ComboFix 12-01-19.01 - Allen 01/19/2012  13:14:27.4.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1262.782 [GMT -5:00]
Running from: c:\documents and settings\Allen\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
.
.
(((((((((((((((((((((((((   Files Created from 2011-12-19 to 2012-01-19  )))))))))))))))))))))))))))))))
.
.
2012-01-19 01:17 . 2012-01-19 01:17	--------	d-----w-	c:\documents and settings\Allen\Application Data\Blender Foundation
2012-01-19 01:08 . 2012-01-19 01:08	--------	d-----w-	c:\program files\Blender Foundation
2012-01-15 17:54 . 2012-01-19 00:30	--------	d-----w-	c:\program files\freecol
2012-01-15 17:25 . 2012-01-15 17:39	--------	d-----w-	c:\documents and settings\Allen\Application Data\.freeciv
2012-01-15 17:22 . 2012-01-19 00:30	--------	d-----w-	c:\program files\Freeciv-2.3.0-gtk2
2012-01-05 17:04 . 2011-12-21 07:24	43992	----a-w-	c:\program files\Mozilla Firefox\mozutils.dll
2012-01-05 17:04 . 2011-12-21 04:30	626688	----a-w-	c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-05 17:04 . 2011-12-21 04:30	548864	----a-w-	c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-05 17:04 . 2011-12-21 04:30	479232	----a-w-	c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-05 05:43 . 2012-01-05 05:43	--------	d-sh--w-	c:\documents and settings\Administrator\IETldCache
2012-01-05 05:15 . 2012-01-05 05:15	--------	d-----w-	c:\windows\MATS
2012-01-05 05:15 . 2012-01-05 05:15	--------	d-----w-	c:\program files\Microsoft Fix it Center
2012-01-05 05:08 . 2012-01-05 05:08	--------	d-----w-	c:\documents and settings\Allen\Application Data\ElevatedDiagnostics
2012-01-05 03:19 . 2010-04-14 01:10	54776	----a-w-	c:\windows\system32\drivers\MOBK.sys
2012-01-05 03:19 . 2012-01-05 03:19	--------	d-----w-	c:\program files\McAfee Online Backup
2012-01-05 03:18 . 2011-04-11 19:29	64048	----a-w-	c:\windows\system32\drivers\McPvDrv.sys
2012-01-05 03:17 . 2012-01-05 03:17	--------	d-----w-	c:\documents and settings\Allen\Local Settings\Application Data\McAfee Anti-Theft
2012-01-05 03:16 . 2011-12-06 22:22	28760	----a-w-	c:\program files\Mozilla Firefox\ScriptFF.dll
2012-01-05 03:16 . 2011-10-15 17:16	9608	----a-w-	c:\windows\system32\drivers\mfeclnk.sys
2012-01-05 03:16 . 2011-10-15 17:16	89792	----a-w-	c:\windows\system32\drivers\mfetdi2k.sys
2012-01-05 03:16 . 2011-10-15 17:16	87656	----a-w-	c:\windows\system32\drivers\mferkdet.sys
2012-01-05 03:16 . 2011-10-15 17:16	83856	----a-w-	c:\windows\system32\drivers\mfendisk.sys
2012-01-05 03:16 . 2011-10-15 17:16	59456	----a-w-	c:\windows\system32\drivers\mfebopk.sys
2012-01-05 03:16 . 2011-10-15 17:16	57600	----a-w-	c:\windows\system32\drivers\cfwids.sys
2012-01-05 03:16 . 2011-10-15 17:16	338176	----a-w-	c:\windows\system32\drivers\mfefirek.sys
2012-01-05 03:16 . 2011-10-15 17:16	180816	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2012-01-05 03:15 . 2012-01-05 03:17	--------	d-----w-	c:\program files\Common Files\Mcafee
2012-01-05 03:15 . 2012-01-05 04:10	--------	d-----w-	c:\program files\McAfee
2012-01-05 03:02 . 2011-11-18 21:36	150856	----a-w-	c:\windows\system32\mfevtps.exe
2012-01-04 20:06 . 2012-01-04 20:06	--------	d-----w-	c:\documents and settings\NetworkService\Local Settings\Application Data\Sun
2011-12-27 16:10 . 2011-12-27 16:11	--------	d-----w-	C:\WLMP
2011-12-27 14:22 . 2011-12-27 14:22	159744	----a-w-	c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2011-12-27 14:22 . 2011-12-27 14:22	159744	----a-w-	c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 21:57 . 2004-08-10 17:51	293376	----a-w-	c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2004-08-10 17:51	1859584	----a-w-	c:\windows\system32\win32k.sys
2011-11-22 23:07 . 2011-06-02 23:52	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-18 12:35 . 2004-08-10 17:51	60416	----a-w-	c:\windows\system32\packager.exe
2011-11-16 14:21 . 2004-08-10 17:51	354816	----a-w-	c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2004-08-10 17:51	152064	----a-w-	c:\windows\system32\schannel.dll
2011-11-10 06:07 . 2011-11-10 06:07	151312	----a-w-	c:\windows\system32\winwb86.IME
2011-11-04 19:20 . 2004-08-10 17:51	916992	----a-w-	c:\windows\system32\wininet.dll
2011-11-04 19:20 . 2004-08-10 17:51	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-11-04 19:20 . 2004-08-10 17:51	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-10 17:51	385024	----a-w-	c:\windows\system32\html.iec
