Hi I'm posting this from the infected laptop using wireless
but it took awhile first when I when 2 turn off my firewall to install Combo fix I discovered it
was off . could a virus do that? I don't remember turning it off ...but some days I'm so busy I don't no if I’m coming or going. Any road ,I went through the whole removal guide again ...And low and behold.... spy ware, malware, Trojans..( I'll attach logs to this post) when I went to install Combo from the zip drive it told me to uninstall and to uninstall and try again I downloaded in safe mode and saved to desktop. ...I restarted in normal and the icon was not on my desktop so back to safe and ran it there ..when it said to restart I got nervous but it restarted in normal and continued its fix below is the log
OK I can’t find the Super anti spyware log.. I know I ran It..It must be in safe mode … I must have been tired cuz I don’t remember running it in safe mode.. There’s an Administrator user in safe mode that doesn’t load in normal ( I opened that instead of mine so I wouldn’t have to enter my password ( I have ADD and do stupid things like that sometimes …impatient and impulsive )That’s where the Combo fix icon is ….If you need to see it I’ll get it 4 you right now I have to get back to mom…
Thank you so much
ComboFix 09-05-14.03 - default 05/15/2009 1:37.1 -
FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.278 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrator\Local Settings\Temp\Perflib_Perfdata__755.dat
c:\windows\start.exe
c:\windows\system32\drivers\ovfsthxlklrxuje.sys
c:\windows\system32\ovfsthxboxttdrg.dll
c:\windows\system32\ovfsthxdfjwsnsr.dat
c:\windows\system32\ovfsthxnkirtbwu.dat
c:\windows\system32\ovfsthxsviletqf.dll
c:\windows\system32\ovfsthxyxuwkrwr.dll
c:\windows\system32\uniq.tll
c:\windows\system32\windows.scr
c:\windows\Web\default.htt
C:\xcrashdump.dat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_ovfsthxibwafpby
((((((((((((((((((((((((( Files Created from 2009-04-15 to 2009-05-15 )))))))))))))))))))))))))))))))
.
2009-05-15 05:34 . 2009-05-15 05:34 -------- d-sh--w C:\FOUND.001
2009-05-14 21:10 . 2009-05-14 21:10 -------- d-----w c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-05-14 21:08 . 2009-05-14 21:08 -------- d-----w c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-05-14 02:18 . 2009-05-14 02:18 74352 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-12 03:59 . 2009-05-12 03:59 -------- d-----w c:\program files\Trend Micro
2009-05-12 03:19 . 2009-05-12 03:19 -------- d-----w c:\documents and settings\default\Application Data\Malwarebytes
2009-05-12 03:19 . 2009-05-12 03:19 -------- d-----w c:\documents and settings\default\Application Data\Malwarebytes
2009-05-12 03:19 . 2009-04-06 19:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-12 03:19 . 2009-04-06 19:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-12 03:19 . 2009-05-12 03:19 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-12 03:19 . 2009-05-12 03:19 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-12 01:22 . 2009-05-12 01:22 -------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-12 01:22 . 2009-05-12 01:22 -------- d-----w c:\program files\SUPERAntiSpyware
2009-05-12 01:22 . 2009-05-12 01:22 -------- d-----w c:\documents and settings\default\Application Data\SUPERAntiSpyware.com
2009-05-12 01:22 . 2009-05-12 01:22 -------- d-----w c:\documents and settings\default\Application Data\SUPERAntiSpyware.com
2009-05-11 18:24 . 2009-05-11 18:24 -------- d-----w c:\program files\CCleaner
