📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

New log from combi fix. (part 1)

ComboFix 10-02-27.04 - AnneB 01/03/2010 19:15:07.1.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.44.1033.18.765.215 [GMT 0:00]
Running from: c:\users\AnneB\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJSCUSQ0\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500
c:\$recycle.bin\S-1-5-21-256214987-830305151-1108347872-500
c:\program files\Common Files\Uninstall
c:\windows\Downloaded Program Files\popcaploader.dll
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\system32\Thumbs.db
.
((((((((((((((((((((((((( Files Created from 2010-02-01 to 2010-03-01 )))))))))))))))))))))))))))))))
.
2010-03-01 19:29 . 2010-03-01 19:29
d
w- c:\users\AnneB\AppData\Local\temp
2010-02-24 20:04 . 2010-02-24 20:04
d
w- c:\users\Default\AppData\Roaming\Trusteer
2010-02-23 19:09 . 2010-01-23 08:05 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-23 19:08 . 2010-01-25 12:58 473088 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-23 19:08 . 2010-01-25 12:58 472576 ----a-w- c:\windows\system32\secproc.dll
2010-02-23 19:08 . 2010-01-25 08:36 435712 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-23 19:08 . 2010-01-25 08:36 515584 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-23 19:08 . 2010-01-25 08:35 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-23 19:08 . 2010-01-25 12:58 154624 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-23 19:08 . 2010-01-25 12:58 154112 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-23 19:08 . 2010-01-25 12:56 312320 ----a-w- c:\windows\system32\msdrm.dll
2010-02-23 19:08 . 2010-01-25 08:36 431104 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-16 22:28 . 2010-02-16 22:28
d
w- c:\program files\FileHippo.com
2010-02-16 13:20 . 2010-02-16 13:20
d
w- c:\users\AnneB\AppData\Roaming\Malwarebytes
2010-02-16 13:20 . 2010-01-07 16:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-16 13:20 . 2010-02-16 13:20
d
w- c:\program files\Malwarebytes' Anti-Malware
2010-02-16 13:20 . 2010-02-16 13:20
d
w- c:\programdata\Malwarebytes
2010-02-16 13:20 . 2010-01-07 16:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-16 13:12 . 2009-11-22 12:03 1191616
w- c:\windows\wweb32.dll
2010-02-16 13:12 . 2010-02-16 13:12
d
w- c:\program files\WordWeb
2010-02-16 13:02 . 2010-02-16 13:05
d
w- c:\users\AnneB\AppData\Local\Babylon
2010-02-16 13:02 . 2010-02-16 13:02
d
w- c:\program files\Babylon
2010-02-16 13:01 . 2010-02-16 14:21
d
w- c:\programdata\Babylon
2010-02-16 13:01 . 2010-02-16 14:21
d
w- c:\users\AnneB\AppData\Roaming\Babylon
2010-02-14 15:31 . 2010-02-16 14:19
d
w- c:\program files\AV
2010-02-10 04:46 . 2009-12-11 12:15 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 04:46 . 2009-12-11 12:15 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-10 04:46 . 2009-12-08 20:54 3467848 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-10 04:46 . 2009-12-08 20:54 3502168 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-10 04:46 . 2009-12-04 16:27 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-10 04:46 . 2009-12-04 16:27 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-10 04:46 . 2009-12-08 17:58 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-02-10 04:46 . 2009-12-08 20:19 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2010-02-10 04:46 . 2009-12-08 17:57 22016 ----a-w- c:\windows\system32\netiougc.exe
2010-02-10 04:45 . 2009-12-28 12:35 1327616 ----a-w- c:\windows\system32\quartz.dll
