SWEET! I think it might be fȋxed well at least one problem I can download stuff from microsoft now! AND Sign into MSN! But I still get the Error starting on demand scanner error when I try to scan. Possibly a re-install would fix this? Oh here are the logs:
ComboFix 09-10-07.05 - Alan 10/08/2009 20:36.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2927.2256 [GMT -4:00]
Running from: c:\documents and settings\Alan\Desktop\Combo-Fix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\install.exe
C:\ProgramFiles
c:\programfiles\zipitpro\zShellAD.dll
c:\windows\msa.exe
c:\windows\win32k.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_gxvxcserv.sys
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}
-------\Service_gxvxcserv.sys
((((((((((((((((((((((((( Files Created from 2009-09-09 to 2009-10-09 )))))))))))))))))))))))))))))))
.
2009-10-09 00:14 . 2009-10-09 00:14 -------- d-----w- c:\documents and settings\Alan\Application Data\Malwarebytes
2009-10-09 00:14 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-09 00:14 . 2009-10-09 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-09 00:14 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-09 00:14 . 2009-10-09 00:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-08 17:56 . 2009-10-08 17:56 -------- d-----w- c:\windows\LastGood.Tmp
2009-10-07 01:17 . 2009-10-07 01:17 -------- d-----w- c:\documents and settings\Alan\Local Settings\Application Data\Temp
2009-09-26 18:09 . 2009-09-26 18:09 -------- d-----w- c:\windows\system32\Adobe
2009-09-25 22:20 . 2009-09-25 22:20 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-09-23 23:11 . 2009-09-23 23:11 -------- d-----w- c:\documents and settings\Alan\Local Settings\Application Data\Matt_Provenzale
2009-09-23 23:11 . 2009-09-23 23:11 -------- d-----w- c:\program files\iDesigner
2009-09-22 22:40 . 2009-09-22 22:40 -------- d-----w- c:\documents and settings\LocalService\Application Data\Xfire
2009-09-19 18:43 . 2009-09-29 21:33 -------- d-----w- c:\documents and settings\Alan\Application Data\uTorrent
2009-09-19 18:43 . 2009-09-19 19:04 -------- d-----w- c:\program files\UTorrent
2009-09-14 22:06 . 2009-09-25 14:22 -------- d-----w- c:\documents and settings\Alan\Application Data\FireShot
2009-09-14 20:35 . 2009-09-14 20:37 -------- d-----w- c:\program files\GuildWars
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-08 17:56 . 2009-06-07 04:56 -------- d-----w- c:\program files\McAfee
2009-10-07 21:48 . 2009-04-25 12:43 -------- d-s---w- c:\program files\Xfire
2009-10-07 02:25 . 2008-12-07 20:14 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-07 02:25 . 2009-08-19 21:21 -------- d-----w- c:\program files\Java
2009-10-07 02:25 . 2009-10-07 02:25 0 ----a-w- c:\windows\system32\REN795.tmp
2009-10-07 02:25 . 2009-10-07 02:25 0 ----a-w- c:\windows\system32\REN794.tmp
2009-10-07 02:25 . 2009-10-07 02:25 0 ----a-w- c:\windows\system32\REN793.tmp
2009-09-29 21:26 . 2009-04-25 12:43 -------- d-----w- c:\documents and settings\Alan\Application Data\Xfire
2009-09-28 22:12 . 2008-11-02 16:33 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-28 22:12 . 2008-11-02 16:33 1100 ----a-w- c:\windows\system32\d3d8caps.dat
2009-09-27 16:44 . 2008-11-16 04:40 139152 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-09-27 16:44 . 2008-11-16 04:40 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-09-07 14:12 . 2009-08-08 01:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-08-29 02:47 . 2009-03-15 14:14 -------- d-----w- c:\documents and settings\Alan\Application Data\Hamachi
2009-08-25 02:31 . 2008-12-07 20:15 34 -c--a-w- c:\documents and settings\Alan\jagex_runescape_preferences.dat
2009-08-25 02:22 . 2009-08-25 02:22 -------- d-----w- c:\program files\TightVNC
2009-08-19 21:57 . 2009-08-19 21:57 0 ----a-w- c:\windows\system32\RENC57.tmp
2009-08-19 21:57 . 2009-08-19 21:57 0 ----a-w- c:\windows\system32\RENC56.tmp
2009-08-19 21:57 . 2009-08-19 21:57 0 ----a-w- c:\windows\system32\RENC55.tmp
2009-08-19 21:24 . 2009-05-09 19:42 -------- d-----w- c:\program files\JavaFX
2009-08-19 21:23 . 2009-08-19 21:23 -------- d-----w- c:\program files\Sun
2009-08-16 20:23 . 2008-11-06 05:05 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore
2009-08-14 09:22 . 2009-08-07 01:28 -------- d-----w- c:\program files\Circl Developement
2009-08-14 00:43 . 2009-07-24 00:24 -------- d-----w- c:\documents and settings\Alan\Application Data\Apple Computer
2009-08-13 15:06 . 2009-08-13 15:06 -------- d-----w- c:\documents and settings\Alan\Application Data\RealVNC
2009-08-13 14:55 . 2009-08-13 14:55 -------- d-----w- c:\program files\RealVNC
2009-08-13 14:33 . 2009-08-13 14:33 -------- d-----w- c:\program files\UltraVNC
2009-08-12 16:10 . 2009-04-25 02:07 -------- d-----w- c:\program files\Lunia
2009-07-29 22:07 . 2008-11-16 04:40 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-07-25 04:21 . 2009-08-13 14:55 26624 ----a-w- c:\windows\system32\VNCpm.dll
2009-07-25 04:21 . 2009-08-13 14:55 4608 ----a-w- c:\windows\system32\drivers\vncmirror.sys
2009-07-25 04:21 . 2009-08-13 14:55 20992 ----a-w- c:\windows\system32\vncmirror.dll
2009-07-21 06:52 . 2009-07-21 06:52 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-21 06:52 . 2009-07-21 06:52 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-16 16:32 . 2009-06-07 04:57 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-07-13 14:01 . 2008-10-21 02:54 70256 ----a-w- c:\documents and settings\Alan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
