ComboFix 11-06-12.01 - Owner 06/12/2011 23:15:49.2.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1519.1039 [GMT -6:00]
Running from: c:\program files\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\17096484.exe
c:\documents and settings\All Users\Application Data\FcfOwmsgtCRNpxt.exe
c:\documents and settings\All Users\Application Data\nvvsvc.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SVRWSC
-------\Service_SvrWsc
.
.
((((((((((((((((((((((((( Files Created from 2011-05-13 to 2011-06-13 )))))))))))))))))))))))))))))))
.
.
2011-06-13 05:13 . 2011-06-13 05:13 4120455 ------r- c:\program files\ComboFix.exe
2011-06-12 03:08 . 2011-06-12 03:08 -------- d-----w- c:\program files\SystemRequirementsLab
2011-06-12 03:08 . 2011-06-12 03:08 -------- d--h--w- c:\documents and settings\Owner\Application Data\SystemRequirementsLab
2011-06-09 23:49 . 2011-06-09 23:49 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1986-12.com.adobe
2011-06-09 23:37 . 2011-06-09 23:47 -------- d-----w- c:\program files\Common Files\Adobe
2011-06-09 22:59 . 2011-06-09 23:36 -------- d-----w- c:\documents and settings\Adobe Photoshop CS5.1
2011-06-09 22:58 . 2011-06-09 22:58 -------- d--h--w- c:\documents and settings\Owner\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
2011-06-09 22:58 . 2011-06-09 22:58 -------- d-----w- c:\program files\Adobe Download Assistant
2011-06-09 22:58 . 2011-06-09 22:58 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-06-09 03:11 . 2011-06-09 03:11 -------- d-s---w- c:\documents and settings\LocalService\UserData
2011-06-09 02:21 . 2011-06-09 05:56 -------- d-----w- c:\program files\Crawler
2011-06-09 02:21 . 2011-06-09 02:21 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-06-09 02:21 . 2011-06-09 02:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2011-06-09 02:21 . 2011-06-09 02:21 -------- d-----w- c:\program files\Spyware Terminator
2011-06-09 02:00 . 2011-05-29 15:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-09 01:50 . 2011-06-09 01:50 170 ---ha-w- c:\documents and settings\Owner\Application Data\QreSDGLt.bat
2011-06-09 01:38 . 2011-06-09 01:38 -------- d-s---w- c:\documents and settings\NetworkService\UserData
2011-06-09 01:36 . 2011-06-09 05:47 -------- d-----w- c:\program files\QuestScan
2011-06-09 01:36 . 2011-06-09 03:13 -------- d-----w- c:\documents and settings\All Users\Application Data\QuestScan
2011-06-09 01:25 . 2011-06-09 01:25 -------- d-----w- c:\documents and settings\Administrator
2011-06-09 00:50 . 2011-06-09 09:24 -------- d-----w- c:\program files\Diablo II
2011-06-09 00:29 . 2011-06-09 00:29 0 ----a-w- c:\windows\Dxukeyibewe.bin
2011-06-09 00:27 . 2011-06-09 00:27 102400 --sha-r- c:\windows\system32\version4.dll
2011-06-09 00:27 . 2011-06-09 00:27 102400 --sha-r- c:\windows\system32\msvfw324.dll
2011-06-09 00:27 . 2011-06-09 00:27 102400 --sha-r- c:\windows\system32\l_excepti.dll
2011-06-09 00:20 . 2011-06-09 00:23 -------- d--h--w- c:\documents and settings\Owner\Application Data\AVG
2011-06-08 23:44 . 2011-06-08 23:44 -------- d-----w- c:\windows\system32\wbem\Repository
2011-06-08 22:25 . 2011-06-08 22:25 -------- d-----w- C:$AVG
2011-06-08 22:02 . 2011-06-08 22:02 -------- d--h--w- c:\documents and settings\Owner\Local Settings\Application Data\AVG Security Toolbar
2011-06-08 21:55 . 2011-06-08 21:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Common Files
2011-06-08 21:53 . 2011-06-08 23:43 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2011-06-08 21:53 . 2011-06-08 22:02 -------- d-----w- c:\windows\system32\drivers\AVG
2011-06-08 20:16 . 2011-06-08 20:16 -------- d-----w- c:\program files\Uniblue
2011-06-08 07:57 . 2011-06-08 08:02 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-06-08 07:56 . 2011-06-08 18:45 -------- d--h--w- c:\documents and settings\Owner\Application Data\DAEMON Tools Lite
2011-06-08 07:56 . 2011-06-08 07:56 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2011-06-08 05:36 . 2008-07-31 16:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-06-08 05:36 . 2008-07-31 16:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-06-08 05:36 . 2008-07-12 14:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2011-06-08 05:36 . 2008-07-12 14:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2011-06-08 05:36 . 2008-07-12 14:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-06-08 05:36 . 2011-06-08 05:36 -------- d-----w- c:\windows\Logs
2011-06-08 05:14 . 2011-06-08 05:19 -------- d--h--w- c:\documents and settings\Owner\Application Data\Ventrilo
