Hi. Sorry I took a while to reply. Here they are.
Combo fix log
ComboFix 10-04-02.01 - USER 03/04/2010 15:15:31.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1015.541 [GMT 1:00]
Running from: c:\documents and settings\USER\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\USER\Application Data\Desktopicon
c:\program files\Search Settings
c:\program files\Search Settings\kb128\SeARchsettings.dll
c:\program files\Search Settings\kb128\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe
c:\program files\WinPCap
c:\program files\WinPCap\daemon_mgm.exe
c:\program files\WinPCap\npf_mgm.exe
c:\program files\WinPCap\rpcapd.exe
c:\windows\AppPatch\AcAdProc.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\EfNXGfii.ini
c:\windows\system32\EfNXGfii.ini2
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((( Files Created from 2010-03-03 to 2010-04-03 )))))))))))))))))))))))))))))))
.
2010-04-02 20:09 . 2010-04-02 20:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg8
2010-04-02 16:26 . 2010-04-02 16:26 -------- d-----w- c:\program files\Trend Micro
2010-04-02 15:30 . 2010-04-02 15:30 -------- d-----w- c:\documents and settings\USER\Application Data\Malwarebytes
2010-04-02 15:30 . 2010-03-29 14:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-02 15:30 . 2010-04-02 15:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-02 15:30 . 2010-03-29 14:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-02 15:30 . 2010-04-02 15:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-31 22:22 . 2010-03-31 22:22 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-24 14:27 . 2010-03-24 14:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-03-24 14:26 . 2010-03-24 14:26 -------- d-----w- c:\documents and settings\USER\Application Data\Office Genuine Advantage
2010-03-24 03:26 . 2010-03-24 03:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Speedbit
2010-03-24 03:25 . 2010-03-24 03:33 -------- d-----w- c:\program files\SpeedBit Video Accelerator
2010-03-23 02:06 . 2010-03-23 17:12 -------- d-----w- c:\windows\system32\NtmsData
2010-03-23 01:09 . 2010-03-23 01:09 -------- d-----w- c:\windows\system32\zh-TW
2010-03-23 01:09 . 2010-03-23 01:09 -------- d-----w- c:\windows\system32\zh-HK
2010-03-23 01:09 . 2010-03-23 01:09 -------- d-----w- c:\windows\system32\tr-TR
2010-03-23 01:09 . 2010-03-23 01:09 -------- d-----w- c:\windows\system32\sv-SE
2010-03-23 01:08 . 2010-03-23 01:08 -------- d-----w- c:\windows\system32\pt-BR
2010-03-23 01:08 . 2010-03-23 01:08 -------- d-----w- c:\windows\system32\nl-NL
2010-03-23 01:08 . 2010-03-23 01:08 -------- d-----w- c:\windows\system32\nb-NO
2010-03-23 01:08 . 2010-03-23 01:08 -------- d-----w- c:\windows\system32\ko-KR
2010-03-23 01:08 . 2010-03-23 01:08 -------- d-----w- c:\windows\system32\it-IT
2010-03-23 01:08 . 2010-03-23 01:08 -------- d-----w- c:\windows\system32\he-IL
2010-03-23 01:08 . 2010-03-23 01:08 -------- d-----w- c:\windows\system32\fr-FR
2010-03-23 01:07 . 2010-03-23 01:07 -------- d-----w- c:\windows\system32\fi-FI
2010-03-23 01:07 . 2010-03-23 01:07 -------- d-----w- c:\windows\system32\es-ES
2010-03-23 01:07 . 2010-03-23 01:07 -------- d-----w- c:\windows\system32\el-GR
2010-03-23 01:07 . 2010-03-23 01:07 -------- d-----w- c:\windows\system32\de-DE
2010-03-23 01:07 . 2010-03-23 01:07 -------- d-----w- c:\windows\system32\da-DK
2010-03-23 01:06 . 2010-03-23 01:06 -------- d-----w- c:\windows\system32\ar-SA
2010-03-22 03:57 . 2010-03-22 03:58 -------- d-----w- c:\program files\McAfeeMOBK
2010-03-22 03:54 . 2010-02-05 21:13 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys
2010-03-22 03:50 . 2010-03-22 03:54 -------- d-----w- c:\program files\McAfee Online Backup
2010-03-22 03:18 . 2010-04-01 20:52 -------- d-----w- c:\program files\McAfee
2010-03-22 01:57 . 2010-03-22 01:57 -------- d-----w- c:\program files\NOS
2010-03-21 20:53 . 2010-03-27 15:59 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-03-19 18:14 . 2010-04-01 21:43 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-03-15 19:28 . 2010-03-15 19:28 -------- d-----w- c:\documents and settings\LocalService\IETldCache
2010-03-15 18:41 . 2010-03-15 18:41 -------- d-----w- c:\documents and settings\LocalService\PrivacIE
2010-03-15 18:38 . 2010-03-15 18:38 -------- d-----w- c:\documents and settings\LocalService\Application Data\Toolbar4
2010-03-13 05:55 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-03 14:34 . 2010-01-04 18:54 -------- d-----w- c:\documents and settings\USER\Application Data\Affinegy
2010-04-01 20:52 . 2008-10-24 19:10 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-03-25 18:22 . 2008-10-05 14:35 -------- d-----w- c:\documents and settings\USER\Application Data\DNA
2010-03-25 16:53 . 2008-10-05 14:35 -------- d-----w- c:\program files\DNA
2010-03-24 04:42 . 2007-10-27 19:11 68456 ----a-w- c:\documents and settings\USER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-23 20:29 . 2008-10-07 11:37 -------- d-----w- c:\program files\Autodesk
2010-03-21 22:18 . 2007-10-27 19:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-03-13 01:13 . 2008-10-05 11:12 -------- d-----w- c:\program files\Google
2010-03-13 01:07 . 2008-10-19 17:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Autodesk