2010-02-10 04:45 . 2009-12-28 12:36 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-10 04:45 . 2009-12-28 12:34 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-02-10 04:45 . 2009-12-28 12:34 31232 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-10 04:45 . 2009-12-28 12:34 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-10 04:45 . 2009-12-28 12:32 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-10 04:45 . 2009-12-28 12:33 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-10 04:45 . 2009-12-28 12:30 88576 ----a-w- c:\windows\system32\avifil32.dll
2010-02-10 04:45 . 2009-12-28 12:34 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-02-10 04:45 . 2009-12-28 12:30 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-02-06 12:43 . 2010-02-06 12:43
d
w- c:\windows\CheckSur
2010-02-05 19:48 . 2009-11-03 13:01 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-05 19:48 . 2009-11-03 10:37 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-05 19:48 . 2009-11-03 12:57 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-05 13:04 . 2009-08-24 12:47 378368 ----a-w- c:\windows\system32\winhttp.dll
2010-02-03 14:48 . 2009-06-15 15:23 494592 ----a-w- c:\windows\system32\kerberos.dll
2010-02-03 14:48 . 2009-06-15 15:28 272384 ----a-w- c:\windows\system32\schannel.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-24 09:16 . 2009-10-02 17:39 181632
w- c:\windows\system32\MpSigStub.exe
2010-02-24 04:02 . 2008-03-18 22:24 103608 ----a-w- c:\users\AnneB\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-21 23:12 . 2008-03-25 00:59
d
w- c:\program files\Common Files\Symantec Shared
2010-02-16 15:56 . 2009-06-20 00:35
dc-h--w- c:\programdata\~0
2010-02-16 15:35 . 2009-06-20 00:38
d
w- c:\programdata\Transparent
2010-02-16 09:00 . 2010-02-21 23:11 84912 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100221.004\NAVENG.SYS
2010-02-16 09:00 . 2010-02-21 23:11 1324720 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100221.004\NAVEX15.SYS
2010-02-16 09:00 . 2010-02-16 09:00 84912 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\naveng.sys
2010-02-16 09:00 . 2010-02-16 09:00 1324720 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\navex15.sys
2010-02-11 09:00 . 2010-02-12 14:12 84912 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100211.002\NAVENG.SYS
2010-02-11 09:00 . 2010-02-12 14:12 1324720 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100211.002\NAVEX15.SYS
2010-02-11 03:25 . 2006-11-02 11:18
d
w- c:\program files\Windows Mail
2010-02-11 03:05 . 2007-09-08 00:34
d
w- c:\programdata\Microsoft Help
2010-02-10 00:31 . 2008-03-21 22:16
d
w- c:\program files\Google
2010-02-05 00:41 . 2009-09-20 22:36
d
w- c:\programdata\McAfee Security Scan
2010-01-31 02:25 . 2010-01-31 23:49 1335 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\tmp788c.tmp\cur.scr
2010-01-20 12:13 . 2010-02-16 13:02 52224 ----a-w- c:\users\AnneB\AppData\Roaming\Mozilla\Firefox\Profiles\ni4c6824.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
2010-01-20 12:13 . 2010-02-16 13:02 101376 ----a-w- c:\users\AnneB\AppData\Roaming\Mozilla\Firefox\Profiles\ni4c6824.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
2010-01-12 12:20 . 2010-01-12 12:20
d
w- c:\users\AnneB\AppData\Roaming\Trusteer
2010-01-12 12:19 . 2010-01-12 12:19
d
w- c:\program files\Trusteer
2010-01-12 12:16 . 2010-01-12 12:16
d
w- c:\programdata\Trusteer
2009-12-29 20:37 . 2009-12-29 20:37 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb22EC.tmp.exe
2009-12-28 16:07 . 2009-12-28 16:07 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbDB8.tmp.exe
2009-12-27 11:48 . 2009-12-27 11:48 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbE06.tmp.exe
2009-12-26 14:57 . 2009-12-26 14:58 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbC88D.tmp.exe
