ComboFix 12-05-08.02 - Fadil Shamir Khan 05/16/2012  21:48:58.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1015.465 [GMT -4:00]
Running from: c:\documents and settings\Fadil Shamir Khan\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Start Menu\Programs\Internet Explorer.lnk
c:\documents and settings\Fadil Shamir Khan\WINDOWS
c:\windows\system32\winlogon.bak
.
.
(((((((((((((((((((((((((   Files Created from 2012-04-17 to 2012-05-17  )))))))))))))))))))))))))))))))
.
.
2012-05-17 01:34 . 2012-05-17 01:34	--------	d-----w-	C:\_OTL
2012-05-12 15:08 . 2012-05-12 15:08	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Local Settings\Application Data\LogMeIn
2012-05-12 15:07 . 2012-05-16 11:46	--------	d-----w-	c:\documents and settings\All Users\Application Data\LogMeIn
2012-05-12 08:25 . 2008-04-14 12:00	221184	----a-w-	c:\windows\system32\wmpns.dll
2012-05-11 08:49 . 2012-05-11 08:49	--------	d-sh--w-	c:\windows\system32\config\systemprofile\IETldCache
2012-05-11 08:48 . 2012-05-11 08:48	--------	d-sh--w-	c:\documents and settings\Fadil Shamir Khan\IETldCache
2012-05-11 07:24 . 2012-05-11 07:28	--------	d--h--w-	c:\windows\$hf_mig$
2012-05-11 07:21 . 2009-01-07 22:21	26144	----a-w-	c:\windows\system32\spupdsvc.exe
2012-05-11 07:19 . 2012-05-11 07:23	--------	dc-h--w-	c:\windows\ie8
2012-05-11 07:06 . 2011-08-16 10:45	6144	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2012-05-11 07:06 . 2012-03-01 11:01	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2012-05-11 07:06 . 2012-03-01 11:01	602112	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2012-05-11 07:06 . 2012-03-01 11:01	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2012-05-11 07:06 . 2012-03-01 11:01	743424	-c----w-	c:\windows\system32\dllcache\iedvtool.dll
2012-05-11 07:06 . 2012-03-01 11:01	247808	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2012-05-11 07:06 . 2012-03-01 11:01	2000384	-c----w-	c:\windows\system32\dllcache\iertutil.dll
2012-05-11 07:06 . 2012-03-02 10:01	11082752	-c----w-	c:\windows\system32\dllcache\ieframe.dll
2012-05-09 12:01 . 2012-05-09 12:01	--------	d-----w-	C:\f5d9050v3000
2012-05-09 11:50 . 2012-05-09 11:50	15584	----a-w-	c:\windows\system32\drivers\mdc8021x.sys
2012-05-09 11:50 . 2003-09-25 01:21	479232	------w-	c:\windows\system32\AegisE5.dll
2012-05-09 11:50 . 2003-09-25 01:21	110592	------w-	c:\windows\system32\AegisI5.exe
2012-05-09 11:50 . 2003-10-16 18:03	790528	------w-	c:\windows\system32\BCMWLCPL.CPL
2012-05-09 11:50 . 2003-10-16 02:05	501144	------w-	c:\windows\system32\BCMWLTRY.EXE
2012-05-09 11:50 . 2003-10-07 22:44	45056	------w-	c:\windows\system32\WLTRYSVC.EXE
2012-05-09 11:50 . 2003-10-16 02:04	144776	------w-	c:\windows\system32\BCMWLU00.EXE
2012-05-09 11:50 . 2003-10-15 16:57	57344	------w-	c:\windows\system32\BCMWLD2K.EXE
2012-05-09 11:50 . 2003-09-25 01:21	285056	------w-	c:\windows\system32\drivers\BCMWL5.SYS
2012-05-08 21:25 . 2012-05-08 21:25	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Application Data\Malwarebytes
2012-05-08 21:24 . 2012-05-08 21:24	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2012-05-06 19:25 . 2009-05-18 17:17	26600	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2012-05-06 19:25 . 2008-04-17 16:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
2012-05-06 19:22 . 2012-05-06 19:22	--------	d-----w-	c:\program files\iPod
2012-05-06 19:21 . 2012-05-06 19:25	--------	d-----w-	c:\program files\iTunes
2012-05-03 04:58 . 2012-05-03 04:58	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2012-05-03 04:58 . 2012-05-03 04:58	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2012-05-03 04:58 . 2012-05-03 04:58	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2012-05-03 04:58 . 2012-05-03 04:58	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2012-05-03 04:58 . 2012-05-03 04:58	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2012-05-03 04:58 . 2012-05-03 04:58	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2012-05-03 04:58 . 2012-05-03 04:58	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2012-05-03 04:56 . 2012-05-03 04:58	--------	d-----w-	c:\program files\QuickTime