2011-11-03 15:28 . 2004-08-10 17:51	386048	----a-w-	c:\windows\system32\qdvd.dll
2011-11-03 15:28 . 2004-08-10 17:51	1292288	----a-w-	c:\windows\system32\quartz.dll
2011-11-01 16:07 . 2004-08-10 17:51	1288704	----a-w-	c:\windows\system32\ole32.dll
2011-10-28 05:31 . 2004-08-10 17:50	33280	----a-w-	c:\windows\system32\csrsrv.dll
2011-10-25 13:33 . 2004-08-10 17:51	2192768	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52 . 2004-08-04 03:59	2069376	----a-w-	c:\windows\system32\ntkrnlpa.exe
2008-12-31 05:30 . 2008-12-31 05:30	336	----a-w-	c:\program files\temp995.bat
2011-12-21 07:24 . 2011-08-06 21:26	121816	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-14 01:11	2872120	----a-w-	c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-14 01:11	2872120	----a-w-	c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-14 01:11	2872120	----a-w-	c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-14 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-14 536576]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-16 141608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1318816]
"McPvTray_exe"="c:\program files\McAfee\MAT\McPvTray.exe" [2011-04-08 419904]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
c:\documents and settings\Allen\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-5-31 575488]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
VirtuaWin.lnk - c:\program files\VirtuaWin\VirtuaWin.exe [2008-5-25 124928]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages	REG_MULTI_SZ   	msv1_0 setuid
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804]
   Ime File	REG_SZ         	WINWB86.IME
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Billminder.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Billminder.lnk
backup=c:\windows\pss\Billminder.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Startup.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Quicken Startup.lnk
backup=c:\windows\pss\Quicken Startup.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Allen^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
path=c:\documents and settings\Allen\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
backup=c:\windows\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 06:04	39792	----a-w-	c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 15:09	460784	----a-w-	c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2008-08-13 22:32	206064	----a-w-	c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-11-15 14:24	16384	----a-w-	c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-02-23 21:19	53248	------w-	c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-04-27 14:09	133104	----atw-	c:\documents and settings\Allen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 21:50	81920	----a-w-	c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-07-16 11:41	141608	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
2006-01-17 17:03	53248	----a-w-	c:\program files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12	1695232	----a-w-	c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 01:53	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [1/4/2012 10:18 PM 64048]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [1/4/2012 10:16 PM 89792]
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [1/4/2012 10:19 PM 54776]
R1 vcdrom;Virtual CD-ROM Device Driver;c:\windows\system32\drivers\VCdRom.sys [1/19/2006 11:59 PM 8576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [1/4/2012 10:15 PM 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [1/4/2012 10:15 PM 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [1/4/2012 10:15 PM 214904]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [1/4/2012 10:16 PM 160608]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [1/4/2012 10:02 PM 150856]
R2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [4/13/2010 8:11 PM 229688]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [1/4/2012 10:16 PM 57600]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [1/4/2012 10:16 PM 338176]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [1/4/2012 10:16 PM 83856]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/14/2010 8:49 PM 136176]
S3 CSVirtA;Cisco Systems SSL VPN Adapter;c:\windows\system32\DRIVERS\CSVirtA.sys --> c:\windows\system32\DRIVERS\CSVirtA.sys [?]