2009-12-25 17:34 . 2009-12-25 17:34 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbFAE3.tmp.exe
2009-12-24 20:20 . 2009-12-24 20:20 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbC855.tmp.exe
2009-12-23 19:27 . 2009-12-23 19:27 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbD5C7.tmp.exe
2009-12-22 20:05 . 2009-12-22 20:05 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb36DA.tmp.exe
2009-12-21 17:00 . 2009-12-21 17:00 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb2646.tmp.exe
2009-12-20 20:24 . 2009-12-20 20:24 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbB7AD.tmp.exe
2009-12-20 01:18 . 2009-12-20 01:18 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb345A.tmp.exe
2009-12-18 19:02 . 2009-12-18 19:02 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbC775.tmp.exe
2009-12-18 12:52 . 2010-01-22 14:06 832512 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 12:48 . 2010-01-22 14:05 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-12-18 12:48 . 2010-01-22 14:05 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-12-18 12:48 . 2010-01-22 14:05 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll
2009-12-18 12:46 . 2010-01-22 14:05 72704 ----a-w- c:\windows\system32\admparse.dll
2009-12-18 10:18 . 2010-01-22 14:05 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-18 08:45 . 2010-01-22 14:05 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-12-17 15:12 . 2009-12-17 15:12 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbC5A1.tmp.exe
2009-12-16 18:27 . 2009-12-16 18:27 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb4B15.tmp.exe
2009-12-15 18:46 . 2009-12-15 18:46 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb3708.tmp.exe
2009-12-14 15:48 . 2009-12-14 15:48 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1CD4.tmp.exe
2009-12-14 09:00 . 2010-02-21 23:11 2747440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100221.004\CCERASER.DLL
2009-12-14 09:00 . 2010-02-21 23:11 259440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100221.004\ECMSVR32.DLL
2009-12-14 09:00 . 2010-02-12 14:12 2747440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100211.002\CCERASER.DLL
2009-12-14 09:00 . 2010-02-12 14:12 259440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\20100211.002\ECMSVR32.DLL
2009-12-14 09:00 . 2010-01-31 23:49 2747440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\tmp103.tmp\CCERASER.DLL
2009-12-14 09:00 . 2010-01-31 23:49 259440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\tmp103.tmp\ECMSVR32.DLL
2009-12-14 09:00 . 2009-12-14 09:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\cceraser.dll
2009-12-14 09:00 . 2009-12-14 09:00 259440 ----a-w- c:\programdata\Symantec\Definitions\SymcData\virusdefs-2.5-e\BinHub\ecmsvr32.dll
2009-12-13 19:38 . 2009-12-13 19:38 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbC61D.tmp.exe
2009-12-12 22:37 . 2009-12-12 22:37 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb2740.tmp.exe
2009-12-11 20:35 . 2009-12-11 20:35 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbDA2A.tmp.exe
2009-12-10 14:16 . 2009-12-10 14:16 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb31FA.tmp.exe
2009-12-09 18:29 . 2009-12-09 18:29 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb87E8.tmp.exe
2009-12-08 23:24 . 2009-12-08 23:24 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbE65A.tmp.exe
2009-12-04 12:30 . 2009-12-04 12:30 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1890.tmp.exe
2008-01-18 13:35 . 2007-09-07 13:24 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.