2009-05-09 20:46 . 2009-05-09 20:46 -------- d-----w c:\documents and settings\default\Apps
2009-05-09 19:35 . 2009-05-09 19:35 -------- d-----w c:\documents and settings\All Users\Application Data\WEBREG
2009-05-09 18:51 . 2009-05-09 18:51 -------- d-----w c:\documents and settings\default\Application Data\HP
2009-05-09 18:51 . 2009-05-09 18:51 -------- d-----w c:\documents and settings\default\Application Data\HP
2009-05-09 18:49 . 2008-01-24 21:29 16496 ----a-r c:\windows\system32\drivers\HPZipr12.sys
2009-05-09 18:49 . 2008-01-24 21:29 49920 ----a-r c:\windows\system32\drivers\HPZid412.sys
2009-05-09 18:49 . 2009-05-09 18:49 -------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-05-09 18:49 . 2008-01-24 21:31 271704 ----a-r c:\windows\system32\hpzids01.dll
2009-05-09 18:49 . 2007-10-20 22:25 118272 ----a-w c:\windows\system32\hpz3l5mu.dll
2009-05-09 18:48 . 2008-01-24 21:30 309760 ----a-r c:\windows\system32\difxapi.dll
2009-05-09 18:48 . 2008-01-24 21:30 372736 ----a-r c:\windows\system32\hppldcoi.dll
2009-05-09 18:48 . 2008-01-24 21:30 21568 ----a-r c:\windows\system32\drivers\HPZius12.sys
2009-05-09 18:41 . 2009-05-09 18:41 -------- d-----w c:\documents and settings\All Users\Application Data\HP
2009-05-09 18:39 . 2009-05-09 18:39 -------- d-----w c:\windows\system32\DRVSTORE
2009-05-09 18:38 . 2009-05-09 18:38 -------- d-----w c:\program files\HP
2009-05-09 18:38 . 2004-08-04 05:01 25856 ----a-w c:\windows\system32\dllcache\usbprint.sys
2009-05-09 18:38 . 2004-08-04 05:01 25856 ----a-w c:\windows\system32\drivers\usbprint.sys
2009-05-09 18:38 . 2004-08-04 05:08 31616 ----a-w c:\windows\system32\dllcache\usbccgp.sys
2009-05-09 18:38 . 2004-08-04 05:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys
2009-05-09 01:29 . 2009-05-09 01:29 -------- d-----w c:\program files\Common Files\AOLSHARE
2009-05-07 15:07 . 2009-03-06 14:44 283648 ------w c:\windows\system32\dllcache\pdh.dll
2009-05-07 15:07 . 2005-07-26 04:39 60416 ------w c:\windows\system32\dllcache\colbact.dll
2009-05-07 15:07 . 2009-02-09 10:20 399360 ------w c:\windows\system32\dllcache\rpcss.dll
2009-05-07 15:07 . 2009-02-06 17:14 110592 ------w c:\windows\system32\dllcache\services.exe
2009-05-07 15:07 . 2009-02-09 10:20 473088 ------w c:\windows\system32\dllcache\fastprox.dll
2009-05-07 15:07 . 2009-02-06 16:39 227840 ------w c:\windows\system32\dllcache\wmiprvse.exe
2009-05-07 15:07 . 2009-02-09 10:20 453120 ------w c:\windows\system32\dllcache\wmiprvsd.dll
2009-05-07 15:07 . 2009-02-09 10:20 616960 ------w c:\windows\system32\dllcache\advapi32.dll
2009-05-07 15:07 . 2009-02-09 10:20 714752 ------w c:\windows\system32\dllcache\ntdll.dll
2009-05-07 15:05 . 2008-04-21 10:02 215552 ------w c:\windows\system32\dllcache\wordpad.exe
2009-05-07 00:44 . 2009-05-07 00:44 -------- d-----w c:\program files\RegistryRepair
2009-05-04 14:28 . 2009-05-04 14:28 -------- d-----w c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-05-04 14:28 . 2009-05-04 14:28 -------- d-----w c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-05-04 14:28 . 2009-05-04 14:28 -------- d-----w c:\program files\SDHelper (Spybot - Search & Destroy)
2009-05-04 14:28 . 2009-05-04 14:28 -------- d-----w c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-05-04 14:21 . 2009-05-04 14:21 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-04 14:21 . 2009-05-04 14:21 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-16 10:45 . 2001-10-11 15:26 65536 ----a-w c:\windows\system32\YCRWin32.dll
2009-04-16 10:45 . 2002-01-05 11:37 344064 ----a-w c:\windows\system32\msvcr70.dll