S3 fidcam;Unibrain MS 1394 based IIDC Digital Camera Driver;c:\windows\system32\drivers\fidcam.sys [11/17/2006 11:27 AM 48128]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/14/2010 8:49 PM 136176]
S3 JRSKD24;JRSKD24;\??\c:\windows\system32\JRSKD24.SYS --> c:\windows\system32\JRSKD24.SYS [?]
S3 MatSvc;@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000;c:\program files\Microsoft Fix it Center\Matsvc.exe [6/13/2011 10:09 PM 267568]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [1/4/2012 10:16 PM 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [1/4/2012 10:16 PM 87656]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11/6/2007 3:22 PM 34064]
S3 NPFWFLT;NPFWFLT;c:\windows\system32\npfwflt.sys [6/18/2009 2:13 AM 41600]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\DRIVERS\PTDMBus.sys --> c:\windows\system32\DRIVERS\PTDMBus.sys [?]
S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\DRIVERS\PTDMMdm.sys --> c:\windows\system32\DRIVERS\PTDMMdm.sys [?]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\DRIVERS\PTDMVsp.sys --> c:\windows\system32\DRIVERS\PTDMVsp.sys [?]
S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\DRIVERS\PTDMWWAN.sys --> c:\windows\system32\DRIVERS\PTDMWWAN.sys [?]
S3 SCPMPR5;SCPMPR5 NDIS Protocol Driver;\??\d:\scpmpr5.sys --> d:\SCPMPR5.SYS [?]
S3 sonydcam;Generic 1394 Desktop Camera;c:\windows\system32\drivers\sonydcam.sys [8/3/2004 11:09 PM 25344]
S3 USRSp50;USRSp50 NDIS Protocol Driver;c:\windows\system32\drivers\USRSp50.sys [7/10/2006 4:18 PM 17664]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 5:28 PM 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [7/10/2008 2:49 AM 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [7/10/2008 5:28 PM 369688]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-19 c:\windows\Tasks\fba_Daily Backup.job
- c:\program files\Softland\FBackup 4\fbaSchedStarter.exe [2011-06-03 20:47]
.
2012-01-19 c:\windows\Tasks\User_Feed_Synchronization-{DC0CEE94-D4A1-43E1-AC70-E0E93192A266}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
Trusted Zone: aol.com\free
Trusted Zone: imlive.com
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {1B5EE264-CCAB-48A4-B8DA-04D4BB004CC3} - hxxp://online.keb.co.kr/cab/miplatform/MiUpdater310-20061109_1035.cab
DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} - hxxp://download.softforum.co.kr/Published/XecureWeb/v7.2.2.7/xw_install.cab
DPF: {8FD68F8A-641E-4204-AE47-DD835C1AE756} - hxxp://ck.softforum.co.kr/CKKeyPro/keb/CKAppPro.cab
DPF: {A2A4336A-E49E-44E8-B152-E98E841CFA24} - hxxp://gisweb4.chzero.com/zeromap/ZeroMapUpdate.cab
DPF: {CDD6E613-CBEF-40C3-A140-4F5EEE0C4E00} - hxxp://ck.softforum.co.kr/phishingpro/current/CKPhishingPro.cab
FF - ProfilePath - c:\documents and settings\Allen\Application Data\Mozilla\Firefox\Profiles\g5i37zh8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - user.js: yahoo.homepage.dontask - true);user_pref(dom.disable_open_during_load, true // Popupblocker control handled by McAfee Privacy Service
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-19 13:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\INTEL\Wireless\Folders\x
*]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Application Data\\Intel\\Wireless\\"
.
[HKEY_LOCAL_MACHINE\software\INTEL\Wireless\Folders\¬ *ª*]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Application Data\\Intel\\Wireless\\"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(1448)
c:\windows\system32\setuid.dll
.
Completion time: 2012-01-19  13:42:29
ComboFix-quarantined-files.txt  2012-01-19 18:42
.
Pre-Run: 3,306,172,416 bytes free
Post-Run: 3,417,821,184 bytes free
.
- - End Of File - - 461EA63D9F7668FE41E4DC555791580F