Thank you so much for your help thus far.
I logged into Safe Mode under the administrator account because that is the only way I can CTRL-ALT-DEL and open Task Manager to run Windows Explorer.
After running ComboFix I restarted my system to see where I was in the process. I now cannot login to normal or safe mode, my account or administrator because as soon as I do, it shuts down and returns me immediately to the profile login screen. (Which als just started appearing when I began having problems. Prior to that I was automatically logged into my profile.
Here is my ComboFix Log:
ComboFix 09-02-04.01 - Administrator 2009-02-09 21:54:15.1 - NTFSx86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.356 [GMT -6:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AVG 7.5.476 *On-access scanning disabled* (Outdated)
AV: Spy Sweeper with AntiVirus *On-access scanning disabled* (Updated)
FW: Webroot Desktop Firewall *disabled*
.
ADS - WINDOWS: deleted 24 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\recycler\MSNQoS.exe
c:\recycler\MSNQoSHandler.log
c:\recycler\MSRecycler.exe
c:\recycler\xyntservice.ini
c:\windows\system32\_000003_.tmp.dll
c:\windows\system32\ddcYpoPG.dll
c:\windows\system32\drivers\seneka.sys
c:\windows\system32\drivers\senekacwfchxox.sys
c:\windows\system32\drivers\senekakspcnjyq.sys
c:\windows\system32\drivers\senekalesixwwr.sys
c:\windows\system32\drivers\senekamafikdvi.sys
c:\windows\system32\drivers\senekanfhulnou.sys
c:\windows\system32\drivers\senekavubndkjo.sys
c:\windows\system32\drivers\senekawqpuxxyv.sys
c:\windows\system32\fhjekt.dll
c:\windows\system32\FTPx.dll
c:\windows\system32\gfvudw.dll
c:\windows\system32\jzhtkq.dll
c:\windows\system32\MabryObj.dll
c:\windows\system32\search.dll
c:\windows\system32\senekaargfggde.dll
c:\windows\system32\senekafpmbivxi.dat
c:\windows\system32\senekafvnmullq.dll
c:\windows\system32\senekahwwkvxsd.dat
c:\windows\system32\senekaibapqrir.dll
c:\windows\system32\senekaiqiffsny.dll
c:\windows\system32\senekakjgertky.dat
c:\windows\system32\senekaknckmtew.dat
c:\windows\system32\senekamuequvxx.dll
c:\windows\system32\senekankinmeti.dll
c:\windows\system32\senekanqlotkiq.dll
c:\windows\system32\senekatadquehi.dll
c:\windows\system32\senekatnxvkiqq.dat
c:\windows\system32\senekavtpyvqaj.dll
c:\windows\system32\senekayrksxbwn.dat
c:\windows\system32\setup.ini
c:\windows\system32\system
c:\windows\system32\system\msxml4.dll
c:\windows\system32\system\msxml4r.dll
c:\windows\system32\test.ttt
c:\windows\system32\twex.exe
c:\windows\system32\uniq.tll
c:\windows\system32\urqPfEvs.dll
c:\windows\system32\win32hlp.cnf
c:\windows\system32\winlogon2.exe
c:\windows\system32\xxyvvSmM.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SENEKA
((((((((((((((((((((((((( Files Created from 2009-01-10 to 2009-02-10 )))))))))))))))))))))))))))))))
.
2009-02-04 20:15 . 2009-02-04 20:15 <DIR> d-------- C:\VundoFix Backups
2009-02-04 20:13 . 2009-02-04 20:13 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-04 03:25 . 2009-02-04 03:25 <DIR> d--hs---- c:\windows\system32\twain32
2009-02-04 00:07 . 2009-02-04 00:07 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Thinstall
2009-02-03 22:21 . 2009-02-03 22:21 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Webroot
2009-02-03 07:34 . 2009-02-09 21:54 <DIR> d-------- c:\windows\system32\CatRoot2
2009-02-03 07:34 . 2009-02-03 22:02 8,992 --ahs---- c:\windows\system32\drivers\fidbox.dat
2009-02-03 07:34 . 2009-02-03 22:02 32 --ahs---- c:\windows\system32\drivers\fidbox2.idx
2009-02-03 07:34 . 2009-02-03 22:02 32 --ahs---- c:\windows\system32\drivers\fidbox2.dat
2009-02-03 07:34 . 2009-02-03 22:02 32 --ahs---- c:\windows\system32\drivers\fidbox.idx
2009-02-03 07:10 . 2009-02-03 20:55 <DIR> dr-h----- C:\$VAULT$.AVG
2009-02-03 05:07 . 2009-02-03 05:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\Grisoft
2009-02-03 05:07 . 2009-02-03 06:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\AVG7
2009-01-30 01:00 . 2009-01-30 01:00 <DIR> d-------- c:\program files\Handmark
2009-01-29 23:04 . 2009-01-29 23:25 <DIR> d-------- c:\program files\Common Files\DataViz
2009-01-29 23:04 . 2009-01-29 23:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\DataViz