2009-04-16 10:45 . 2002-01-05 10:18 84992 ----a-w c:\windows\system32\ATL70.DLL
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-15 04:29 . 2006-12-01 14:49 90112 ----a-w c:\windows\DUMP88cc.tmp
2009-04-22 04:12 . 2006-12-02 17:58 17015 ----a-w c:\windows\system32\nvModes.dat
2009-04-14 13:16 . 2006-12-03 15:33 74352 ----a-w c:\documents and settings\default\Application Data\GDIPFONTCACHEV1.DAT
2009-04-14 13:16 . 2006-12-03 15:33 74352 ----a-w c:\documents and settings\default\Application Data\GDIPFONTCACHEV1.DAT
2009-03-23 21:48 . 2009-03-23 21:48 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-06 14:44 . 2006-12-02 19:01 283648 ----a-w c:\windows\system32\pdh.dll
2009-02-20 08:14 . 2006-06-23 15:33 668160 ----a-w c:\windows\system32\wininet.dll
2009-02-20 08:14 . 2004-08-04 06:56 81920 ------w c:\windows\system32\ieencode.dll
2000-10-13 20:56 . 2000-10-13 20:56 271 --sh--w c:\program files\desktop.ini
2000-10-13 20:56 . 2000-10-13 20:56 23357 ---h--w c:\program files\folder.htt
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="c:\program files\Microsoft Money\System\Money Express.exe" [2000-07-19 176183]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2001-10-08 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2001-10-08 401408]
"DellTouch"="c:\windows\DELLMMKB.EXE" [2001-09-23 163840]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-06-24 4800512]
"AS00_Gear511"="c:\program files\NETGEAR\WG511SCU\Utility\Gear511.exe" [2006-01-20 1122412]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-10-25 282624]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-10-30 256576]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-03 1601304]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-05-07 68592]
"nwiz"="nwiz.exe" - c:\windows\SYSTEM32\nwiz.exe [2003-06-24 323584]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="c:\program files\Microsoft Money\System\Money Express.exe" [2000-07-19 176183]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 16:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-03 01:32 10520 ----a-w c:\windows\SYSTEM32\avgrsstx.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\MESSENGER\MSMSGS.EXE" /background
"Mirabilis ICQ"=c:\program files\ICQ\NDetect.exe
"Weather"=c:\program files\AWS\WEATHERBUG\WEATHER.EXE 1
"Microsoft Works Update Detection"=c:\program files\Microsoft Works\WkDetect.exe
"Yahoo! Pager"=c:\program files\Yahoo!\Messenger\ypager.exe -quiet
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MMTray"=c:\program files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
"LapLink Scheduler"="c:\program files\Common Files\LapLink\Scheduler\LLSCHED.EXE"
"SynTPLpr"=c:\program files\Synaptics\SynTP\SynTPLpr.exe
"SynTPEnh"=c:\program files\Synaptics\SynTP\SynTPEnh.exe
"WorksFUD"=c:\program files\Microsoft Works\wkfud.exe
"Microsoft Works Portfolio"=c:\program files\Microsoft Works\WksSb.exe /AllUsers
"Microsoft Works Update Detection"=c:\program files\Microsoft Works\WkDetect.exe
"seticlient"=c:\program files\SETI@home\
[email protected] -min
"TkBellExe"=c:\program files\Common Files\Real\Update_OB\realsched.exe -osboot
"QuickTime Task"="c:\windows\SYSTEM32\qttask.exe" -atboottime
"AOLDialer"=c:\program files\Common Files\AOL\ACS\AOLDial.exe
"DadApp"=c:\program files\DELL\AccessDirect\dadapp.exe
"BayMgr"=DockApp.exe
"AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
"HostManager"=c:\program files\Common Files\AOL\1106251464\EE\AOLHostManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
"Promon.exe"=Promon.exe
"CPortPatch"=c:\windows\Quick Install\CPPatch.exe
