ComboFix 09-11-24.02 - Owner 11/24/2009 20:55.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.766.334 [GMT -5:00]
Running from: c:\documents and settings\Owner\desktop\commy.exe
Command switches used :: /stepdel
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\progra~1\COMMON~1\{3C93E~1
c:\program files\Common Files\appatc~1
c:\program files\Common Files\asks~1
c:\program files\Common Files\curity~1
c:\program files\Common Files\racle~1
c:\program files\Common Files\scurit~1
c:\program files\Common Files\smante~1
c:\program files\Common Files\sstem~1
c:\program files\Common Files\sstem3~1
c:\program files\Common Files\stem~1
c:\program files\Common Files\tsks~1
c:\program files\Common Files\wnsxs~1
c:\program files\Common Files\ystem3~1
c:\program files\crosof~1
c:\program files\curity~1
c:\program files\fnts~1
c:\program files\icroso~1
c:\program files\smante~1
c:\program files\ymante~1
c:\windows\Downloaded Program Files\Quarantine
c:\windows\icroso~1.net
c:\windows\racle~1
c:\windows\smbols~1
c:\windows\system32\curity~1
c:\windows\system32\dobe~1
c:\windows\system32\mcroso~1.net
c:\windows\system32\racle~1
c:\windows\system32\smante~1
c:\windows\system32\ssembl~1
c:\windows\system32\sstem~1
c:\windows\system32\wnsxs~1
c:\windows\system32\ymbols~1
c:\windows\tsks~1
c:\windows\ystem~1
c:\windows\system32\0121mixed.bin
c:\windows\system32\stera.log
c:\windows\system32\threat448y.bin
c:\windows\system32\unsvchosts.lzma
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_COM+_MESSAGES
((((((((((((((((((((((((( Files Created from 2009-10-25 to 2009-11-25 )))))))))))))))))))))))))))))))
.
2009-11-24 16:13 . 2009-11-24 16:13 -------- d-----w- c:\windows\LastGood
2009-11-24 03:32 . 2009-11-24 03:32 -------- d-----w- c:\windows\system32\scripting
2009-11-24 03:32 . 2009-11-24 03:32 -------- d-----w- c:\windows\l2schemas
2009-11-24 03:32 . 2009-11-24 03:32 -------- d-----w- c:\windows\system32\en
2009-11-24 03:32 . 2009-11-24 03:32 -------- d-----w- c:\windows\system32\bits
2009-11-24 02:45 . 2009-11-24 02:45 -------- d-sh--w- c:\documents and settings\Owner\PrivacIE
2009-11-24 02:39 . 2009-11-24 02:39 -------- d-----w- c:\windows\system32\XPSViewer
2009-11-24 02:38 . 2009-11-24 02:38 -------- d-----w- c:\program files\MSBuild
2009-11-24 02:38 . 2009-11-24 02:38 -------- d-----w- c:\program files\Reference Assemblies
2009-11-24 02:37 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-11-24 02:37 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-11-24 02:37 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-11-24 02:37 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-11-24 02:37 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-11-24 02:37 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-11-24 02:37 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-11-24 02:37 . 2009-11-24 02:38 -------- d-----w- C:\47bfedc4c97f02d082e98f63d312c351
2009-11-24 02:36 . 2009-11-24 02:36 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-11-24 02:26 . 2009-11-24 02:26 -------- d-----w- c:\program files\MSXML 6.0
2009-11-24 02:19 . 2009-11-24 02:19 -------- d-sh--w- c:\documents and settings\Owner\IETldCache
2009-11-24 02:11 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-11-24 02:10 . 2009-11-24 02:10 -------- d-----w- c:\windows\ie8updates
2009-11-24 02:09 . 2009-08-29 08:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-11-24 02:09 . 2009-08-29 08:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-24 02:06 . 2009-11-24 02:08 -------- dc-h--w- c:\windows\ie8
2009-11-23 23:51 . 2009-11-23 23:51 152576 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-23 21:10 . 2008-04-14 00:12 69120 ------w- c:\windows\system32\wlanapi.dll
2009-11-23 21:10 . 2008-04-14 00:12 53248 ------w- c:\windows\system32\tsgqec.dll
2009-11-23 21:10 . 2008-04-14 00:12 50688 ------w- c:\windows\system32\tspkg.dll
2009-11-23 21:10 . 2008-04-14 00:12 32768 ------w- c:\windows\system32\setupn.exe
2009-11-23 21:10 . 2008-04-13 18:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-11-23 21:08 . 2008-04-14 00:12 33792 ------w- c:\windows\system32\mmcperf.exe
2009-11-23 21:08 . 2008-04-14 00:11 397312 ------w- c:\windows\system32\mmcex.dll
2009-11-23 21:08 . 2008-04-14 00:11 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll
2009-11-23 21:08 . 2008-04-14 00:11 106496 ------w- c:\windows\system32\mmcfxcommon.dll
2009-11-23 21:08 . 2008-04-14 00:11 37376 ------w- c:\windows\system32\l2gpstore.dll
2009-11-23 21:08 . 2008-04-14 00:11 61440 ------w- c:\windows\system32\kmsvc.dll
2009-11-23 21:08 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdpash.dll
2009-11-23 21:08 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdnepr.dll
2009-11-23 21:08 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdiultn.dll
2009-11-23 21:08 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdbhc.dll
2009-11-23 21:08 . 2008-04-14 00:11 81920 ------w- c:\windows\system32\ieencode.dll
2009-11-23 21:06 . 2008-04-14 00:11 136192 ------w- c:\windows\system32\aaclient.dll