------- Sigcheck -------
[7] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
c:\windows\system32\eventlog.dll ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Alan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-10-07 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13574144]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-10 645328]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-08 1176808]
"Recordpad"="c:\program files\NCH Swift Sound\Recordpad\recordpad.exe" [2009-06-17 876548]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-09 515416]
"McAfee Backup"="c:\program files\McAfee\MBK\McAfeeDataBackup.exe" [2009-07-09 5134864]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-07 149280]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-27 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^Alan^Start Menu^Programs^Startup^Xfire.lnk]
path=c:\documents and settings\Alan\Start Menu\Programs\Startup\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Snagit 9.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Snagit 9.lnk
backup=c:\windows\pss\Snagit 9.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\UTorrent\\utorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57640:TCP"= 57640:TCP:*:Disabled:Pando Media Booster
"57640:UDP"= 57640:UDP:*:Disabled:Pando Media Booster
"56630:TCP"= 56630:TCP:*:Disabled:Pando Media Booster
"56630:UDP"= 56630:UDP:*:Disabled:Pando Media Booster
"56494:TCP"= 56494:TCP:*:Disabled:Pando Media Booster
"56494:UDP"= 56494:UDP:*:Disabled:Pando Media Booster
"86:TCP"= 86:TCP:BroadCam Web Server
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 JAHCI;JAHCI;c:\windows\system32\drivers\JAHCI.sys [11/5/2008 8:53 PM 33280]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [7/24/2009 9:48 AM 64160]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [3/13/2009 4:46 PM 55152]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 3:06 PM 951632]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [6/7/2009 12:59 AM 210216]
R2 vnccom;vnccom;c:\windows\system32\drivers\vnccom.SYS [8/13/2009 10:34 AM 6016]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [7/23/2009 8:28 PM 28672]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [10/20/2008 10:11 PM 28672]
S2 0230211255024606mcinstcleanup;McAfee Application Installer Cleanup (0230211255024606);c:\windows\TEMP\023021~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\windows\TEMP\023021~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S3 BroadCamService;BroadCam Service;c:\program files\NCH Software\BroadCam\broadCam.exe [6/16/2009 9:27 PM 368644]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2/6/2009 6:08 PM 533360]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 8:28 PM 47128]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [9/23/2005 8:01 AM 2799808]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [7/10/2008 2:49 AM 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [7/10/2008 8:28 PM 369688]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - 0230211255024606MCINSTCLEANUP
.
Contents of the 'Scheduled Tasks' folder
2009-10-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 19:06]
2009-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-1482476501-1417001333-1003Core.job
- c:\documents and settings\Alan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-07 01:17]
2009-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-1482476501-1417001333-1003UA.job
- c:\documents and settings\Alan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-07 01:17]
2009-09-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-07 01:26]
2009-10-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-07 01:26]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/uInternet Settings,ProxyOverride = *.local
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
FF - ProfilePath - c:\documents and settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage -
hxxp://www.bing.com/FF - component: c:\documents and settings\Alan\Application Data\Mozilla\Firefox\Profiles\5mxin21v.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\Alan\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKCU-Run-AdobeBridge - (no file)
AddRemove-HijackThis - c:\documents and settings\Alan\Desktop\HijackThis.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-10-08 20:42
Windows 5.1.2600 Service Pack 3 NTFS
scanning hȋdden processes ...
scanning hȋdden autostart entries ...
scanning hȋdden files ...
scan completed successfully
hȋdden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-117609710-1482476501-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{451F5D46-2CC5-C0F4-80F5-316E1AD9092E}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abpgcnpphapbhpjehbfianjoijolifkeca"=hex:61,61,00,00
"bbpgcnpphapbhpjehbaibnendnkfenaijdnp"=hex:61,61,00,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(756)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(3096)
c:\program files\McAfee\SiteAdvisor\saHook.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\progra~1\COMMON~1\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\searchindexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-10-09 20:50 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-09 00:50
Pre-Run: 134,618,009,600 bytes free
Post-Run: 134,897,750,016 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
278 --- E O F --- 2009-05-13 07:02