heres the new logComboFix 08-03-04.5 - Xuan 2008-03-05 17:51:19.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.288 [GMT -7:00]
Running from: C:\Documents and Settings\Xuan\Desktop\myfix.exe.exe
Command switches used :: C:\Documents and Settings\Xuan\Desktop\CFScript.txt
* Created a new restore point
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
FILE ::
C:\arbfikac.exe
C:\Documents and Settings\All Users\Application Data\ujug.pif
C:\Documents and Settings\All Users\Application Data\wusiry.pif
C:\Documents and Settings\All Users\Application Data\yxesat.reg
C:\Documents and Settings\Xuan\Application Data\wawanur.scr
C:\hpfr3420.xml
C:\Program Files\Common Files\ydawatibyq.pif
C:\Shortcut to pos1A.lnk
C:\Shortcut to pos1A0.lnk
C:\Shortcut to pos1A1.lnk
C:\Shortcut to pos1A2.lnk
C:\Shortcut to pos1A3.lnk
C:\Shortcut to pos1A6.lnk
C:\WINDOWS\degesociv.dll
C:\WINDOWS\gosujabaj._dl
C:\WINDOWS\ihulocopi.bat
C:\WINDOWS\osib.reg
C:\WINDOWS\system32\DllCache\figaro.sys
C:\WINDOWS\system32\igmzennuf.exe
C:\WINDOWS\system32\piibovfd.ini
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\yxawezasoh.db
C:\WINDOWS\uhihozali.reg
C:\WINDOWS\WHVhbg\qJp1v0.vbs
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\arbfikac.exe
C:\Documents and Settings\All Users\Application Data\ujug.pif
C:\Documents and Settings\All Users\Application Data\wusiry.pif
C:\Documents and Settings\All Users\Application Data\yxesat.reg
C:\Documents and Settings\Xuan\Application Data\wawanur.scr
C:\hpfr3420.xml
C:\Program Files\Common Files\ydawatibyq.pif
C:\VundoFix Backups
C:\VundoFix Backups\addmorefiles.txt
C:\VundoFix Backups\befskfph.dll.bad
C:\VundoFix Backups\ijkkj.ini.bad
C:\VundoFix Backups\ijkkj.ini2.bad
C:\VundoFix Backups\jkkji.dll.bad
C:\VundoFix Backups\mvtqqqjo.dll.bad
C:\VundoFix Backups\nsycclqs.dll.bad
C:\VundoFix Backups\picnsvaj.dll.bad
C:\VundoFix Backups\picnsvaj.dllbox.bad
C:\VundoFix Backups\qrsjxcgb.dll.bad
C:\VundoFix Backups\tlusozkx.dllbox.bad
C:\VundoFix Backups\tuvwxxw.dll.bad
C:\VundoFix Backups\winivstr.exe.bad
C:\WINDOWS\degesociv.dll
C:\WINDOWS\gosujabaj._dl
C:\WINDOWS\ihulocopi.bat
C:\WINDOWS\osib.reg
C:\WINDOWS\system32\DllCache\figaro.sys
C:\WINDOWS\system32\piibovfd.ini
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\yxawezasoh.db
C:\WINDOWS\uhihozali.reg
C:\WINDOWS\WHVhbg
C:\WINDOWS\WHVhbg\qJp1v0.vbs
.
--------------- FMove ---------------
.
((((((((((((((((((((((((( Files Created from 2008-02-06 to 2008-03-06 )))))))))))))))))))))))))))))))
.
