Thank you for your assistance! Here's the log...
ComboFix 09-12-01.01 - Karla 12/01/2009 20:01.1.2 - x86
Running from: c:\documents and settings\Karla\desktop\commy.exe
Command switches used :: /stepdel
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Jeff\Application Data\alot
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\windows\giforakiz.reg
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\uqebyf.bat
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
c:\documents and settings\All Users\Application Data\ozicevisam.vbs
c:\documents and settings\All Users\Documents\uxajysi.vbs
c:\documents and settings\Jeff\Local Settings\Temporary Internet Files\obyro._sy
c:\windows\cijib._sy
c:\windows\kb913800.exe
c:\windows\system32\2751681031.dat
c:\windows\system32\bszip.dll
c:\windows\system32\Ijl11.dll
Infected copy of c:\windows\system32\DRIVERS\atapi.sys was found and disinfected
Restored copy from - Kitty ate it :p
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_npf
((((((((((((((((((((((((( Files Created from 2009-11-02 to 2009-12-02 )))))))))))))))))))))))))))))))
.
2009-12-01 01:52 . 2009-12-01 01:52 -------- d-----w- c:\documents and settings\Karla\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-11-30 21:32 . 2009-11-30 21:32 -------- d-----w- c:\documents and settings\Jeff\Application Data\Malwarebytes
2009-11-30 21:26 . 2009-11-30 21:26 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2009-11-30 21:26 . 2009-11-30 21:26 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Threat Expert
2009-11-30 20:16 . 2009-10-10 07:07 38208 ----a-w- c:\documents and settings\Karla\Application Data\Macromedia\Flash Player\
www.macromedia.com\bin\airappinstaller\airappinstaller.exe2009-11-30 20:16 . 2009-11-30 20:16 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-11-30 20:14 . 2009-11-30 20:14 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-11-30 20:13 . 2009-11-30 21:08 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-30 17:59 . 2009-11-30 17:59 152576 ----a-w- c:\documents and settings\Karla\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-30 17:10 . 2009-11-30 17:10 -------- d-----w- c:\documents and settings\Karla\Application Data\Malwarebytes
2009-11-30 17:09 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-30 17:09 . 2009-11-30 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-30 17:09 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-30 17:09 . 2009-11-30 17:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-30 12:14 . 2009-11-30 12:14 -------- d-----w- c:\documents and settings\Karla\Local Settings\Application Data\Threat Expert
2009-11-29 23:35 . 2009-11-29 23:35 -------- d-----w- c:\documents and settings\Jeff\Local Settings\Application Data\Threat Expert
2009-11-29 23:11 . 2009-10-08 17:31 149456 ----a-w- c:\windows\SGDetectionTool.dll
2009-11-29 23:11 . 2009-10-08 17:31 165840 ----a-w- c:\windows\PCTBDRes.dll
2009-11-29 23:11 . 2009-10-08 17:31 1636304 ----a-w- c:\windows\PCTBDCore.dll
2009-11-29 23:11 . 2009-10-08 17:31 767952 ----a-w- c:\windows\BDTSupport.dll
2009-11-29 23:11 . 2009-10-02 20:19 1152470 ----a-w- c:\windows\UDB.zip
2009-11-29 23:11 . 2008-11-26 18:08 131 ----a-w- c:\windows\IDB.zip
2009-11-29 22:47 . 2009-09-24 14:55 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-11-29 22:46 . 2009-10-06 22:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-11-29 22:46 . 2009-09-23 22:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-11-29 22:46 . 2009-09-03 15:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-11-29 22:46 . 2009-12-02 02:27 -------- d-----w- c:\program files\Spyware Doctor
2009-11-29 22:46 . 2009-11-29 23:12 -------- d-----w- c:\program files\Common Files\PC Tools
2009-11-29 22:46 . 2009-11-29 22:46 -------- d-----w- c:\documents and settings\Jeff\Application Data\PC Tools
2009-11-29 22:46 . 2009-11-29 22:46 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2009-11-29 22:45 . 2009-12-02 02:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-29 21:04 . 2009-11-29 21:04 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-11-24 20:50 . 2009-11-24 20:50 -------- d-sh--w- c:\documents and settings\Karla\IECompatCache
2009-11-22 23:05 . 2009-11-22 23:06 -------- d-----w- c:\program files\QuickTime
2009-11-20 16:54 . 2009-11-30 17:59 79488 ----a-w- c:\documents and settings\Karla\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-20 07:15 . 2009-11-30 09:05 79488 ----a-w- c:\documents and settings\Jeff\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-30 20:19 . 2006-07-08 04:23 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-30 18:01 . 2006-06-30 15:31 -------- d-----w- c:\program files\Java
2009-11-24 04:03 . 2006-07-06 22:52 -------- d-----w- c:\program files\Dl_cats
2009-11-22 23:23 . 2009-09-13 17:37 -------- d-----w- c:\program files\iPod
2009-11-22 23:23 . 2008-10-03 19:12 -------- d-----w- c:\program files\iTunes
2009-11-21 00:22 . 2006-07-08 04:23 -------- d-----w- c:\documents and settings\Karla\Application Data\AdobeUM
2009-11-19 19:30 . 2009-06-30 00:10 -------- d-----w- c:\program files\McAfee
2009-10-22 13:50 . 2006-07-07 00:46 76104 -c--a-w- c:\documents and settings\Jeff\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-12 18:13 . 2006-07-09 04:11 76104 -c--a-w- c:\documents and settings\Karla\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-11 23:59 . 2005-08-16 09:41 89143 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-11 10:17 . 2009-06-10 18:40 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-29 18:49 . 2009-07-25 21:12 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-16 15:22 . 2009-06-30 00:11 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-09-16 15:22 . 2009-06-30 00:11 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-09-16 15:22 . 2009-06-30 00:11 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-09-16 15:22 . 2009-05-14 04:25 214664 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2009-09-16 15:22 . 2009-06-30 00:04 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-09-13 17:14 . 2009-09-13 17:14 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.0.70\SetupAdmin.exe