2012-05-01 22:33 . 2012-05-01 22:33	--------	d-----w-	c:\program files\WinSCP
2012-04-29 14:30 . 2012-04-29 14:30	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Local Settings\Application Data\Cranium_Consulting_and_Cu
2012-04-29 13:57 . 2012-04-29 13:57	--------	d-----w-	c:\program files\Apple Software Update
2012-04-29 13:56 . 2012-02-15 15:01	4547944	----a-w-	c:\windows\system32\usbaaplrc.dll
2012-04-29 13:56 . 2012-02-15 15:01	43520	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2012-04-29 13:56 . 2012-04-29 13:56	--------	d-----w-	c:\program files\Bonjour
2012-04-29 13:55 . 2012-05-06 19:22	--------	d-----w-	c:\program files\Common Files\Apple
2012-04-28 13:54 . 2012-05-07 14:27	--------	d-----w-	c:\program files\Cyder
2012-04-26 22:43 . 2009-08-06 23:24	44768	----a-w-	c:\windows\system32\wups2.dll
2012-04-26 22:43 . 2009-08-06 23:24	21728	----a-w-	c:\windows\system32\wucltui.dll.mui
2012-04-26 22:43 . 2009-08-06 23:24	17632	----a-w-	c:\windows\system32\wuaueng.dll.mui
2012-04-26 22:43 . 2009-08-06 23:24	15072	----a-w-	c:\windows\system32\wuaucpl.cpl.mui
2012-04-26 22:43 . 2009-08-06 23:24	15064	----a-w-	c:\windows\system32\wuapi.dll.mui
2012-04-26 22:41 . 2012-02-01 01:30	52096	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2012-04-26 22:41 . 2012-02-01 01:30	30592	----a-w-	c:\windows\system32\LMIport.dll
2012-04-26 22:41 . 2012-02-01 01:30	83360	----a-w-	c:\windows\system32\LMIRfsClientNP.dll
2012-04-26 22:41 . 2011-09-16 18:10	47640	----a-w-	c:\windows\system32\drivers\LMIRfsDriver.sys
2012-04-26 22:40 . 2012-02-01 01:30	87424	----a-w-	c:\windows\system32\LMIinit.dll
2012-04-26 22:39 . 2012-05-12 15:07	--------	d-----w-	c:\program files\LogMeIn
2012-04-26 02:26 . 2006-10-26 23:58	30512	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2012-04-26 02:26 . 2006-10-26 23:58	30512	----a-w-	c:\windows\system32\mdimon.dll
2012-04-26 02:24 . 2012-04-26 02:24	--------	d-----w-	c:\program files\Microsoft Works
2012-04-26 02:07 . 2012-04-26 02:22	--------	d-----w-	c:\windows\SHELLNEW
2012-04-26 02:03 . 2012-04-26 02:03	--------	d-----r-	C:\MSOCache
2012-04-26 00:11 . 2012-04-26 00:11	--------	d-----w-	c:\documents and settings\NetworkService\Application Data\Apple Computer
2012-04-25 19:26 . 2011-11-22 20:28	11368	----a-w-	c:\windows\system32\RtkCoLDRXP.dll
2012-04-25 19:26 . 2010-11-03 22:14	2180712	----a-w-	c:\windows\MicCal.exe
2012-04-25 19:26 . 2009-11-18 11:17	1395800	----a-w-	c:\windows\system32\drivers\Monfilt.sys
2012-04-25 19:26 . 2011-08-29 20:20	1493608	----a-w-	c:\windows\RtlUpd.exe
2012-04-25 19:26 . 2010-11-03 22:15	359016	----a-w-	c:\windows\vncutil.exe
2012-04-25 19:26 . 2010-11-03 22:15	1833576	----a-w-	c:\windows\SkyTel.exe
2012-04-25 19:26 . 2012-03-19 23:01	65128	----a-w-	c:\windows\system32\RtkCoInstIIXP.dll
2012-04-25 19:26 . 2009-11-18 11:16	1691480	----a-w-	c:\windows\system32\drivers\Ambfilt.sys
2012-04-25 19:26 . 2010-11-03 22:14	129640	----a-w-	c:\windows\RtkAudioService.exe
2012-04-25 19:20 . 2012-04-28 12:22	--------	d-----w-	c:\windows\SxsCaPendDel
2012-04-25 16:18 . 2012-04-25 16:18	157352	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-25 16:18 . 2012-04-25 16:18	129976	----a-w-	c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-04-24 09:33 . 2012-04-24 09:33	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Local Settings\Application Data\Microsoft Help
2012-04-24 09:32 . 2012-04-26 02:27	--------	d-----w-	c:\documents and settings\All Users\Application Data\Microsoft Help
2012-04-24 09:20 . 2012-04-24 09:21	--------	d-----w-	c:\program files\Alcohol 120%
2012-04-24 00:57 . 2012-04-25 20:28	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Local Settings\Application Data\Unity
2012-04-23 21:16 . 2012-04-26 01:23	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Local Settings\Application Data\RockMelt
2012-04-22 23:33 . 2012-04-22 23:33	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-04-22 11:01 . 2012-04-22 11:01	--------	d--h--w-	c:\windows\PIF
2012-04-22 08:51 . 2012-04-22 08:51	--------	d-----w-	c:\documents and settings\All Users\Application Data\Anvsoft
2012-04-22 08:51 . 2012-04-22 08:51	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Application Data\Wedding Album Maker
