I know have internet connection and ran combofix again. I disabled AVG in my start up but combofix still flashed up errors saying it was still running. It then tried to download some microsoft file but then saidit couldn't so carried on and ran combofix anyway. This file is from the second time of running combofix. Thanks for your help.
ComboFix 10-08-06.01 - Alan 07/08/2010 2:51.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.766.442 [GMT 1:00]
Running from: c:\documents and settings\Alan\Desktop\commy.exe.exe
AV: AVG Anti-Virus plus Firewall *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2010-07-07 to 2010-08-07 )))))))))))))))))))))))))))))))
.
2010-07-24 19:18 . 2010-07-24 19:18 -------- d-----w- c:\program files\iPod
2010-07-24 19:18 . 2010-07-24 19:19 -------- d-----w- c:\program files\iTunes
2010-07-14 08:55 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-01 21:24 . 2008-11-04 20:33 -------- d-----w- c:\documents and settings\Alan\Application Data\BitTorrent
2010-07-26 19:56 . 2008-09-10 15:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Kontiki
2010-07-26 19:55 . 2010-01-25 16:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-07-26 19:54 . 2008-06-06 19:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-26 06:46 . 2010-02-17 16:30 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-07-26 06:46 . 2010-02-17 16:27 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2010-07-24 19:24 . 2009-02-26 22:04 -------- d-----w- c:\documents and settings\Alan\Application Data\Spotify
2010-07-24 19:18 . 2008-06-18 20:07 -------- d-----w- c:\program files\Common Files\Apple
2010-07-24 19:13 . 2010-07-24 19:13 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe
2010-07-18 08:55 . 2008-07-17 15:19 -------- d-----w- c:\program files\Safari
2010-07-18 08:53 . 2010-07-18 08:53 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-07-14 17:25 . 2010-01-30 17:56 1 ----a-w- c:\documents and settings\Alan\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-07-03 18:37 . 2009-08-22 16:39 -------- d-----w- c:\documents and settings\Alan\Application Data\Skype
2010-07-03 16:33 . 2010-03-23 16:33 -------- d-----w- c:\program files\HyperCam Toolbar
2010-07-03 16:33 . 2008-12-23 18:32 -------- d-----w- c:\program files\IsoBuster
2010-06-30 15:05 . 2009-08-22 16:42 -------- d-----w- c:\documents and settings\Alan\Application Data\skypePM
2010-06-22 19:33 . 2010-06-22 19:33 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb1FF.tmp.exe
2010-06-21 21:30 . 2010-06-21 21:30 -------- d-----w- c:\program files\Bonjour
2010-06-14 14:31 . 2008-06-06 18:59 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-08 07:57 . 2009-02-23 16:47 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-25 19:27 . 2010-05-25 19:27 348160 ----a-w- c:\documents and settings\Alan\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-11fcdffb-n\msvcr71.dll
2010-05-25 19:27 . 2010-05-25 19:27 503808 ----a-w- c:\documents and settings\Alan\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-11fcdffb-n\msvcp71.dll
2010-05-25 19:27 . 2010-05-25 19:27 499712 ----a-w- c:\documents and settings\Alan\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-11fcdffb-n\jmc.dll
2010-05-18 15:35 . 2010-05-18 15:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 15:35 . 2010-05-18 15:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-12 16:07 . 2010-05-12 16:07 655360 ----a-w- c:\documents and settings\Alan\Application Data\Spotify\Gracenote\gnsdk_sdkmanager.dll
2010-05-12 16:07 . 2010-05-12 16:07 282624 ----a-w- c:\documents and settings\Alan\Application Data\Spotify\Gracenote\gnsdk_musicid_file.dll
2010-05-12 16:07 . 2010-05-12 16:07 208896 ----a-w- c:\documents and settings\Alan\Application Data\Spotify\Gracenote\gnsdk_dsp.dll
2008-12-23 23:30 . 2008-12-23 23:30 604 ---ha-w- c:\program files\STLL Notifier
2009-12-08 19:22 . 2009-12-08 19:22 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
2010-05-16 18:24 2515552 ----a-w- c:\program files\IsoBuster\tbIso0.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 13:02 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}]
2010-05-30 20:11 2515552 ----a-w- c:\program files\ooVoo_Chat\tbooV0.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\program files\IsoBuster\tbIso0.dll" [2010-05-16 2515552]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}"= "c:\program files\ooVoo_Chat\tbooV0.dll" [2010-05-30 2515552]
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CLASSES_ROOT\clsid\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"= "c:\program files\IsoBuster\tbIso0.dll" [2010-05-16 2515552]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{E5A1E26F-0D1D-4307-868F-FBD9A374AB54}"= "c:\program files\ooVoo_Chat\tbooV0.dll" [2010-05-30 2515552]
[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CLASSES_ROOT\clsid\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Alan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-21 133104]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-26 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2003-04-06 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2003-04-06 114688]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-06-19 195072]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-07 09:33 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Alan^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
path=c:\documents and settings\Alan\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
