I am sorry, I was not saving the combofix file to my desktop- I was attempting to run it at install. ComboFix 10-01-23.03 - HP_Administrator 01/23/2010 23:48:39.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1214.575 [GMT -6:00]
Running from: c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\S-1-5-21-527237240-179605362-725345543-500
c:\recycler\S-1-5-21-607036408-2121272083-3174120339-1008
C:\s
c:\windows\kb913800.exe
c:\windows\system32\ps2.bat
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2009-12-24 to 2010-01-24 )))))))))))))))))))))))))))))))
.
2010-01-24 00:19 . 2010-01-24 00:22 -------- d-----w- c:\program files\Startup Optimizer
2010-01-24 00:15 . 2010-01-24 01:47 -------- d-----w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\IObit
2010-01-23 11:15 . 2010-01-23 11:15 1956528 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe
2010-01-23 11:15 . 2010-01-23 12:41 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-01-23 09:00 . 2010-01-23 09:00 503808 ----a-w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2251b952-n\msvcp71.dll
2010-01-23 09:00 . 2010-01-23 09:00 499712 ----a-w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2251b952-n\jmc.dll
2010-01-23 09:00 . 2010-01-23 09:00 348160 ----a-w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2251b952-n\msvcr71.dll
2010-01-23 09:00 . 2010-01-23 09:00 61440 ----a-w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4f776f72-n\decora-sse.dll
2010-01-23 09:00 . 2010-01-23 09:00 12800 ----a-w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-4f776f72-n\decora-d3d.dll
2010-01-23 08:59 . 2010-01-23 08:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-23 08:44 . 2010-01-23 08:50 -------- d-----w- c:\program files\Trend Micro
2010-01-23 06:10 . 2010-01-23 06:10 52224 ----a-w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-23 06:10 . 2010-01-23 06:10 117760 ----a-w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-23 06:10 . 2010-01-23 06:10 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-01-23 06:10 . 2010-01-23 06:10 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-01-23 06:10 . 2010-01-23 06:10 -------- d-----w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\SUPERAntiSpyware.com
2010-01-23 06:08 . 2010-01-23 06:08 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-23 05:58 . 2010-01-23 05:58 -------- d-----w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Malwarebytes
2010-01-23 05:58 . 2010-01-07 22:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-23 05:58 . 2010-01-23 06:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-23 05:58 . 2010-01-07 22:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-23 05:35 . 2010-01-23 05:35 -------- d-----w- c:\windows\system32\scripting
2010-01-23 05:35 . 2010-01-23 05:35 -------- d-----w- c:\windows\system32\en
2010-01-23 05:35 . 2010-01-23 05:35 -------- d-----w- c:\windows\system32\bits
2010-01-23 05:09 . 2008-04-14 00:12 276992 ------w- c:\windows\system32\wmphoto.dll
2010-01-23 05:09 . 2008-04-14 00:12 69120 ------w- c:\windows\system32\wlanapi.dll
2010-01-23 05:09 . 2008-04-14 00:12 712704 ------w- c:\windows\system32\windowscodecs.dll
2010-01-23 05:09 . 2008-04-14 00:12 346112 ------w- c:\windows\system32\windowscodecsext.dll
2010-01-23 05:09 . 2004-08-04 03:29 25471 ------w- c:\windows\system32\drivers\watv10nt.sys
2010-01-23 05:09 . 2004-08-04 03:29 22271 ------w- c:\windows\system32\drivers\watv06nt.sys
2010-01-23 05:07 . 2008-04-14 00:12 176640 ------w- c:\windows\system32\napstat.exe
2010-01-23 05:06 . 2008-04-14 00:11 516768 ------w- c:\windows\system32\ativvaxx.dll
2010-01-23 04:37 . 2010-01-23 04:37 -------- d-----w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\Skinux
2010-01-23 04:26 . 2010-01-23 04:26 -------- d-----w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\HPQ
2010-01-23 04:14 . 2010-01-23 04:14 -------- d-----w- C:\$AVG
2010-01-23 04:13 . 2010-01-23 04:13 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-01-23 04:13 . 2010-01-23 04:13 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-23 04:13 . 2010-01-23 04:13 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-01-23 04:13 . 2010-01-23 22:22 -------- d-----w- c:\windows\system32\drivers\Avg
2010-01-23 04:13 . 2010-01-23 04:13 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-23 04:13 . 2010-01-23 04:36 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-01-23 03:32 . 2010-01-23 03:32 -------- d-sh--w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\IECompatCache
2010-01-23 03:30 . 2010-01-23 03:30 -------- d-sh--w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\PrivacIE
2010-01-23 03:22 . 2010-01-23 03:22 -------- d-sh--w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\IETldCache
2010-01-23 03:19 . 2009-12-21 19:14 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-01-23 03:19 . 2009-12-21 19:14 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-23 03:19 . 2009-12-21 19:14 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-23 03:19 . 2009-12-21 19:14 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-23 03:19 . 2009-12-21 19:14 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-01-23 03:19 . 2009-12-21 19:14 11070464 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-01-23 03:19 . 2009-10-02 04:44 92160 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-01-23 03:11 . 2001-08-17 21:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-01-23 03:11 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-01-23 03:11 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-01-23 03:11 . 2008-04-13 18:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-01-23 03:11 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-01-23 02:30 . 2009-10-15 16:28 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2010-01-23 02:30 . 2009-10-15 16:28 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2010-01-23 02:29 . 2009-11-21 15:51 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-01-23 02:28 . 2009-08-04 15:13 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-23 02:28 . 2009-08-04 14:20 2023936 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-23 02:28 . 2009-08-04 14:20 2066048 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-01-23 02:26 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2010-01-23 02:24 . 2009-03-06 14:22 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2010-01-23 02:24 . 2009-02-09 12:10 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2010-01-23 02:24 . 2009-02-09 12:10 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-01-23 02:24 . 2009-02-09 12:10 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2010-01-23 02:24 . 2009-02-06 11:11 110592 ------w- c:\windows\system32\dllcache\services.exe
