So my computer isnt letting me exectute files...its seems like this has been happening to alot of people on here. So i have my computer in safe mode right now. After viewing similar forums i used combo fix, here is my log so what should i do next? thank you
ComboFix 10-07-20.03 - Sean Greaves 07/21/2010 15:36:45.1.2 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2037.1341 [GMT -4:00]
Running from: c:\users\Sean Greaves\Downloads\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Smart-Shopper
c:\program files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
c:\program files\Smart-Shopper\cs\antiphishing\antiphishing.html
c:\program files\Smart-Shopper\cs\antiphishing\phishAlert.gif
c:\program files\Smart-Shopper\cs\antiphishing\x.gif
c:\program files\Smart-Shopper\cs\antiphishing\xActive.gif
c:\program files\Smart-Shopper\Uninst.exe
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}\chrome.manifest
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}\chrome\content\_cfg.js
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}\chrome\content\overlay.xul
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}\install.rdf
c:\windows\7Loader.TAG
.
((((((((((((((((((((((((( Files Created from 2010-06-21 to 2010-07-21 )))))))))))))))))))))))))))))))
.
2010-07-21 19:43 . 2010-07-21 19:44 -------- d-----w- c:\users\Sean Greaves\AppData\Local\temp
2010-07-21 19:43 . 2010-07-21 19:43 -------- d-----w- c:\users\Mcx1-SEANGREAVES-PC\AppData\Local\temp
2010-07-21 19:43 . 2010-07-21 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-21 18:36 . 2010-02-05 13:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-07-21 18:36 . 2010-02-05 13:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-07-21 18:36 . 2010-03-10 15:36 217032 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-07-21 18:36 . 2009-11-23 17:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-07-21 18:36 . 2010-02-05 13:25 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-07-21 18:36 . 2010-07-21 18:36 -------- d-----w- c:\program files\Spyware Doctor
2010-07-21 18:36 . 2010-07-21 18:36 -------- d-----w- c:\program files\Common Files\PC Tools
2010-07-21 18:36 . 2010-07-21 18:36 -------- d-----w- c:\users\Sean Greaves\AppData\Roaming\PC Tools
2010-07-21 18:36 . 2010-07-21 18:36 -------- d-----w- c:\programdata\PC Tools
2010-07-21 18:24 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-21 18:24 . 2010-07-21 18:24 -------- d-----w- c:\programdata\Malwarebytes
2010-07-21 18:24 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-21 18:24 . 2010-07-21 18:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-21 17:55 . 2010-07-21 17:55 -------- d-----w- c:\program files\Crawler
2010-07-21 17:54 . 2010-07-21 17:54 -------- d-----w- c:\program files\Spyware Terminator
2010-07-21 16:41 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-21 16:41 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-21 16:41 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-21 16:41 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-21 16:41 . 2010-06-28 20:32 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-07-21 16:41 . 2010-07-21 16:41 -------- d-----w- C:\_407708_
2010-07-21 16:41 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-21 16:41 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-21 16:40 . 2010-07-21 16:40 -------- d-----w- c:\programdata\Alwil Software
2010-07-21 16:40 . 2010-07-21 16:40 -------- d-----w- c:\program files\Alwil Software
2010-07-21 13:10 . 2010-07-21 13:10 -------- d-----w- c:\users\Sean Greaves\AppData\Local\ElevatedDiagnostics
2010-07-21 04:03 . 2010-07-21 04:03 -------- d-----w- c:\program files\AVG
2010-07-21 04:02 . 2010-07-21 18:08 -------- d-----w- c:\programdata\avg9
2010-07-21 03:54 . 2010-07-21 03:54 0 ----a-w- c:\windows\nsreg.dat
2010-07-21 03:49 . 2010-07-21 03:49 2804 ----a-w- c:\users\Sean Greaves\AppData\Local\eyaqitih.dll
2010-07-20 19:36 . 2010-07-20 19:36 120 ----a-w- c:\users\Sean Greaves\AppData\Local\Qcuduw.dat
2010-07-20 19:36 . 2010-07-20 19:36 0 ----a-w- c:\users\Sean Greaves\AppData\Local\Ynomivikik.bin
2010-07-20 19:35 . 2010-07-21 19:44 767488 ----a-w- c:\windows\system32\drivers\aenhkzg.sys
2010-07-20 19:35 . 2010-07-21 18:27 -------- d-----w- c:\users\Sean Greaves\AppData\Local\abntnkvoh
2010-06-24 07:01 . 2009-11-25 16:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 07:01 . 2009-11-25 16:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 07:01 . 2009-11-25 16:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 07:01 . 2009-11-25 16:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 07:01 . 2009-11-25 16:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-24 01:17 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll
2010-06-24 01:17 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-06-24 01:17 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-14 07:01 . 2010-02-17 03:00 -------- d-----w- c:\programdata\Microsoft Help