backup=c:\windows\pss\BBC iPlayer Desktop.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Alan^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk]
path=c:\documents and settings\Alan\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
backup=c:\windows\pss\OpenOffice.org 3.1.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PHOTOfunSTUDIO 4.0 HD Edition.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 4.0 HD Edition.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO 4.0 HD Edition.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SATARaid.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\SATARaid.lnk
backup=c:\windows\pss\SATARaid.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 01:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim]
2009-12-01 17:38 3951976 ----a-w- c:\program files\AIM\aim.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-07-13 14:10 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
2010-07-09 07:09 2048352 ----a-w- c:\progra~1\AVG\AVG8\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BSDAppUpdater]
2009-12-28 18:21 1758536 ----a-w- c:\program files\Common Files\BSD\AppUpdater\BSDChecker.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-12-08 19:22 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-21 07:22 133104 ----atw- c:\documents and settings\Alan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
2005-10-23 00:00 385024 ----a-w- c:\program files\Syncrosoft\POS\H2O\cledx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
2004-05-12 15:18 241664 ----a-w- c:\program files\Hp\hpcoretech\hpcmpmgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2003-12-05 15:41 49152 ----a-w- c:\program files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2004-05-04 14:21 176128 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05]
2004-05-05 05:17 491520 ----a-w- c:\windows\system32\hphmon05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05]
2004-04-01 10:33 49152 ----a-w- c:\program files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-21 14:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2009-04-30 14:39 5472016 ----a-w- c:\program files\Logitech\Logitech Vid\Vid.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2009-05-08 10:35 2780432 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 16:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 20:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-07-16 12:20 25604904 ----a-r- c:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-30 17:50 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-06-26 16:41 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-12-23 21:55 185872 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [18/04/2009 09:32 12552]
R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [11/06/2008 19:53 89610]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [18/04/2009 09:32 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [18/04/2009 09:32 108552]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [18/04/2009 09:32 297752]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [24/04/2009 09:16 1370488]
R2 CollinsPrimary;Collins Primary;j:\deb\School\Documents\literacy stuff\collins y3\Collins Primary\Apache\bin\Apache.exe [04/10/2007 13:57 20541]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [18/04/2009 09:31 29208]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [17/12/2008 18:08 33792]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [03/02/2010 09:27 135664]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [18/04/2009 09:31 29208]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [15/06/2008 13:39 30192]
.
Contents of the 'Scheduled Tasks' folder
2010-07-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 08:27]
2010-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 08:27]
2010-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-2025429265-682003330-1003Core.job
- c:\documents and settings\Alan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-21 07:22]
2010-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-2025429265-682003330-1003UA.job
- c:\documents and settings\Alan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-21 07:22]
2010-08-06 c:\windows\Tasks\HP Usg Daily.job
- c:\program files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\pexpress\hphped05.exe [2004-04-01 10:33]
2010-08-07 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 15:07]
2010-08-07 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-22 21:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1572363
uInternet Settings,ProxyOverride =
uInternet Settings,ProxyServer = http=127.0.0.1:6522
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Alan\Application Data\Mozilla\Firefox\Profiles\0wie39ak.default\
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-07 03:03
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1960408961-2025429265-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FE0F1352-1B8D-85F8-44A1-C7E97D500A60}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"gajjfpngekjokj"=hex:61,63,65,70,62,64,65,67,61,6f,68,6a,6b,6b,61,66,63,63,65,
6e,62,69,67,6c,70,6c,62,6d,6c,61,6e,6e,6a,6e,62,65,67,70,6f,6d,65,67,6b,68,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(1448)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-08-07 03:09:57
ComboFix-quarantined-files.txt 2010-08-07 02:09
ComboFix2.txt 2010-08-06 20:23
Pre-Run: 33,372,360,704 bytes free
Post-Run: 33,389,355,008 bytes free
- - End Of File - - 0D3BFB68EAB1CB3E7A925F4A157B8ECE