Autorun.inf and MS-dos.com

Here's the new log

ComboFix 08-12-13.03 - Tobiasjohansson 2008-12-15 2:52:43.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1791.1264 [GMT 11:00]
Running from: c:\documents and settings\Tobiasjohansson\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Tobiasjohansson\Desktop\CFscript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\MS-DOS.com
c:\windows\system32\38.tmp
c:\windows\system32\dllcache\svchost.exe
G:\MS-DOS.com
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\38.tmp
c:\windows\system32\dllcache\svchost.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MEMSWEEP2


((((((((((((((((((((((((( Files Created from 2008-11-14 to 2008-12-14 )))))))))))))))))))))))))))))))
.

2008-12-14 01:57 . 2008-12-14 14:16 d-------- c:\documents and settings\Tobiasjohansson\.housecall6.6
2008-12-13 00:56 . 2008-12-13 00:56 d-------- c:\documents and settings\Administrator\Application Data\Windows Search
2008-12-12 21:50 . 2008-12-12 22:23 d-------- c:\program files\Autorun Eater
2008-12-05 23:10 . 2008-12-05 23:10 d-------- c:\documents and settings\Tobiasjohansson\Application Data\Songbird2
2008-12-05 23:10 . 2008-12-05 23:10 d-------- c:\documents and settings\All Users\Application Data\SongbirdVLC
2008-12-05 23:09 . 2008-12-14 22:12 d-------- c:\program files\Songbird
2008-11-29 21:39 . 2008-03-16 14:47 872,192 --a------ c:\windows\system32\drivers\mod7700.sys
2008-11-29 21:39 . 2008-03-17 11:56 103,168 --a------ c:\windows\system32\drivers\ewusbfake.sys
2008-11-29 21:39 . 2008-03-17 11:03 101,376 --a------ c:\windows\system32\drivers\ewusbmdm.sys
2008-11-29 21:39 . 2008-01-22 15:09 100,992 --a------ c:\windows\system32\drivers\ewusbnet.sys
2008-11-29 21:39 . 2007-08-09 04:13 24,448 --a------ c:\windows\system32\drivers\ewdcsc.sys
2008-11-29 21:38 . 2008-11-29 21:42 d-------- c:\program files\3 MobileBroadband
2008-11-24 22:04 . 2008-09-05 04:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-24 22:04 . 2008-10-24 22:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-24 17:34 . 2008-11-24 17:34 d-------- c:\documents and settings\Tobiasjohansson\Application Data\Apple Computer
2008-11-23 22:47 . 2008-11-23 22:47 d-------- c:\program files\Safari
2008-11-23 22:46 . 2008-11-23 22:46 d-------- c:\program files\Apple Software Update
2008-11-23 22:46 . 2008-11-23 22:46 d-------- c:\documents and settings\All Users\Application Data\Apple
2008-11-21 00:10 . 2008-11-21 00:18 d-------- c:\documents and settings\Tobiasjohansson\amsn
2008-11-21 00:09 . 2008-11-21 00:10 d-------- c:\program files\aMSN
2008-11-18 07:04 . 2008-11-18 07:04 2,306,113 --a------ c:\windows\system32\GPhotos.scr
2008-11-14 16:24 . 2008-11-14 16:24 19,704 --ah----- c:\windows\system32\mlfcache.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-14 14:45 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\Skype
2008-12-14 13:09 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\skypePM
2008-12-11 14:17 101,776 ----a-w c:\windows\system32\drivers\cmdguard.sys
2008-12-11 14:13 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-12-08 15:48 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\FileZilla
2008-12-07 13:51 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\dvdcss
2008-12-04 11:24 --------- d-----w c:\program files\FileZilla FTP Client
2008-12-03 08:52 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-03 08:52 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-11-25 20:30 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\uTorrent
2008-11-24 14:39 --------- d-----w c:\program files\Zune
2008-11-22 06:51 31,504 ----a-w c:\windows\system32\drivers\cmdhlp.sys
2008-11-12 09:40 37,440 ----a-w c:\windows\system32\drivers\pssdklbf.drv
2008-11-12 09:40 30,272 ----a-w c:\windows\system32\drivers\pssdk31.drv
2008-11-12 06:52 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\vlc
2008-11-11 09:07 --------- d-----w c:\program files\Common Files\Adobe
2008-11-03 14:44 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\VoxOx
2008-11-03 13:57 --------- d-----w c:\program files\Audacity
2008-10-31 06:34 0 ---ha-w c:\windows\system32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf
2008-10-31 06:34 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2008-10-31 06:33 0 ---ha-w c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2008-10-31 06:21 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-10-31 06:21 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_zumbus_01007.Wdf
2008-10-24 12:19 --------- d-----w c:\program files\Bet24
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 18:37 --------- d-----w c:\program files\Search
2008-10-23 11:14 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\Windows Search
2008-10-23 11:10 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\Windows Desktop Search
2008-10-23 11:09 --------- d-----w c:\program files\Windows Desktop Search
2008-10-23 10:27 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-22 14:57 --------- d-----w c:\program files\Opera
2008-10-21 11:31 --------- d-----w c:\program files\Max Payne
2008-10-21 11:30 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-20 13:45 --------- d-----w c:\program files\DAEMON Tools Lite
2008-10-19 10:19 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-10-19 10:19 --------- d-----w c:\documents and settings\Tobiasjohansson\Application Data\DAEMON Tools
2008-09-25 09:19 720,896 ----a-w c:\windows\iun6002.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-12 774233]
"HControl"="c:\windows\ATK0100\HControl.exe" [2005-07-29 102400]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2008-07-22 278264]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2008-12-12 1797880]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-30 1261336]
"COMODO Internet Security"="c:\program files\COMODO\Firewall\cfp.exe" [2008-12-12 1797880]
"RTHDCPL"="RTHDCPL.EXE" [2007-11-06 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-10-11 c:\windows\SkyTel.exe]