2010-07-10 00:24 . 2010-02-17 03:49 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2010-07-02 16:15 . 2010-02-17 02:15 -------- d-----w- c:\users\Sean Greaves\AppData\Roaming\BitTorrent
2010-06-25 07:01 . 2010-02-17 03:04 -------- d-----w- c:\program files\Microsoft.NET
2010-06-07 05:12 . 2010-02-17 18:39 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2010-06-03 02:16 . 2010-04-29 00:15 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2010-06-03 02:16 . 2010-06-03 02:16 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2010-05-27 07:24 . 2010-06-09 08:25 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-09 08:25 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-24 21:28 . 2010-05-24 21:27 -------- d-----w- c:\program files\jZip
2010-05-24 21:28 . 2010-05-24 21:28 -------- d-----w- c:\program files\Yahoo!
2010-05-24 21:28 . 2010-05-24 21:28 -------- d-----w- c:\users\Sean Greaves\AppData\Roaming\Yahoo!
2010-05-24 21:28 . 2010-05-24 21:28 -------- d-----w- c:\programdata\Yahoo! Companion
2010-05-21 18:14 . 2010-02-17 00:39 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-21 05:18 . 2010-06-09 08:25 977920 ----a-w- c:\windows\system32\wininet.dll
2010-05-18 23:31 . 2010-02-17 03:48 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-05-18 23:31 . 2010-05-18 23:31 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-05-01 14:49 . 2010-06-09 08:26 2326528 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 00:15 . 2010-04-29 00:15 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2010-04-29 00:15 . 2010-02-26 23:07 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-04-23 07:13 . 2010-05-26 05:36 2048 ----a-w- c:\windows\system32\tzres.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2010-01-16 13:59 561552 ----a-w- c:\progra~1\MICROS~2\Office14\URLREDIR.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Sean Greaves\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-02-17 135664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-03-09 1286608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
c:\users\Sean Greaves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-1-21 226176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdAuxService]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdCoreService"
R1 aswSP;aswSP; [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-30 1343400]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-10 217032]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2007-12-26 288768]
--- Other Services/Drivers In Memory ---
*Deregistered* - aenhkzg
.
Contents of the 'Scheduled Tasks' folder
2010-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2397187988-3055946171-1919316422-1001Core.job
- c:\users\Sean Greaves\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-17 02:04]
2010-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2397187988-3055946171-1919316422-1001UA.job
- c:\users\Sean Greaves\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-17 02:04]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.jzip.com
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride =
uInternet Settings,ProxyServer = http=127.0.0.1:5643
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Osafanuperam - c:\users\Sean Greaves\AppData\Local\wlapin.dll
HKCU-Run-ncdkjjrc - c:\users\Sean Greaves\AppData\Local\abntnkvoh\gdxkelutssd.exe
HKCU-Run-Kruzunaniyanun - c:\users\Sean Greaves\AppData\Local\usulihiw.dll
HKLM-RunOnce- - (no file)
AddRemove-Smart-Shopper - c:\program files\Smart-Shopper\Uninst.exe
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\aenhkzg]
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-07-21 15:48:56
ComboFix-quarantined-files.txt 2010-07-21 19:48
Pre-Run: 183,935,635,456 bytes free
Post-Run: 186,761,953,280 bytes free
- - End Of File - - F6DB5D3EC206C3F76AE746BB0A0E0B26
ComboFix 10-07-20.03 - Sean Greaves 07/21/2010 15:36:45.1.2 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2037.1341 [GMT -4:00]
Running from: c:\users\Sean Greaves\Downloads\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Smart-Shopper
c:\program files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
c:\program files\Smart-Shopper\cs\antiphishing\antiphishing.html
c:\program files\Smart-Shopper\cs\antiphishing\phishAlert.gif
c:\program files\Smart-Shopper\cs\antiphishing\x.gif
c:\program files\Smart-Shopper\cs\antiphishing\xActive.gif
c:\program files\Smart-Shopper\Uninst.exe
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}\chrome.manifest
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}\chrome\content\_cfg.js
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}\chrome\content\overlay.xul
c:\users\Sean Greaves\AppData\Local\{DE623834-E39C-4844-8E36-24E3F29728A5}\install.rdf
c:\windows\7Loader.TAG
.