2009-11-23 20:33 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-11-23 20:33 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-11-23 20:33 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-11-23 20:33 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-11-23 20:33 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-11-23 20:33 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-11-23 20:33 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-11-23 20:33 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-11-23 20:33 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-11-23 20:33 . 2009-08-04 15:13 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-11-23 20:33 . 2009-08-05 01:44 2189184 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-11-23 20:33 . 2009-08-04 14:20 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-11-23 20:30 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-11-23 20:30 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-11-23 20:30 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-11-23 20:29 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-11-23 20:28 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-11-23 20:28 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-11-23 17:47 . 2009-11-23 17:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-11-23 17:34 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-23 17:34 . 2009-11-23 20:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-23 17:34 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-23 16:58 . 2009-11-23 23:51 79488 ----a-w- c:\documents and settings\Owner\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-23 15:44 . 2009-11-23 15:44 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-11-23 15:43 . 2009-11-23 15:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-23 02:19 . 2009-11-23 20:06 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-11-23 02:18 . 2009-11-23 16:50 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-23 02:17 . 2009-11-23 02:18 -------- d-----w- c:\documents and settings\Owner\Application Data\GetRightToGo
2009-11-22 21:52 . 2009-11-22 21:53 -------- d-----w- c:\program files\Common Files\AlphaAntUninstall
2009-11-20 14:28 . 2009-11-11 17:58 877848 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.exe
2009-11-20 14:28 . 2009-11-11 17:58 1657112 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll
2009-11-15 18:44 . 2009-11-15 18:44 -------- d-----w- c:\documents and settings\All Users\Application Data\TomTom
2009-11-15 18:43 . 2009-11-15 18:43 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\TomTom
2009-11-15 18:43 . 2009-11-15 18:43 -------- d-----w- c:\documents and settings\Owner\Application Data\TomTom
2009-11-15 18:43 . 2009-11-15 18:43 -------- d-----w- c:\program files\TomTom International B.V
2009-11-15 18:42 . 2009-11-15 18:43 -------- d-----w- c:\program files\TomTom HOME 2
2009-11-15 18:41 . 2009-11-15 18:41 -------- d-----w- c:\program files\TomTom DesktopSuite
2009-11-12 13:42 . 2009-11-11 17:58 4026136 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgui.exe
2009-11-12 13:42 . 2009-11-11 17:58 2016536 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtray.exe
2009-11-12 13:42 . 2009-11-11 17:58 1257240 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2009-11-12 13:42 . 2009-11-12 13:40 3963648 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll
2009-11-12 13:42 . 2009-11-12 13:40 497944 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgchjwx.dll
2009-11-12 13:42 . 2009-11-11 17:58 600344 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgnsx.exe
2009-11-11 18:02 . 2009-10-16 17:12 1119488 ----a-w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar\IEToolbar.dll
2009-11-11 17:59 . 2009-11-13 02:13 -------- d-----w- C:\$AVG
2009-11-11 17:59 . 2009-11-11 17:59 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-11-11 17:59 . 2009-11-11 17:59 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-11 17:58 . 2009-11-11 17:58 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-11 17:58 . 2009-11-11 17:58 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-11 17:58 . 2009-11-24 23:52 -------- d-----w- c:\windows\system32\drivers\Avg
2009-11-11 17:58 . 2009-11-11 18:02 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-11-11 17:58 . 2009-11-11 17:58 -------- d-----w- c:\program files\AVG
2009-11-11 17:58 . 2009-11-11 17:58 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2009-11-11 17:57 . 2009-11-13 01:41 -------- d-----w- c:\windows\SxsCaPendDel
2009-11-11 17:31 . 2009-11-11 17:31 -------- d-----w- c:\windows\E80F62FF5D3C4A1984099721F2928206.TMP
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-25 01:22 . 2007-11-05 16:16 -------- d-----w- c:\program files\Lavasoft
2009-11-25 01:13 . 2005-04-05 00:26 -------- d--h--w- c:\program files\Dl_cats
2009-11-24 21:12 . 2009-03-07 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-24 21:07 . 2005-01-16 20:15 -------- d-----w- c:\documents and settings\Owner\Application Data\Corel
2009-11-24 03:38 . 2004-12-14 20:51 77423 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-11-24 00:26 . 2006-07-20 23:01 -------- d--h--w- c:\program files\Java
2009-11-11 17:39 . 2004-12-14 23:40 -------- d--h--w- c:\program files\Common Files\Symantec Shared
2009-11-11 17:38 . 2004-12-14 23:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-11-11 17:31 . 2006-09-14 14:49 -------- d-----w- c:\program files\Symantec
2009-11-10 01:59 . 2008-02-24 13:15 -------- d-----w- c:\program files\PerfectForm