c:\documents and settings\Tobiasjohansson\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-05-28 3450608]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-09-11 576104]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Aptana\\Aptana Studio\\jre\\bin\\javaw.exe"=
"c:\\Program Files\\Aptana\\Aptana Studio\\plugins\\com.aptana.ide.framework.jaxer.server.win32_1.1.7.015414\\jam\\jaxer\\JaxerManager.exe"=
"c:\\Program Files\\Adobe\\Flex Builder 3\\jre\\bin\\javaw.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\aMSN\\bin\\wish.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-10-04 97928]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-07-22 101776]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-07-22 31504]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-10-04 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-10-04 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-10-04 76040]
R2 NetProbe;NetProbe Packet Driver;c:\windows\system32\DRIVERS\netprobe.sys [2008-03-06 5365]
S3 PsSdk31;PsSdk31;\??\c:\windows\system32\Drivers\pssdk31.drv [2008-11-12 30272]
S3 PsSdkLBF;PsSdkLBF;\??\c:\windows\system32\Drivers\pssdklbf.drv [2008-11-12 37440]
.
Contents of the 'Scheduled Tasks' folder

2008-12-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-12-14 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\documents and settings\Tobiasjohansson\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-03 10:16]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.se/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Tobiasjohansson\Application Data\Mozilla\Firefox\Profiles\anujju8y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.se/
FF - plugin: c:\documents and settings\Tobiasjohansson\Local Settings\Application Data\Google\Update\1.2.131.27\npGoogleOneClick6.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-15 02:56:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PsSdk31]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdk31.drv"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PsSdkLBF]
"ImagePath"="\??\c:\windows\system32\Drivers\pssdklbf.drv"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(636)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\windows\system32\brss01a.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\COMODO\Firewall\cmdagent.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\ZuneBusEnum.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\ATK0100\ATKOSD.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
.
**************************************************************************
.
Completion time: 2008-12-15 3:01:23 - machine was rebooted [Tobiasjohansson]
ComboFix-quarantined-files.txt 2008-12-14 16:01:18
ComboFix2.txt 2008-12-14 15:23:01

Pre-Run: 79 901 003 776 bytes free
Post-Run: 79,884,124,160 bytes free

206 --- E O F --- 2008-12-12 11:26:35

My external drives seems to be fine now unless you can find any reminding malicious files in the log? If not, I'm gonna do a scan on all my drives with Malwarebytes and if it's clean I'll reformat my computer.

I can't thank you enough for all your help!

Okay.

Since this issue is resolved, this topic is closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a new topic for your questions.