((((((((((((((((((((((((( Files Created from 2010-06-21 to 2010-07-21 )))))))))))))))))))))))))))))))
.
2010-07-21 19:43 . 2010-07-21 19:44 -------- d-----w- c:\users\Sean Greaves\AppData\Local\temp
2010-07-21 19:43 . 2010-07-21 19:43 -------- d-----w- c:\users\Mcx1-SEANGREAVES-PC\AppData\Local\temp
2010-07-21 19:43 . 2010-07-21 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-21 18:36 . 2010-02-05 13:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-07-21 18:36 . 2010-02-05 13:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-07-21 18:36 . 2010-03-10 15:36 217032 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-07-21 18:36 . 2009-11-23 17:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-07-21 18:36 . 2010-02-05 13:25 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-07-21 18:36 . 2010-07-21 18:36 -------- d-----w- c:\program files\Spyware Doctor
2010-07-21 18:36 . 2010-07-21 18:36 -------- d-----w- c:\program files\Common Files\PC Tools
2010-07-21 18:36 . 2010-07-21 18:36 -------- d-----w- c:\users\Sean Greaves\AppData\Roaming\PC Tools
2010-07-21 18:36 . 2010-07-21 18:36 -------- d-----w- c:\programdata\PC Tools
2010-07-21 18:24 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-21 18:24 . 2010-07-21 18:24 -------- d-----w- c:\programdata\Malwarebytes
2010-07-21 18:24 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-21 18:24 . 2010-07-21 18:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-21 17:55 . 2010-07-21 17:55 -------- d-----w- c:\program files\Crawler
2010-07-21 17:54 . 2010-07-21 17:54 -------- d-----w- c:\program files\Spyware Terminator
2010-07-21 16:41 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-21 16:41 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-21 16:41 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-21 16:41 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-21 16:41 . 2010-06-28 20:32 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-07-21 16:41 . 2010-07-21 16:41 -------- d-----w- C:\_407708_
2010-07-21 16:41 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-21 16:41 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-21 16:40 . 2010-07-21 16:40 -------- d-----w- c:\programdata\Alwil Software
2010-07-21 16:40 . 2010-07-21 16:40 -------- d-----w- c:\program files\Alwil Software
2010-07-21 13:10 . 2010-07-21 13:10 -------- d-----w- c:\users\Sean Greaves\AppData\Local\ElevatedDiagnostics
2010-07-21 04:03 . 2010-07-21 04:03 -------- d-----w- c:\program files\AVG
2010-07-21 04:02 . 2010-07-21 18:08 -------- d-----w- c:\programdata\avg9
2010-07-21 03:54 . 2010-07-21 03:54 0 ----a-w- c:\windows\nsreg.dat
2010-07-21 03:49 . 2010-07-21 03:49 2804 ----a-w- c:\users\Sean Greaves\AppData\Local\eyaqitih.dll
2010-07-20 19:36 . 2010-07-20 19:36 120 ----a-w- c:\users\Sean Greaves\AppData\Local\Qcuduw.dat
2010-07-20 19:36 . 2010-07-20 19:36 0 ----a-w- c:\users\Sean Greaves\AppData\Local\Ynomivikik.bin
2010-07-20 19:35 . 2010-07-21 19:44 767488 ----a-w- c:\windows\system32\drivers\aenhkzg.sys
2010-07-20 19:35 . 2010-07-21 18:27 -------- d-----w- c:\users\Sean Greaves\AppData\Local\abntnkvoh
2010-06-24 07:01 . 2009-11-25 16:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 07:01 . 2009-11-25 16:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 07:01 . 2009-11-25 16:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 07:01 . 2009-11-25 16:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 07:01 . 2009-11-25 16:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-24 01:17 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll
2010-06-24 01:17 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-06-24 01:17 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-14 07:01 . 2010-02-17 03:00 -------- d-----w- c:\programdata\Microsoft Help