2010-03-13 01:07 . 2008-10-19 16:16 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-25 06:24 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-02-05 21:14 2871608 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-02-05 21:14 2871608 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-02-05 21:14 2871608 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wireless Manager"="c:\program files\Virgin Broadband Wireless\Wireless Manager.exe" [2008-05-26 585728]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 385024]
c:\documents and settings\USER\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk.disabled [2008-10-13 947]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk.disabled [2010-3-27 1611]
WTGU.lnk.disabled [2010-3-25 887]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-09-07 15:08 110592 ----a-w- c:\program files\Intel\Wireless\Bin\LgNotify.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe"
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"SpeedBitVideoAccelerator"=c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
"TotalSecure2009"=c:\program files\TS-2009\scan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"<NO NAME>"=
"2cdd0403"=rundll32.exe "c:\windows\system32\qojcptoq.dll",b
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"DataCardMonitor"=c:\program files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
"dla"=c:\windows\system32\dla\tfswctrl.exe
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" /runkey
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SearchSettings"=c:\program files\Search Settings\SearchSettings.exe
"SNM"=c:\program files\SpyNoMore\SNM.exe /startup
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" /r
"USB Storage Toolbox"=c:\program files\USB Disk Win98 Driver\Res.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2008\\3dsmax.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Autodesk\\Maya2008\\bin\\maya.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [22/03/2010 04:54 54776]
R2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [05/02/2010 22:14 229688]
R2 RaySat85Server;RaySat85 Server;c:\program files\Autodesk\mentalraysatellite8.5\bin\raysat85server.exe [15/12/2006 00:06 69632]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [03/05/2004 16:26 80384]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
2010-04-03 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
2010-04-03 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 15:07]
2010-04-03 c:\windows\Tasks\User_Feed_Synchronization-{F4B1B118-6966-431A-A65D-2D5C375979AC}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 04:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://uk.ask.com?o=14776&l=dis
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{B9C5C264-0C91-4095-BAD1-62CD4D74D52C} - c:\program files\Bytescout SWF To Video Scout\flashextract_ie.html
LSP: c:\progra~1\SPEEDB~1\sblsp.dll
LSP: bmnet.dll
FF - ProfilePath - c:\documents and settings\USER\Application Data\Mozilla\Firefox\Profiles\400n8jva.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - google.co.uk
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?o=13796&l=dis&q=
FF - component: c:\documents and settings\USER\Application Data\Mozilla\Firefox\Profiles\400n8jva.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\documents and settings\USER\Application Data\Mozilla\Firefox\Profiles\400n8jva.default\extensions\
[email protected]\plugins\npTVUAx.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -
BHO-{01DA6AEC-7142-45F8-B90C-F059C098AA76} - (no file)
BHO-{053c72df-97a4-4db4-8fbe-79c82bf55063} - (no file)
BHO-{2CEEE499-1577-43DA-ABD3-E9EDA9FF03CE} - (no file)
BHO-{5921FE67-77A3-4E49-99F7-81D081844480} - (no file)
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
BHO-{F7920BAD-E554-4442-94F8-5309D52377F5} - c:\windows\system32\iifGXNfE.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
ShellExecuteHooks-{E491027D-3417-4FA7-859D-AE0884121B81} - (no file)
AddRemove-Blubster - c:\program files\Blubster\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-04-03 15:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1032)
c:\program files\Intel\Wireless\Bin\LgNotify.dll
- - - - - - - > 'lsass.exe'(1088)
c:\progra~1\SPEEDB~1\sblsp.dll
c:\program files\SpeedBit Video Accelerator\ConfigDB.dll
c:\windows\system32\bmnet.dll
c:\program files\SpeedBit Video Accelerator\Accelerator.dll
c:\windows\system32\WININET.dll
c:\program files\Bonjour\mdnsNSP.dll
c:\program files\SpeedBit Video Accelerator\Collector.dll
- - - - - - - > 'explorer.exe'(3352)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\program files\McAfee Online Backup\MOBKshell.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKeeper.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Intel\Wireless\Bin\ZcfgSvc.exe
c:\progra~1\Intel\Wireless\Bin\1XConfig.exe
c:\program files\Virgin Broadband Wireless\AffinegyService.exe
c:\program files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
c:\program files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.Server.exe
c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\SPEEDB~1\VideoAcceleratorEngine.exe
c:\program files\Virgin Broadband Wireless\ndis_events.exe
.
**************************************************************************
.
Completion time: 2010-04-03 15:51:13 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-03 14:51
Pre-Run: 17,902,579,712 bytes free
Post-Run: 17,961,349,120 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - B2E5AEB44CB80A2042BAA5C0762819C8
.............................................................................................