013-08-30 23:48 . 2003-06-22 12:31 65536 ----a-w- c:\windows\system32\vbalProgBar6.ocx
2013-08-30 23:48 . 2001-01-08 21:22 61440 ----a-w- c:\windows\system32\mkcHyperlink.ocx
2013-08-30 23:48 . 2013-08-30 23:48 -------- d-----w- c:\program files\Bad Shortcut Killer
2013-08-29 18:16 . 2013-08-29 18:17 -------- d-----w- c:\program files\Finders
2013-08-29 15:28 . 2013-08-29 15:28 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\NVIDIA
2013-08-29 15:26 . 2013-08-29 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2013-08-29 14:49 . 2012-02-29 23:58 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2013-08-29 14:49 . 2012-02-29 23:58 65536 ----a-w- c:\windows\system32\OpenCL.dll
2013-08-29 02:16 . 2013-08-29 02:16 -------- d-----w- c:\documents and settings\Administrator\Saved Games
2013-08-29 02:07 . 2013-08-29 02:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\TrickySoftware
2013-08-29 02:02 . 2013-08-29 02:02 -------- d-----w- c:\program files\Armado HD
2013-08-29 01:59 . 2013-08-29 02:16 -------- d-----w- c:\program files\Scrabble
2013-08-29 01:59 . 2013-08-29 01:59 -------- d-----w- c:\program files\Royal Defense - Invisible Threat
2013-08-27 05:55 . 2013-08-27 05:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\PlightOfTheZombie
2013-08-27 05:52 . 2013-08-27 05:53 -------- d-----w- c:\program files\Plight of the Zombie
2013-08-27 04:48 . 2013-08-27 04:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Maximize Games
2013-08-27 04:47 . 2013-08-27 04:48 -------- d-----w- c:\program files\Push The Box
2013-08-27 03:06 . 2013-08-27 03:06 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Lightmare Studio
2013-08-27 02:41 . 2013-08-27 02:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\AlderGames
2013-08-26 22:22 . 2013-08-26 22:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\Picsoft
2013-08-26 22:13 . 2013-08-26 22:22 -------- d-----w- c:\program files\Beware Planet Earth
2013-08-26 22:10 . 2013-08-26 22:11 -------- d-----w- c:\program files\Mini Robot Wars
2013-08-26 22:06 . 2013-08-26 22:07 -------- d-----w- c:\program files\BugBits
2013-08-26 21:37 . 2013-08-26 21:44 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\plantthis
2013-08-26 21:36 . 2013-08-26 21:37 -------- d-----w- c:\program files\Plant This
2013-08-25 05:08 . 2013-08-25 05:09 -------- d-----w- c:\program files\Virtual Villagers - The Secret City
2013-08-25 05:01 . 2013-08-27 04:07 -------- d-----w- c:\program files\Sea Bounty
2013-08-24 22:04 . 2013-08-24 22:05 -------- d-----w- c:\program files\Puzzle Bots
2013-08-24 04:08 . 2013-08-24 04:08 -------- d-----w- c:\documents and settings\All Users\Application Data\FireGlow
2013-08-24 04:07 . 2013-08-24 04:08 -------- d-----w- c:\program files\The Golden Path of Plumeboom
2013-08-23 04:19 . 2013-08-23 04:19 -------- d-----w- C:\NvidiaLogging
2013-08-23 04:19 . 2013-08-29 14:52 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2013-08-23 04:16 . 2013-08-23 04:16 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2013-08-23 04:16 . 2013-08-23 04:16 -------- d-----w- c:\documents and settings\UpdatusUser
2013-08-21 18:32 . 2013-08-21 18:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\EleFun Games
2013-08-21 18:20 . 2013-08-21 18:21 -------- d-----w- c:\program files\Risk
2013-08-21 16:43 . 2013-08-21 16:43 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2013-08-21 16:43 . 2013-08-21 16:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-08-21 16:43 . 2013-08-21 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2013-08-20 01:34 . 2013-08-26 22:14 -------- d--h--w- c:\windows\msdownld.tmp
2013-08-20 01:34 . 2013-09-09 01:24 -------- d-----w- c:\windows\Logs
2013-08-20 01:01 . 2013-08-20 01:06 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-08-20 01:01 . 2013-08-20 01:01 -------- d-----w- c:\windows\system32\drivers\NSS
2013-08-20 01:01 . 2013-08-20 01:01 -------- d-----w- c:\program files\Norton Security Scan
2013-08-20 01:01 . 2013-08-20 01:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2013-08-20 01:01 . 2013-08-20 01:01 -------- d-----w- c:\program files\NortonInstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 23:07 . 2013-07-05 15:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-11 23:07 . 2013-07-05 15:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-09 01:56 . 2008-04-14 11:00 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-08 06:05 . 2009-12-08 17:07 920064 ----a-w- c:\windows\system32\wininet.dll
2013-08-08 06:05 . 2009-12-08 17:06 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-08-08 06:05 . 2009-11-05 12:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-08-08 06:05 . 2009-11-05 12:53 18944 ----a-w- c:\windows\system32\corpol.dll
2013-08-08 01:27 . 2009-11-10 16:54 1877760 ----a-w- c:\windows\system32\win32k.sys
2013-08-08 00:02 . 2009-11-05 12:53 385024 ----a-w- c:\windows\system32\html.iec
2013-08-05 13:30 . 2008-04-14 11:00 1289728 ----a-w- c:\windows\system32\ole32.dll
2013-08-03 18:18 . 2009-11-05 13:34 1543680 ----a-w- c:\windows\system32\wmvdecod.dll
2013-07-10 10:37 . 2008-04-14 11:00 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-06 04:20 . 2013-07-06 04:20 0 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2013-07-05 15:58 . 2013-07-05 15:58 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-05 15:58 . 2013-07-05 15:58 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-05 15:58 . 2013-07-05 15:58 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-05 15:58 . 2013-07-05 15:58 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-04 03:03 . 2009-11-05 12:53 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08 . 2009-08-04 14:20 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-19 01:50 . 2013-01-20 19:59 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-11-05 . 600D58665D16BFBB776EFEFB0E80532D . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2013-03-12 20143688]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 995176]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2013-05-01 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
"IE8"="advpack.dll" [2009-11-05 128512]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 12:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 5:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [5/23/2013 4:11 PM 119056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7/5/2013 11:54 AM 1691480]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [7/5/2013 3:28 AM 594048]
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-05 23:07]
.
2013-08-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2013-09-03 c:\windows\Tasks\Norton Security Scan for Administrator.job
- c:\progra~1\NORTON~2\Engine\401~1.16\Nss.exe [2013-08-20 12:59]
.
2013-08-27 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a0992390-a3e7-4761-94db-a4ae5a5f0522.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-05-23 20:21]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.computerhope.com/
uInternet Connection Wizard,ShellNext = iexplore
TCP: DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2013-09-13 21:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1960408961-606747145-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5
977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c7,df,6f,db,1e,aa,f3,45,af,10,0b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839
E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c7,df,6f,db,1e,aa,f3,45,af,10,0b,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222
A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c7,df,6f,db,1e,aa,f3,45,af,10,0b,\
.
[HKEY_USERS\S-1-5-21-1960408961-606747145-1801674531-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3512)
c:\windows\system32\WININET.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Completion time: 2013-09-13 21:48:51
ComboFix-quarantined-files.txt 2013-09-14 01:48
.
Pre-Run: 59,380,715,520 bytes free
Post-Run: 59,648,417,792 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 892E5729B16302783435948191F46133
8F558EB6672622401DA993E1E865C861