2010-07-10 00:24 . 2010-02-17 03:49 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2010-07-02 16:15 . 2010-02-17 02:15 -------- d-----w- c:\users\Sean Greaves\AppData\Roaming\BitTorrent
2010-06-25 07:01 . 2010-02-17 03:04 -------- d-----w- c:\program files\Microsoft.NET
2010-06-07 05:12 . 2010-02-17 18:39 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-03 02:41 . 2010-06-03 02:41 3600384 ----a-w- c:\windows\system32\GPhotos.scr
2010-06-03 02:16 . 2010-04-29 00:15 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2010-06-03 02:16 . 2010-06-03 02:16 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2010-05-27 07:24 . 2010-06-09 08:25 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-09 08:25 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-24 21:28 . 2010-05-24 21:27 -------- d-----w- c:\program files\jZip
2010-05-24 21:28 . 2010-05-24 21:28 -------- d-----w- c:\program files\Yahoo!
2010-05-24 21:28 . 2010-05-24 21:28 -------- d-----w- c:\users\Sean Greaves\AppData\Roaming\Yahoo!
2010-05-24 21:28 . 2010-05-24 21:28 -------- d-----w- c:\programdata\Yahoo! Companion
2010-05-21 18:14 . 2010-02-17 00:39 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-21 05:18 . 2010-06-09 08:25 977920 ----a-w- c:\windows\system32\wininet.dll
2010-05-18 23:31 . 2010-02-17 03:48 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-05-18 23:31 . 2010-05-18 23:31 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-05-01 14:49 . 2010-06-09 08:26 2326528 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 00:15 . 2010-04-29 00:15 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2010-04-29 00:15 . 2010-02-26 23:07 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-04-23 07:13 . 2010-05-26 05:36 2048 ----a-w- c:\windows\system32\tzres.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2010-01-16 13:59 561552 ----a-w- c:\progra~1\MICROS~2\Office14\URLREDIR.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Sean Greaves\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-02-17 135664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-03-09 1286608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
c:\users\Sean Greaves\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-1-21 226176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdAuxService]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdCoreService"
R1 aswSP;aswSP; [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-30 1343400]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-10 217032]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2007-12-26 288768]
--- Other Services/Drivers In Memory ---
*Deregistered* - aenhkzg
.
Contents of the 'Scheduled Tasks' folder
2010-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2397187988-3055946171-1919316422-1001Core.job
- c:\users\Sean Greaves\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-17 02:04]
2010-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2397187988-3055946171-1919316422-1001UA.job
- c:\users\Sean Greaves\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-17 02:04]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.jzip.com
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride =
uInternet Settings,ProxyServer = http=127.0.0.1:5643
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Osafanuperam - c:\users\Sean Greaves\AppData\Local\wlapin.dll
HKCU-Run-ncdkjjrc - c:\users\Sean Greaves\AppData\Local\abntnkvoh\gdxkelutssd.exe
HKCU-Run-Kruzunaniyanun - c:\users\Sean Greaves\AppData\Local\usulihiw.dll
HKLM-RunOnce-
AddRemove-Smart-Shopper - c:\program files\Smart-Shopper\Uninst.exe
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\aenhkzg]
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-07-21 15:48:56
ComboFix-quarantined-files.txt 2010-07-21 19:48
Pre-Run: 183,935,635,456 bytes free
Post-Run: 186,761,953,280 bytes free
- - End Of File - - F6DB5D3EC206C3F76AE746BB0A0E0B26