2011-06-08 04:56 . 2011-06-08 06:59 -------- d--h--w- c:\documents and settings\Owner\Local Settings\Application Data\PMB Files
2011-06-08 04:56 . 2011-06-08 06:59 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2011-06-08 04:55 . 2011-06-08 04:55 -------- d-----w- c:\program files\Pando Networks
2011-06-08 03:59 . 2011-06-08 03:59 -------- d--h--w- c:\documents and settings\Owner\Local Settings\Application Data\Mozilla
2011-06-08 03:47 . 2011-06-08 03:47 -------- d--h--w- c:\documents and settings\Owner\Application Data\Malwarebytes
2011-06-08 03:46 . 2011-06-08 03:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-06-08 03:46 . 2011-06-09 02:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-09 01:15 . 2010-04-29 02:05 21840 -c--atw- c:\windows\system32\SIntfNT.dll
2011-06-09 01:15 . 2010-04-29 02:05 17212 -c--atw- c:\windows\system32\SIntf32.dll
2011-06-09 01:15 . 2010-04-29 02:05 12067 ----atw- c:\windows\system32\SIntf16.dll
2011-04-14 16:26 . 2011-06-08 03:59 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-09_02.46.27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-27 01:07 . 2009-06-27 01:07 59712 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90rus.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 42816 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90kor.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 43328 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90jpn.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 61248 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90ita.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 62784 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90fra.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90esp.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90esn.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90enu.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90deu.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 36672 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90cht.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_15fb92d3\mfc90chs.dll
+ 2009-06-27 01:10 . 2009-06-27 01:10 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfcm90u.dll
+ 2009-06-27 01:10 . 2009-06-27 01:10 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfcm90.dll
+ 2011-06-13 05:22 . 2011-06-13 05:22 16384 c:\windows\temp\Perflib_Perfdata_69c.dat
- 2004-08-04 12:00 . 2011-06-09 01:29 68156 c:\windows\system32\perfc009.dat
+ 2004-08-04 12:00 . 2011-06-09 02:47 68156 c:\windows\system32\perfc009.dat
+ 2011-06-13 04:55 . 2011-06-13 04:56 31752 c:\windows\system32\GDIPFONTCACHEV1.DAT
+ 2010-01-18 00:07 . 2011-06-13 04:57 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-18 00:07 . 2010-11-19 03:27 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-18 00:07 . 2011-06-13 04:57 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-01-18 00:07 . 2010-11-18 21:04 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-06-13 04:48 . 2011-06-13 04:57 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-01-18 00:07 . 2010-11-18 21:04 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-06-09 23:44 . 2011-06-09 23:44 29184 c:\windows\Installer\338447b.msi
+ 2011-06-12 03:08 . 2011-06-12 03:08 30208 c:\windows\Installer\327eabc.msi
+ 2011-06-09 22:58 . 2011-06-09 22:58 21504 c:\windows\Installer\31077d3.msi
+ 2011-06-09 22:58 . 2011-06-09 22:58 28160 c:\windows\Installer\31077ce.msi
+ 2011-06-09 23:41 . 2011-06-09 23:41 10134 c:\windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
+ 2011-06-09 23:42 . 2011-06-09 23:42 10134 c:\windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
+ 2011-06-09 23:42 . 2011-06-09 23:42 10134 c:\windows\Installer\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}\ARPPRODUCTICON.exe
+ 2011-06-09 23:41 . 2011-06-09 23:41 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
+ 2011-06-09 23:42 . 2011-06-09 23:42 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
+ 2011-06-09 23:45 . 2011-06-09 23:45 10134 c:\windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}\ARPPRODUCTICON.exe
+ 2011-06-09 23:41 . 2011-06-09 23:41 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