2009-11-10 01:44 . 2005-04-17 20:23 -------- d-----w- c:\documents and settings\Owner\Application Data\MSN6
2009-10-28 17:34 . 2009-10-15 17:58 -------- d-----w- c:\documents and settings\Owner\Application Data\FrostWire
2009-10-15 18:03 . 2009-10-15 18:03 0 ----a-w- c:\documents and settings\Owner\Application Data\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe
2009-10-11 09:17 . 2009-07-03 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-08 16:00 . 2009-10-08 16:00 49460 ---ha-w- c:\windows\system32\mlfcache.dat
2009-10-08 15:58 . 2007-05-25 15:21 -------- d-----w- c:\documents and settings\Owner\Application Data\Apple Computer
2009-10-03 13:33 . 2009-10-03 13:31 -------- d-----w- c:\program files\iTunes
2009-10-03 13:33 . 2009-10-03 13:31 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-03 13:31 . 2009-10-03 13:31 -------- d-----w- c:\program files\iPod
2009-10-03 13:31 . 2009-06-15 23:30 -------- d-----w- c:\program files\Common Files\Apple
2009-10-03 13:20 . 2009-10-03 13:20 -------- d-----w- c:\program files\QuickTime
2009-10-03 13:11 . 2009-10-03 13:11 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.1.8\SetupAdmin.exe
2009-09-30 02:33 . 2009-09-30 02:33 -------- d-----w- c:\program files\Microsoft
2009-09-30 02:33 . 2009-09-30 02:32 -------- d-----w- c:\program files\Windows Live
2009-09-30 02:32 . 2009-09-30 02:32 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-30 02:29 . 2009-09-30 02:29 -------- d-----w- c:\program files\Common Files\Windows Live
2009-09-11 14:18 . 2002-06-25 21:42 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2002-06-25 21:41 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08 . 2002-03-05 13:56 916480 ----a-w- c:\windows\system32\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-10-16 17:12 1119488 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-10-16 1119488]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-23 39408]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-10-19 155648]
"Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2004-11-10 290816]
"DLBTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-09 69632]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-11-12 2020120]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SRUUninstall"="c:\windows\system32\msiexec.exe" [2008-04-14 78848]
c:\documents and settings\Owner\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2005-7-22 151552]
Kodak software updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-2-13 16423]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-11 17:59 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"%windir%\\system32\\sessmgr.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11/11/2009 12:58 PM 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11/11/2009 12:59 PM 360584]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [11/11/2009 12:58 PM 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [11/11/2009 12:58 PM 285392]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [1/28/2009 11:11 PM 13088]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [8/27/2009 10:05 AM 92008]
R3 AON325;AOpen AON-325 10/100M Fast Ethernet PCI Adapter Driver;c:\windows\system32\drivers\AON325.sys [1/22/2003 2:19 AM 46976]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S3 ADM8511;Belkin USB Ethernet Adapter;c:\windows\system32\drivers\NET8511.SYS [12/14/2004 6:55 PM 24424]
S3 Bulk503;Chameleon Mega Digital Camera;c:\windows\system32\drivers\Bulk503.sys [4/4/2005 7:43 PM 10599]
S3 DSB650TX;D-Link DSB-650TX USB 10/100 Ethernet Adapter;c:\windows\system32\drivers\DSB650TX.sys [7/17/2005 3:45 PM 26958]
S3 ISO503;Chameleon Mega Video Camera;c:\windows\system32\drivers\ISO503.SYS [4/4/2005 7:42 PM 526885]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]
.
Contents of the 'Scheduled Tasks' folder
2009-11-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab.
- - - - ORPHANS REMOVED - - - -
BHO-{11BDDD30-42F6-6E2A-A53D-6FE34C92FDE2} - (no file)
BHO-{C6013A4E-A1DF-DD59-D97A-8BADA89429B6} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-AlphaAnt - c:\program files\AlphaAnt\alpha.exe
HKU-Default-Run-Symantec NetDriver Warning - c:\progra~1\SYMNET~1\SNDWarn.exe
AddRemove-BCM V.92 56K Modem - c:\windows\BCMSMU.exe quiet
AddRemove-HijackThis - c:\documents and settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\BHNWM5XE\HijackThis.exe
AddRemove-MeetInfoRoad - c:\docume~1\Owner\APPLIC~1\drawhelp\OnceRegs.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-11-24 21:15
Windows 5.1.2600 Service Pack 3 NTFS
scanning hȋdden processes ...
scanning hȋdden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLBTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hȋdden files ...
scan completed successfully
hȋdden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(4052)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.EXE
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\Dell Photo AIO Printer 922\dlbtbmon.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-11-24 21:27 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-25 02:27
Pre-Run: 24,503,586,816 bytes free
Post-Run: 24,923,377,664 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect
- - End Of File - - 64CC11F7519D533657EFA3FF735EC742
This is log let me know what to do next. Thank you.