2008-03-04 19:03 . 2008-03-04 19:03 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-04 19:03 . 2008-03-04 19:03 <DIR> d-------- C:\Documents and Settings\Xuan\Application Data\SUPERAntiSpyware.com
2008-03-04 19:02 . 2008-03-04 19:02 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-03-03 17:15 . 2002-02-27 14:12 2,034 --a------ C:\xp_com_fix.reg
2008-03-03 16:32 . 2008-03-03 16:32 <DIR> d-------- C:\Documents and Settings\Xuan\Application Data\Malwarebytes
2008-03-03 16:31 . 2008-03-03 16:31 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-03-03 16:31 . 2008-03-03 16:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-02 14:26 . 2008-03-02 14:26 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-02 12:17 . 2008-03-02 12:17 <DIR> d-------- C:\Program Files\nvcoi
2008-02-29 12:34 . 2008-02-29 12:34 <DIR> d-------- C:\Documents and Settings\Xuan\.idlerc
2008-02-21 21:49 . 2008-02-21 21:49 <DIR> d-------- C:\WINDOWS\.mpr_file_store_32
2008-02-21 21:41 . 2008-02-21 21:47 <DIR> d-------- C:\WINDOWS\.jagex_cache_32
2008-02-15 17:59 . 2008-02-15 17:59 <DIR> d-------- C:\Program Files\Softnyx
2008-02-14 20:46 . 2008-02-14 23:19 <DIR> d-------- C:\Program Files\Tremulous
2008-02-14 18:19 . 2008-02-29 22:24 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-02-14 18:19 . 2008-02-14 18:19 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-12 20:29 . 2008-02-12 20:29 <DIR> d-------- C:\Program Files\EA Games
2008-02-10 18:18 . 2008-02-10 18:18 <DIR> d-------- C:\Program Files\DIFX
2008-02-10 18:18 . 2007-09-20 10:16 23,864 --a------ C:\WINDOWS\system32\drivers\pnarp.sys
2008-02-10 18:16 . 2007-09-20 10:16 24,888 --a------ C:\WINDOWS\system32\drivers\purendis.sys
2008-02-10 16:36 . 2008-02-10 22:12 <DIR> d-------- C:\Program Files\Common Files\Pure Networks Shared
2008-02-10 16:35 . 2008-02-10 16:35 <DIR> d-------- C:\Program Files\Pure Networks
2008-02-10 16:24 . 2008-02-10 16:24 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-02-10 16:24 . 2008-02-10 16:24 <DIR> d-------- C:\WINDOWS\Profiles
2008-02-10 16:24 . 2008-02-10 16:24 <DIR> d-------- C:\Documents and Settings\Xuan\Application Data\InterTrust
2008-02-10 16:17 . 2008-02-10 18:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Pure Networks
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-05 04:07 --------- d-----w C:\Documents and Settings\Xuan\Application Data\LimeWire
2008-03-03 23:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-03 20:24 17,721 ----a-w C:\Program Files\Common Files\ipuped._sy
2008-03-02 20:01 10 ----a-w C:\Program Files\.autoreg
2008-02-29 22:32 --------- d-----w C:\Program Files\LimeWire
2008-02-20 01:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-02-13 03:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-03 18:45 --------- d-----w C:\Program Files\Amadis Software
2008-02-03 18:40 --------- d-----w C:\Program Files\GoodOk YouTube FLV to AVI 3GP MP4 WMV ASF Converter
2008-02-03 07:31 --------- d-----w C:\Program Files\Veoh Networks
2008-02-02 05:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\IDS_COMPANY_NAME
2008-02-01 05:48 --------- d-----w C:\Program Files\Microsoft Games
2008-01-31 03:38 --------- d-----w C:\Program Files\Common Files\INCA Shared
2008-01-31 03:06 --------- d-----w C:\Program Files\Lavasoft
2008-01-31 02:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-31 02:39 --------- d-----w C:\Documents and Settings\Xuan\Application Data\Hewlett-Packard
2008-01-31 02:35 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-31 02:29 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-01-31 02:27 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2008-01-29 02:08 --------- d-----w C:\Documents and Settings\Xuan\Application Data\DivX
2008-01-29 02:02 --------- d-----w C:\Documents and Settings\Xuan\Application Data\NeroDigitalâ„¢
2008-01-29 00:00 --------- d-----w C:\Program Files\QuickTime
2008-01-29 00:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-28 23:59 --------- d-----w C:\Program Files\Apple Software Update
2008-01-28 23:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-01-28 03:31 --------- d-----w C:\Program Files\Common Files\Nero
2008-01-28 03:30 --------- d-----w C:\Program Files\Nero
2008-01-28 03:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-01-28 00:43 --------- d-s---w C:\Program Files\Xfire
2008-01-28 00:43 --------- d-----w C:\Documents and Settings\Xuan\Application Data\Xfire
2008-01-28 00:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\IJJIGame
2008-01-27 09:23 --------- d-----w C:\Program Files\DivX
2008-01-24 23:16 --------- d-----w C:\Documents and Settings\Xuan\Application Data\PlayFirst
2008-01-24 23:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2008-01-24 23:12 --------- d--h--w C:\Documents and Settings\Xuan\Application Data\ijjigame
2008-01-24 23:11 --------- d-----w C:\Program Files\NHN USA
2008-01-24 04:05 --------- d-----w C:\Documents and Settings\Xuan\Application Data\Leadertech
2008-01-24 03:51 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-24 03:45 --------- d-----w C:\Documents and Settings\Xuan\Application Data\Nero
2008-01-22 14:11 --------- d-----w C:\Documents and Settings\Xuan\Application Data\Sony Corporation
2008-01-22 06:14 --------- d-----w C:\Program Files\MSXML 4.0
2008-01-22 05:59 --------- d-----w C:\Program Files\Sony Corporation
2008-01-22 05:59 --------- d-----w C:\Program Files\Sony
2008-01-22 05:59 --------- d-----w C:\Program Files\Common Files\Sony Shared
2008-01-22 05:58 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-22 05:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-01-22 04:05 --------- d-----w C:\Program Files\Java