+ 2011-06-09 23:42 . 2011-06-09 23:42 10134 c:\windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 33847 c:\windows\Drivers\Intel\Graphics\wa301b.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 33847 c:\windows\Drivers\Intel\Graphics\wa301a.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 21045 c:\windows\Drivers\Intel\Graphics\Vch.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 69632 c:\windows\Drivers\Intel\Graphics\oemdspif.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 94208 c:\windows\Drivers\Intel\Graphics\igfxext.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 32768 c:\windows\Drivers\Intel\Graphics\igfxexps.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 86016 c:\windows\Drivers\Intel\Graphics\igfxdo.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 45056 c:\windows\Drivers\Intel\Graphics\igfxdgps.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 36927 c:\windows\Drivers\Intel\Graphics\ialmrnt5.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 94267 c:\windows\Drivers\Intel\Graphics\ialmrem.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 95579 c:\windows\Drivers\Intel\Graphics\ialmnt5.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 99002 c:\windows\Drivers\Intel\Graphics\ialmkchw.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 65536 c:\windows\Drivers\Intel\Graphics\ialmcoin.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 11319 c:\windows\Drivers\Intel\Graphics\a314.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 37431 c:\windows\Drivers\Intel\Graphics\a313.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 33335 c:\windows\Drivers\Intel\Graphics\a311.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 33335 c:\windows\Drivers\Intel\Graphics\a310.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 26167 c:\windows\Drivers\Intel\Graphics\a309.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 11319 c:\windows\Drivers\Intel\Graphics\a308.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 21559 c:\windows\Drivers\Intel\Graphics\a307.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 16951 c:\windows\Drivers\Intel\Graphics\a306.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 12855 c:\windows\Drivers\Intel\Graphics\a305.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 46647 c:\windows\Drivers\Intel\Graphics\a304.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 29751 c:\windows\Drivers\Intel\Graphics\a303.sys
+ 2011-06-12 03:19 . 2004-01-30 02:12 11831 c:\windows\Drivers\Intel\Graphics\a302.sys
+ 2009-06-27 01:07 . 2009-06-27 01:07 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcr90.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcp90.dll
+ 2009-06-27 01:10 . 2009-06-27 01:10 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcm90.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_35349982\atl90.dll
- 2004-08-04 12:00 . 2011-06-09 01:29 435260 c:\windows\system32\perfh009.dat
+ 2004-08-04 12:00 . 2011-06-09 02:47 435260 c:\windows\system32\perfh009.dat
+ 2011-03-01 00:01 . 2011-03-01 00:01 947472 c:\windows\system32\msjava.dll
+ 2011-06-09 23:45 . 2011-06-09 23:45 356352 c:\windows\Installer\3384480.msi
+ 2011-06-09 23:42 . 2011-06-09 23:42 319488 c:\windows\Installer\3384476.msi
+ 2011-06-09 23:42 . 2011-06-09 23:42 315392 c:\windows\Installer\3384471.msi
+ 2011-06-09 23:42 . 2011-06-09 23:42 316928 c:\windows\Installer\338446c.msi
+ 2011-06-09 23:42 . 2011-06-09 23:42 356864 c:\windows\Installer\3384467.msi
+ 2011-06-09 23:41 . 2011-06-09 23:41 359424 c:\windows\Installer\3384462.msi
+ 2011-06-09 23:41 . 2011-06-09 23:41 356352 c:\windows\Installer\338445d.msi
+ 2011-06-09 23:41 . 2011-06-09 23:41 316416 c:\windows\Installer\3384458.msi
+ 2011-06-12 03:19 . 2004-01-30 02:13 155648 c:\windows\Drivers\Intel\Graphics\igfxtray.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 323584 c:\windows\Drivers\Intel\Graphics\igfxsrvc.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 909312 c:\windows\Drivers\Intel\Graphics\igfxress.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 204800 c:\windows\Drivers\Intel\Graphics\igfxpph.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 122880 c:\windows\Drivers\Intel\Graphics\igfxhk.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 221184 c:\windows\Drivers\Intel\Graphics\igfxeud.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 151552 c:\windows\Drivers\Intel\Graphics\igfxdiag.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 151552 c:\windows\Drivers\Intel\Graphics\igfxdev.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 499712 c:\windows\Drivers\Intel\Graphics\igfxcfg.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 122110 c:\windows\Drivers\Intel\Graphics\ialmsbw.sys