2010-01-23 02:24 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2010-01-23 02:24 . 2009-06-25 08:25 730112 ------w- c:\windows\system32\dllcache\lsasrv.dll
2010-01-23 02:24 . 2009-02-09 12:10 714752 ------w- c:\windows\system32\dllcache\ntdll.dll
2010-01-23 02:24 . 2009-02-09 12:10 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2010-01-23 02:23 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-01-23 02:23 . 2008-04-21 12:08 215552 ------w- c:\windows\system32\dllcache\wordpad.exe
2010-01-23 02:23 . 2008-12-11 10:57 333952 ------w- c:\windows\system32\dllcache\srv.sys
2010-01-23 02:22 . 2008-10-24 11:21 455296 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2010-01-23 02:22 . 2008-10-15 16:34 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2010-01-23 02:21 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-01-23 02:08 . 2010-01-23 02:08 -------- d-sh--w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\UserData
2010-01-23 01:43 . 2010-01-23 09:12 -------- d-sh--r- c:\windows\system32\dllcache
2010-01-23 01:37 . 2010-01-23 01:37 -------- d-----w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Application Data\HP
2010-01-23 01:27 . 2010-01-24 02:12 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Symantec
2010-01-23 01:27 . 2006-02-11 00:59 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Intuit
2010-01-23 01:27 . 2006-02-11 00:57 -------- d-----w- c:\windows\system32\config\systemprofile\WINDOWS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 04:27 . 2006-02-11 00:43 51528 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-24 02:12 . 2007-04-01 21:12 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2010-01-24 02:12 . 2006-02-11 01:22 -------- d-----w- c:\documents and settings\Administrator\Application Data\Symantec
2010-01-24 02:12 . 2009-04-28 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2010-01-24 01:33 . 2009-12-01 23:01 -------- d-----w- c:\program files\IObit
2010-01-23 09:07 . 2006-02-11 00:13 -------- d-----w- c:\program files\Java
2010-01-23 09:00 . 2006-02-11 00:13 -------- d-----w- c:\program files\Common Files\Java
2010-01-23 07:07 . 2010-01-23 01:28 155 ----a-w- c:\documents and settings\HP_Administrator.YOUR-4DACD0EA75\Local Settings\Application Data\fusioncache.dat
2010-01-23 05:42 . 2005-08-31 04:01 92463 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-23 04:35 . 2006-02-11 01:15 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-23 04:35 . 2006-02-11 01:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-01-23 04:13 . 2009-04-28 17:48 -------- d-----w- c:\program files\AVG
2010-01-23 03:57 . 2006-02-11 00:46 -------- d-----w- c:\program files\WildTangent
2010-01-23 03:56 . 2006-02-11 00:46 -------- d-----w- c:\program files\Sonic
2010-01-23 03:55 . 2006-02-11 00:59 -------- d-----w- c:\program files\Quicken
2010-01-23 03:52 . 2006-02-11 00:46 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-23 03:51 . 2006-02-11 00:58 -------- d-----w- c:\program files\muvee Technologies
2010-01-23 03:51 . 2006-02-11 00:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-23 03:44 . 2006-02-11 00:08 -------- d-----w- c:\program files\GemMaster
2010-01-23 01:36 . 2006-02-11 00:33 112942 ----a-w- c:\windows\hpoins07.dat
2010-01-23 01:30 . 2010-01-23 01:30 1903 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_ER900AA-ABA a1430n_YC_0Pavi_QCNH607_E62NAemMPA1_48_
INAGAMI_SASUSTek Computer INC._V1.01_B3.01_T060209_WXP2_L409_M121
5_J250_7AMD_8Athlon 64 X2 Dual Core_92_#060408_N_Z11C10620_G10DE0241.MRK
2009-12-21 19:14 . 2004-08-10 04:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-05 17:29 . 2009-12-05 17:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-21 15:51 . 2004-08-10 04:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 19:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-01-06 2335952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-25 7311360]
"RTHDCPL"="RTHDCPL.EXE" [2006-01-23 15969280]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 49152]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-01-23 2033432]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-01-23 04:13 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\rundisabled]
"ehTray"=c:\windows\ehome\ehtray.exe
"nwiz"=nwiz.exe /install
"HPHUPD08"=c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
"DMAScheduler"=c:\program files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [1/22/2010 10:13 PM 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [1/22/2010 10:13 PM 360584]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [1/5/2010 7:56 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [1/5/2010 7:56 AM 74480]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [1/22/2010 10:13 PM 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [1/22/2010 10:13 PM 285392]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [1/5/2010 7:56 AM 7408]
.
Contents of the 'Scheduled Tasks' folder
2010-01-24 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-01-24 21:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-01-23 23:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(792)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
Completion time: 2010-01-23 23:53:34
ComboFix-quarantined-files.txt 2010-01-24 05:53
Pre-Run: 216,889,921,536 bytes free
Post-Run: 217,093,427,200 bytes free
- - End Of File - - E0ABED7704C4BCE6A733DB4EE8A2E9D7
e everything you requested now.