Comments

  • gillbaby
    gillbaby Posts: 77 Forumite
    log (cont'd)
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-03-22 1232896]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-27 39408]
    "WordWeb"="c:\program files\WordWeb\wweb32.exe" [2009-11-08 65216]
    "FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-02-05 155648]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-09-07 1006264]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-10 869936]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-08-09 4702208]
    "Skytel"="Skytel.exe" [2007-08-03 1826816]
    "SiSTray"="c:\program files\SiS VGA Utilities\SiSTray.exe" [2007-09-18 552960]
    "TouchPadHotKey"="c:\program files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe" [2007-08-13 364544]
    "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-05-16 213936]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
    "SanaSafeConnect"="c:\program files\Sana Security\Primary Response SafeConnect\agent\bin\SanaSafeConnect.exe" [2007-05-02 1317656]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
    "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
    "Babylon Client"="c:\program files\Babylon\Babylon-Pro\Babylon.exe" [2010-01-19 3723152]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
    WirelessSelector.lnk - c:\program files\FSC\Wireless Utility\WirelessSelector.exe [2008-3-19 650752]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    R1 RapportKELL;RapportKELL;c:\program files\Trusteer\Rapport\bin\RapportKELL.sys [17/02/2010 11:44 58984]
    R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [17/02/2010 11:44 108904]
    R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\SymcPCCULaunchSvc.exe [09/12/2009 17:48 103280]
    R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe [09/12/2009 17:48 126392]
    R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [17/02/2010 11:44 779496]
    R2 SanaSafeConnectWatcher;SanaSafeConnectWatcher;c:\program files\Sana Security\Primary Response SafeConnect\agent\Bin\SanaSafeConnectWatcher.exe [02/05/2007 17:11 68376]
    R3 SanaSafeConnectDriver;SanaSafeConnectDriver;c:\program files\Sana Security\Primary Response SafeConnect\agent\driver\platform_VISTA\SafeConnectDriver.sys [02/05/2007 17:12 152344]
    R3 SanaSafeConnectFilter;SanaSafeConnectFilter;c:\program files\Sana Security\Primary Response SafeConnect\agent\driver\platform_VISTA\SafeConnectFilter.sys [02/05/2007 17:12 31000]
    R3 SiS6350;SiS6350;c:\windows\System32\drivers\SISGRKMD.sys [06/12/2007 14:00 452968]
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\System32\drivers\SiSGB6.sys [18/01/2008 13:30 47616]
    S2 gupdate1c9ff6cca345d30;Google Update Service (gupdate1c9ff6cca345d30);c:\program files\Google\Update\GoogleUpdate.exe [08/07/2009 01:38 133104]
    S2 SanaSafeConnectAgent;SanaSafeConnectAgent;c:\program files\Sana Security\Primary Response SafeConnect\agent\Bin\SanaAgent.exe [02/05/2007 17:11 5076760]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [02/11/2006 10:25 167936]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    .
    Contents of the 'Scheduled Tasks' folder
    2010-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 01:38]
    2010-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 01:38]
    2010-03-01 c:\windows\Tasks\User_Feed_Synchronization-{08D55B84-73FB-44CC-85AE-D26587B72C72}.job
    - c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
    .
    .
    Supplementary Scan
    .
    uStart Page = hxxp://www.sky.com/?&lid=GLOBALNAV_SKY_COM&lpos=GLOBAL_NAV
    uInternet Settings,ProxyOverride = *.local
    IE: &Search
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    IE: {{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} - hxxp://www.youplay.com/games/3rdParty/YouPlay/mysterypi/en/SpinTopGamesLauncher.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.youplay.com/games/3rdParty/PopCap/popcaploader_v10.cab
    FF - ProfilePath - c:\users\AnneB\AppData\Roaming\Mozilla\Firefox\Profiles\ni4c6824.default\
    FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    .
    - - - - ORPHANS REMOVED - - - -
    AddRemove-Mystery P.I. - The Lottery Ticket 1.0.0.5 - c:\program files\YouPlay Pty Ltd\Mystery PI\PopUninstall.exe

    **************************************************************************
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-03-01 19:29
    Windows 6.0.6000 NTFS
    scanning hidden processes ...
    scanning hidden autostart entries ...
    scanning hidden files ...
    scan completed successfully
    hidden files: 0
    **************************************************************************
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCCUJobMgr]
    "ImagePath"="\"c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Norton PC Checkup\Engine\2.0.2.506\diMaster.dll\" /prefetch:1"
    .
    Completion time: 2010-03-01 19:37:48
    ComboFix-quarantined-files.txt 2010-03-01 19:37
    Pre-Run: 70,153,863,168 bytes free
    Post-Run: 71,403,741,184 bytes free
    - - End Of File - - 17D0ECCBB81CE91B2A9C3B7C2F19ABCF
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.4K Banking & Borrowing
  • 252.9K Reduce Debt & Boost Income
  • 453.3K Spending & Discounts
  • 243.4K Work, Benefits & Business
  • 598K Mortgages, Homes & Bills
  • 176.6K Life & Family
  • 256.5K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.