+ 2011-06-12 03:19 . 2004-01-30 02:13 192512 c:\windows\Drivers\Intel\Graphics\ialmgdev.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 116796 c:\windows\Drivers\Intel\Graphics\ialmdnt5.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 198331 c:\windows\Drivers\Intel\Graphics\ialmdev5.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 488002 c:\windows\Drivers\Intel\Graphics\ialmdd5.dll
+ 2011-06-12 03:19 . 2004-01-30 02:13 118784 c:\windows\Drivers\Intel\Graphics\hkcmd.exe
+ 2011-06-12 03:19 . 2004-01-30 02:13 118784 c:\windows\Drivers\Intel\Graphics\hccutils.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 3780416 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfc90u.dll
+ 2009-06-27 01:07 . 2009-06-27 01:07 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfc90.dll
+ 2010-01-17 16:52 . 2011-06-10 18:07 3462192 c:\windows\system32\FNTCACHE.DAT
+ 2011-06-09 23:46 . 2011-06-09 23:46 2096128 c:\windows\Installer\3384485.msi
+ 2011-06-12 03:19 . 2004-01-30 02:13 1851392 c:\windows\Drivers\Intel\Graphics\ialmgicd.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PRONoMgr.exe"="c:\program files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 86016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-13 642856]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-15 1358384]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-06-01 149280]
"QuickTime Task"="c:\program files\MpcStar\Codecs\QuickTime\qttask.exe" [2010-03-19 421888]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Taskman"=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 11:42 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-19 04:16 421888 ----a-w- c:\program files\MpcStar\Codecs\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2009-07-08 18:31 236016 ----a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Nwsapagent"=2 (0x2)
"YahooAUService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Owner\\Desktop\\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\\pvpgn-1.8.5\\PvPGN.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21041:TCP"= 21041:TCP:BitComet 21041 TCP
"21041:UDP"= 21041:UDP:BitComet 21041 UDP
"58801:TCP"= 58801:TCP:Pando Media Booster
"58801:UDP"= 58801:UDP:Pando Media Booster
.
R2 d2dbs;d2dbs service;c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2dbsConsole.exe --service

c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2dbsConsole.exe --service [?]
R2 D2GS;Diablo II Close Game Server;c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\ORIGINAL REALM\D2GSSVC.exe [4/13/2011 2:41 PM 14848]
R2 pvpgn;PvPGN service;c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\PvPGNConsole.exe --service

c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\PvPGNConsole.exe --service [?]
S?2 d2cs;d2cs service;c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2csConsole.exe --service

c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2csConsole.exe --service [?]
S2 TeamViewer6;TeamViewer 6;c:\docume~1\Owner\LOCALS~1\Temp\TeamViewer\Version6\TeamViewer_Service.exe

c:\docume~1\Owner\LOCALS~1\Temp\TeamViewer\Version6\TeamViewer_Service.exe [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service

c:\windows\system32\GameMon.des -service [?]
S3 qrkis;Tether Miniport;c:\windows\system32\drivers\qrkis.sys [8/24/2010 6:30 PM 45608]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
.
.
------- Supplementary Scan -------
.
uStart Page = my.daemon-search.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\mhmcsoql.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - d2jsp.org
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-SvrWsc - (no file)
HKLM-Run-CLCKR - c:\documents and settings\All Users\Application Data\nvvsvc.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-06-12 23:23
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(648)
c:\windows\system32\l3codeca.acm
.
- - - - - - - > 'explorer.exe'(4044)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\d2dbsConsole.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\ORIGINAL REALM\D2GS.EXE
c:\documents and settings\Owner\Desktop\PvPGN-1.8.5-0-Win32-MySQL-5.1.31-BIN\pvpgn-1.8.5\PvPGNConsole.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\imapi.exe
c:\progra~1\Yahoo!\Messenger\ymsgr_tray.exe
c:\windows\system32\rundll32.exe
c:\program files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Completion time: 2011-06-12 23:26:05 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-13 05:26
ComboFix2.txt 2011-06-09 02:49
.
Pre-Run: 135,877,091,328 bytes free
Post-Run: 134,367,809,536 bytes free
.
- - End Of File - - BC21B7B9E22EA0CDCC764D9076E918BF
I got my desktop back but my computer is acting very strange.