"PRPCMonitor"=PRPCUI.exe
"LoadQM"=loadqm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices-]
"SchedulingAgent"=mstask.exe
"AolAcsDaemon1"="c:\program files\COMMON FILES\AOL\ACS\AOLACSD.EXE"
"AOL TopSpeedMonitor"=c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
"NVSvc"=c:\windows\SYSTEM32\NVSVC.EXE -runservice
"KB891711"=c:\windows\SYSTEM\KB891711\KB891711.EXE
"MSNIA"=c:\progra~1\MSN\MSNIA\MSNIASVC.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [5/15/2008 11:17 AM 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [5/15/2008 11:17 AM 107272]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4/28/2009 11:33 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [4/28/2009 11:33 AM 72944]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [1/19/2009 1:43 PM 903960]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [1/19/2009 1:43 PM 298264]
R2 Nhksrv;Netropa NHK Server;c:\windows\Nhksrv.exe [12/1/2006 12:30 PM 28672]
R3 maestro;ESS Maestro Audio Driver (WDM);c:\windows\SYSTEM32\DRIVERS\es198xdl.sys [6/20/2002 5:53 PM 414400]
R3 Msikbd2k;DellTouch;c:\windows\SYSTEM32\DRIVERS\Msikbd2k.sys [12/1/2006 12:30 PM 6942]
S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\SYSTEM32\AWINDIS5.SYS [12/3/2006 1:40 PM 16194]
S3 NETGEAR_WG511_SERVICE;NETGEAR WG511T Wireless Adapter Service;c:\windows\SYSTEM32\DRIVERS\wg511nd5.sys [12/3/2006 1:39 PM 449888]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4/28/2009 11:33 AM 7408]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\^RNA]
rundll rnasetup.dll,installoptionalcomponent rna
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:OE /CALLER:IE50 /user /install
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install
"c:\progra~1\OUTLOO~1\setup50.exe" /APP:WAB /CALLER:IE50 /user /install
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
c:\windows\SYSTEM32\updcrl.exe -e -u c:\windows\SYSTEM\verisignpub1.crl
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
BHO-{5DC51E2A-2041-4745-97BA-1CA8C794A07F} - c:\program files\Internet Explorer\LiveInfoPro\toolbar_v0.9.5_w-jsinside-affid-1002.dll
Toolbar-{3E9D340B-D614-4854-AE06-4218201F6AAE} - c:\program files\Internet Explorer\LiveInfoPro\toolbar_v0.9.5_w-jsinside-affid-1002.dll
HKCU-Run-Microsoft Works Update Detection - c:\program files\Microsoft Works\WkDetect.exe
HKLM-Run-AOLDialer - c:\program files\Common Files\AOL\ACS\AOLDial.exe
HKU-Default-Run-InetChk - c:\windows\TEMP\ms1242158271.exe
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
mLocal Page = c:\windows\SYSTEM\blank.htm
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://cf.icq.com/cf/2000/lost_password.html
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
Trusted Zone: aol.com\free
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: DirectAnimation Java Classes - file://c:\windows\SYSTEM\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: Win32 Classes
DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - hxxp://download.weatherbug.com/minibug/tricklers/AWS/minibuginstaller.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-05-15 01:41
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(684)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-05-15 1:43
ComboFix-quarantined-files.txt 2009-05-15 05:43
Pre-Run: 8,631,222,272 bytes free
Post-Run: 9,237,594,112 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout = 30
default = multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS = "Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
254 --- E O F --- 2009-05-08 16:44
[attachment deleted by admin]