2012-04-22 08:48 . 2012-04-23 21:59	--------	d-----w-	c:\program files\Wedding Album Maker Gold
2012-04-22 08:39 . 2012-04-22 08:39	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Application Data\Cocoon Software
2012-04-22 08:39 . 2012-04-22 08:39	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Local Settings\Application Data\WDSetup
2012-04-21 18:06 . 2012-04-21 18:07	--------	d-----w-	c:\program files\WinHTTrack Website Copier
2012-04-21 18:05 . 2012-04-21 18:05	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Local Settings\Application Data\ApplicationHistory
2012-04-21 17:32 . 2012-04-21 18:05	--------	d-----w-	c:\program files\Website Ripper Copier
2012-04-21 17:30 . 2012-04-25 20:54	--------	d-----w-	c:\windows\system32\URTTemp
2012-04-21 12:48 . 2012-04-30 08:59	--------	d-----w-	c:\program files\Network Magic
2012-04-21 12:46 . 2012-04-21 12:46	8892928	----a-w-	c:\documents and settings\All Users\Application Data\atscie.msi
2012-04-21 12:42 . 2012-04-21 12:42	--------	d-----w-	c:\windows\Sun
2012-04-21 00:40 . 2012-05-03 00:22	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\.shsh
2012-04-21 00:40 . 2012-04-21 00:40	--------	d-----w-	c:\program files\Common Files\Java
2012-04-21 00:39 . 2012-04-21 00:39	73728	----a-w-	c:\windows\system32\javacpl.cpl
2012-04-21 00:39 . 2012-04-21 00:39	472808	----a-w-	c:\windows\system32\deployJava1.dll
2012-04-21 00:39 . 2012-04-21 00:39	--------	d-----w-	c:\program files\Java
2012-04-20 23:29 . 2012-04-20 23:29	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Local Settings\Application Data\libimobiledevice
2012-04-19 09:01 . 2012-05-07 10:20	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Application Data\redsn0w
2012-04-18 20:44 . 2001-08-18 02:36	5632	----a-w-	c:\windows\system32\ptpusb.dll
2012-04-18 20:44 . 2008-04-14 09:42	159232	----a-w-	c:\windows\system32\ptpusd.dll
2012-04-18 20:44 . 2008-04-14 04:15	15104	-c--a-w-	c:\windows\system32\dllcache\usbscan.sys
2012-04-18 20:44 . 2008-04-14 04:15	15104	----a-w-	c:\windows\system32\drivers\usbscan.sys
2012-04-17 22:29 . 2012-04-17 22:29	--------	d-----w-	c:\documents and settings\Fadil Shamir Khan\Local Settings\Application Data\Identities
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 04:23 . 2012-03-30 22:30	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-05 04:23 . 2012-03-30 22:30	419488	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-08 02:54 . 2012-04-08 02:54	162634	----a-w-	c:\windows\FotoFusion Uninstaller.exe
2012-04-08 02:52 . 2012-04-08 02:52	722416	----a-w-	c:\windows\system32\drivers\sptd.sys
2012-03-30 04:25 . 2012-03-30 04:25	74703	----a-w-	c:\windows\system32\mfc45.dll
2012-03-29 19:21 . 2008-04-14 12:00	507904	----a-w-	c:\windows\system32\winlogon.exe
2012-03-29 17:22 . 2012-03-29 17:22	20747	----a-w-	c:\windows\system32\drivers\AegisP.sys
2012-03-27 21:03 . 2012-03-30 00:12	6100072	----a-w-	c:\windows\system32\drivers\RtkHDAud.sys
2012-03-14 17:40 . 2012-03-30 00:12	20065896	----a-w-	c:\windows\RTHDCPL.EXE
2012-03-07 00:15 . 2012-03-29 20:17	41184	----a-w-	c:\windows\avastSS.scr
2012-03-07 00:15 . 2012-03-29 20:17	201352	----a-w-	c:\windows\system32\aswBoot.exe
2012-03-07 00:03 . 2012-03-29 20:17	612184	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03 . 2012-03-29 20:17	337880	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2012-03-29 20:17	35672	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2012-03-07 00:01 . 2012-03-29 20:17	53848	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2012-03-29 20:17	95704	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2012-03-07 00:01 . 2012-03-29 20:17	89048	----a-w-	c:\windows\system32\drivers\aswmon.sys
2012-03-07 00:01 . 2012-03-29 20:17	20696	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-03-06 23:58 . 2012-03-29 20:17	24920	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2012-03-01 11:01 . 2008-04-14 12:00	916992	----a-w-	c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2008-04-14 12:00	43520	------w-	c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2008-04-14 12:00	1469440	------w-	c:\windows\system32\inetcpl.cpl