2009-09-11 14:18 . 2005-08-16 09:18 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2005-08-16 09:18 58880 ----a-w- c:\windows\system32\msasn1.dll
2008-11-08 17:51 . 2008-11-08 17:51 13853 -c--a-w- c:\program files\Common Files\awyloqup._sy
2008-11-08 17:51 . 2008-11-08 17:51 12052 -c--a-w- c:\program files\Common Files\vyrepiwud.lib
2006-08-07 02:55 . 2006-08-07 02:55 251 -c--a-w- c:\program files\wt3d.ini
2009-03-02 21:42 . 2006-12-14 01:10 88 -csh--r- c:\windows\system32\9A2DE05CD7.sys
2009-03-02 21:42 . 2006-12-14 01:10 4182 -csha-w- c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-10 20480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe runtime -Delay" [X]
"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-09-13 73728]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-08 1176808]
"McPvTray"="c:\program files\McAfee\Anti-Theft\McPvTray.exe" [2008-05-28 655360]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-25 198160]
"YMailAdvisor"="c:\program files\Yahoo!\Common\YMailAdvisor.exe" [2008-06-05 125208]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"dlccmon.exe"="c:\program files\Dell Photo AIO Printer 924\dlccmon.exe" [2005-10-21 430080]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-14 29744]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-10 49152]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-09 305440]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-09-22 1243088]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"zMouHk"="mMouHk.exe" - c:\windows\mMouHk.exe [2005-10-28 329216]
"Showwnd"="showwnd.exe" - c:\windows\ShowWnd.exe [2003-09-19 36864]
"ledpointer"="CNYHKey.exe" - c:\windows\CNYHKey.exe [2005-09-30 5585408]
"CHotkey"="mHotkey.exe" - c:\windows\mHotkey.exe [2004-12-08 550912]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2006-03-24 282624]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-6-30 24576]
HotSync Manager.lnk - c:\program files\Palm\Hotsync.exe [2004-6-9 471040]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2006-6-7 180224]
Kodak software updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-2-13 16423]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2007-11-6 815104]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-5-3 81920]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2006\\QBDBMgrN.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Palm\\Hotsync.exe"=
"c:\\Program Files\\Palm\\QuickInstall.exe"=
"c:\\Program Files\\Outlook Express\\msimn.exe"=
"c:\\Program Files\\Palm\\VMailWiz3.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 McPvDrv;McPvDrv;c:\windows\system32\drivers\McPvDrv.sys [5/28/2008 8:32 AM 61688]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [11/29/2009 4:46 PM 207280]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [11/29/2009 5:11 PM 112592]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [6/29/2009 6:14 PM 210216]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [11/29/2009 5:10 PM 358600]
S2 McAfeeLmHosts;McAfee SiteAdvisor Service McAfeeLmHosts;c:\windows\system32\adsldpu.exe srv --> c:\windows\system32\adsldpu.exe srv [?]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [6/30/2006 9:56 AM 29744]
--- Other Services/Drivers In Memory ---
*Deregistered* - PCTSDInjDriver32
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
Contents of the 'Scheduled Tasks' folder
2009-11-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 17:34]
2009-06-30 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-30 17:22]
2009-12-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-30 17:22]
2009-12-02 c:\windows\Tasks\User_Feed_Synchronization-{3538BF7F-F25F-48F2-B71A-A48FAB518D05}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://my.yahoo.com/uInternet Settings,ProxyOverride = *.local
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HijackThis - c:\documents and settings\Karla\Local Settings\Temporary Internet Files\Content.IE5\FBJW6HEO\HijackThis.exe
AddRemove-LyricsSeeker plugins - c:\program files\LyricsSeeker\uninst.exe
AddRemove-RealPlayer 12.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-12-01 20:31
Windows 5.1.2600 Service Pack 3 NTFS
scanning hȋdden processes ...
scanning hȋdden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hȋdden files ...
scan completed successfully
hȋdden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-594733795-137160479-323698647-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b6,8e,ed,1d,fb,e9,29,19,d9,8b,3f,b9,86,93,5a,e7,35,34,3b,04,85,8b,03,
3e,67,83,e8,84,1d,e8,7c,a5,46,31,e1,62,9f,b8,d5,8d,1f,cd,e2,31,41,56,1c,e0,\
"??"=hex:47,56,a9,dc,ab,3c,fe,05,fb,2b,d4,e0,94,1b,0d,56
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(600)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(5776)
c:\windows\system32\WININET.dll
c:\program files\Spyware Doctor\pctgmhk.dll
c:\docume~1\Karla\LOCALS~1\Temp\IadHide5.dll
c:\program files\McAfee\SiteAdvisor\saHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKeeper.exe
c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\progra~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\progra~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\progra~1\McAfee\VIRUSS~1\mcshield.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\McAfee\MPF\MPFSrv.exe
c:\program files\McAfee\MSK\MskSrver.exe
c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Spyware Doctor\pctsSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\progra~1\mcafee.com\agent\mcagent.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\ATI Technologies\ATI.ACE\cli.exe
c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\ATI Technologies\ATI.ACE\cli.exe
c:\windows\system32\dlcccoms.exe
c:\progra~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\dllhost.exe
.
**************************************************************************
.
Completion time: 2009-12-01 20:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-02 02:45
Pre-Run: 43,704,590,336 bytes free
Post-Run: 43,817,807,872 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
- - End Of File - - 2D07D8DA535484871BC3A7EFB0EE1066