2008-01-22 04:02 --------- d-----w C:\Program Files\Common Files\Java
2008-01-22 03:55 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-22 03:55 --------- d-----w C:\Program Files\Windows Live
2008-01-22 03:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-22 01:41 --------- d-----w C:\Documents and Settings\Xuan\Application Data\Nexon
2008-01-21 23:48 --------- d-----w C:\Program Files\DVD Shrink
2008-01-21 08:13 --------- d-----w C:\Documents and Settings\Xuan\Application Data\MSNInstaller
2008-01-21 07:57 --------- d-----w C:\Documents and Settings\Xuan\Application Data\Talkback
2008-01-21 07:24 --------- d-----w C:\Documents and Settings\Xuan\Application Data\Zero Knowledge
2008-01-21 07:18 --------- d-----w C:\Program Files\Zero Knowledge
2008-01-21 07:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zero Knowledge
2008-01-21 07:17 --------- d-----w C:\Documents and Settings\Xuan\Application Data\Motive
2008-01-21 07:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Motive
2008-01-21 07:16 --------- d-----w C:\Program Files\Common Files\Motive
2008-01-21 07:14 --------- d-----w C:\Program Files\TELUS eCare
2008-01-21 07:05 --------- d-----w C:\Program Files\Motive
2008-01-21 07:04 155,995 ----a-w C:\WINDOWS\java\Packages\[u]0[/u]H33ZV1Z.ZIP
2008-01-21 07:03 --------- d-----w C:\Program Files\BroadJump
2008-01-21 06:27 --------- d-----w C:\Program Files\Windows Plus
2008-01-17 01:25 679,936 ----a-w C:\WINDOWS\system32\ijjiSetup.exe
2008-01-11 05:53 44,544 ----a-w C:\WINDOWS\system32\DllCache\pngfilt.dll
2008-01-04 21:59 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-01-04 21:58 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-01-04 21:58 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-01-04 21:58 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-01-04 21:58 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-01-04 21:58 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-01-04 21:58 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-01-04 21:57 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-01-04 21:57 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-01-04 21:56 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-01-04 21:56 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-12-19 23:01 347,136 ----a-w C:\WINDOWS\system32\DllCache\dxtmsft.dll
2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\DllCache\mrxdav.sys
2007-12-14 02:09 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
2007-12-08 05:21 3,592,192 ------w C:\WINDOWS\system32\DllCache\mshtml.dll
2007-12-06 11:01 625,664 ------w C:\WINDOWS\system32\DllCache\iexplore.exe
2007-12-06 11:00 70,656 ------w C:\WINDOWS\system32\DllCache\ie4uinit.exe
2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\DllCache\ieudinit.exe
2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\DllCache\ieakui.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-09 22:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"nvcoi"="C:\Program Files\nvcoi\nvcoi.exe" [2008-03-02 12:17 57344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2004-08-10 04:04 59392]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712]
"nmctxth"="C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2007-10-01 20:08 451896]
"nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe" [2007-10-29 22:04 451896]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 02:36 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 1000 series.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk
backup=C:\WINDOWS\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TELUS eCare.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TELUS eCare.lnk
backup=C:\WINDOWS\pss\TELUS eCare.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Xuan^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\Xuan\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BJCFD]
--a------ 2002-09-10 21:26 368706 C:\Program Files\BroadJump\Client Foundation\CFD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-09 22:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-12-13 19:10 1688872 C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
--a------ 2008-01-21 11:18 393216 C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2007-12-03 14:21 2213160 C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-10 15:27 385024 C:\Program Files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
-ra------ 2006-04-01 14:33 77824 C:\WINDOWS\SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SsAAD.exe]
--a------ 2006-01-07 02:36 81920 C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-12-14 03:42 144784 C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 13:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Nexon\\MapleStory\\MapleStory.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Softnyx\\WolfTeam\\Wolfteam.bin"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:DHCP Discovery Service
S3 XDva092;XDva092;C:\WINDOWS\system32\XDva092.sys []
S3 XDva093;XDva093;C:\WINDOWS\system32\XDva093.sys []
S3 XDva098;XDva098;C:\WINDOWS\system32\XDva098.sys []
S3 XDva104;XDva104;C:\WINDOWS\system32\XDva104.sys []
S4 yroeh3ovbyza5eu9;Print Spooler Service;C:\WINDOWS\system32\igmzennuf.exe []
.
Contents of the 'Scheduled Tasks' folder
"2008-01-28 23:59:54 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-03-02 02:39:17 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1201747100.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-05 17:52:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-03-05 17:53:30
ComboFix-quarantined-files.txt 2008-03-06 00:53:15
ComboFix2.txt 2008-03-05 02:14:28
.
2008-02-13 21:52:33 --- E O F ---