2012-02-29 12:17 . 2008-04-14 12:00	385024	------w-	c:\windows\system32\html.iec
2012-04-25 16:18 . 2012-03-29 17:26	97208	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-03-29 . 679A7259741F6A09994F02CE261B5F2E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15	123536	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-10 110592]
"ZCfgSvc.exe"="c:\windows\system32\ZCfgSvc.exe" [2004-06-17 409664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-08-14 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-08-14 114688]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-08-14 94208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"RTHDCPL"="RTHDCPL.EXE" [2012-03-14 20065896]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2011-09-16 63048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-02-01 01:30	87424	----a-w-	c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2004-06-17 16:14	180290	----a-w-	c:\windows\system32\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 13:10	843712	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2011-03-15 21:42	499608	------w-	c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
2011-01-12 11:08	1523360	----a-w-	c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-09-18 15:34	205976	----a-w-	c:\program files\Alcohol 120%\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2012-03-26 13:40	9532824	----a-w-	c:\program files\Innovative Solutions\DriverMax\drivermax.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 23:05	421736	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 02:12	3872080	----a-w-	c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgr.exe]
2004-05-24 19:59	86016	----a-w-	c:\program files\Intel\NCS\PROSet\PRONoMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 17:37	517096	----a-w-	c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4/7/2012 10:52 PM 722416]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3/29/2012 4:17 PM 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3/29/2012 4:17 PM 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3/29/2012 4:17 PM 20696]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [1/31/2012 9:30 PM 374152]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/29/2012 4:18 PM 136176]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [9/16/2011 2:10 PM 12856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3/30/2012 6:30 PM 257696]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [4/25/2012 3:26 PM 1691480]
S3 BKNDIS5;BKNDIS5 NDIS Protocol Driver;\??\c:\progra~1\Belkin\F5D9050\BKNDIS5.SYS --> c:\progra~1\Belkin\F5D9050\BKNDIS5.SYS [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/29/2012 4:18 PM 136176]
S3 StreamSurge;StreamSurge Driver (miniport);c:\windows\system32\DRIVERS\ss.sys --> c:\windows\system32\DRIVERS\ss.sys [?]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2/19/2010 1:37 PM 517096]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 04:23]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-29 20:17]
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-29 20:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Fadil Shamir Khan\Application Data\Mozilla\Firefox\Profiles\l0rwv6fr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig#m_98
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-F5D9050 - c:\program files\Belkin\F5D9050\Belkinwcui.exe
MSConfigStartUp-nmctxth - c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
AddRemove-CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966 - c:\program files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10431966\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_10431966
AddRemove-Generic ChkMail - c:\program files\Generic\Generic ChkMail\Uninst.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-16 21:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(720)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\windows\system32\LgNotify.dll
.
Completion time: 2012-05-16  21:53:40
ComboFix-quarantined-files.txt  2012-05-17 01:53
.
Pre-Run: 8,824,500,224 bytes free
Post-Run: 8,779,366,400 bytes free
.
- - End Of File - - BBA1623A939C37C4FE4969054A4FDA4B