2009-01-29 23:03 . 2009-01-29 23:29 <DIR> d-------- c:\program files\Documents To Go
2009-01-28 02:09 . 2009-01-28 02:09 0 --ah----- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-01-28 01:50 . 2006-01-27 00:56 938,272 --a------ c:\windows\system32\wodFtpDLX.OCX
2009-01-27 15:30 . 2009-02-03 11:11 2,180 --a------ c:\windows\system32\d3d8caps.dat
2009-01-23 00:58 . 2007-03-31 08:00 44,544 --a------ c:\windows\system32\msxml4a.dll
2009-01-23 00:57 . 2009-01-23 00:57 <DIR> d-------- c:\program files\Fortop Digital Software
2009-01-15 00:09 . 2009-01-15 00:09 0 --ah----- c:\windows\system32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf
2009-01-15 00:09 . 2009-01-15 00:09 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2009-01-15 00:07 . 2009-01-15 00:07 0 --ah----- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-01-14 23:39 . 2009-01-15 22:58 <DIR> d-------- c:\program files\Zune
2009-01-14 23:08 . 2009-01-14 23:08 <DIR> d-------- c:\program files\USB Safely Remove
2009-01-14 23:08 . 2009-01-14 23:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\USBSRService
2009-01-14 22:24 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2009-01-14 22:24 . 2009-01-14 22:24 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-01-14 22:24 . 2009-01-14 22:24 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_zumbus_01007.Wdf
2009-01-14 06:01 . 2008-05-02 07:30 464,384 --------- c:\windows\system32\imapi2fs.dll
2009-01-14 06:01 . 2008-05-02 07:30 464,384 -----c--- c:\windows\system32\dllcache\imapi2fs.dll
2009-01-14 06:01 . 2008-05-02 07:30 317,952 --------- c:\windows\system32\imapi2.dll
2009-01-14 06:01 . 2008-05-02 07:30 317,952 -----c--- c:\windows\system32\dllcache\imapi2.dll
2009-01-14 06:01 . 2008-05-02 03:05 62,592 -----c--- c:\windows\system32\dllcache\cdrom.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-10 03:32 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-03 11:09 --------- d-sha-w c:\program files\NetSnippets
2009-02-03 11:07 --------- d-----w c:\documents and settings\trancemc\Application Data\Thinstall
2009-01-30 09:13 --------- d-----w c:\program files\BitComet
2009-01-30 07:57 --------- d-----w c:\documents and settings\trancemc\Application Data\wsInspector
2009-01-30 06:06 --------- d-----w c:\program files\Pocket Science Pty Limited
2009-01-30 02:29 15,960 -csha-w c:\windows\system32\KGyGaAvL.sys
2009-01-28 07:50 --------- d-----w c:\program files\CoffeeCup Software
2009-01-23 19:19 --------- d-----w c:\documents and settings\trancemc\Application Data\USBSafelyRemove
2009-01-13 06:24 --------- d-----w c:\program files\DIY DataRecovery CHK-Mate
2009-01-09 06:08 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
2009-01-08 01:05 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-08 01:05 --------- d-----w c:\program files\onOne Software
2009-01-07 11:04 --------- d-----w c:\documents and settings\trancemc\Application Data\Alien Skin
2009-01-07 05:33 --------- d-----w c:\documents and settings\trancemc\Application Data\Nero
2009-01-07 05:08 --------- d-----w c:\program files\Common Files\LightScribe
2009-01-07 05:08 --------- d-----w c:\documents and settings\All Users\Application Data\LightScribe
2009-01-07 03:45 --------- d-----w c:\program files\Common Files\Nero
2009-01-07 02:39 --------- d-----w c:\program files\Nero
2009-01-07 02:33 --------- d-----w c:\program files\Windows Sidebar
2009-01-06 07:29 --------- d-----w c:\program files\MSBuild
2009-01-06 07:28 --------- d-----w c:\program files\Reference Assemblies
2009-01-06 07:06 --------- d-----w c:\program files\MSXML 6.0
2009-01-05 17:52 --------- d-----w c:\program files\DynamicPhotoHDR
2009-01-05 08:30 --------- d-----w c:\documents and settings\All Users\Application Data\GlobalSCAPE
2009-01-05 08:28 --------- d-----w c:\program files\GlobalSCAPE
2009-01-05 07:49 --------- d-----w c:\program files\Your Uninstaller 2008
2009-01-05 07:35 --------- d-----w c:\program files\Tribal
2009-01-01 11:40 --------- d-----w c:\program files\FaceOnBody
2008-12-30 01:20 --------- d-----w c:\program files\FLV Player
2008-12-29 22:25 --------- d-----w c:\documents and settings\trancemc\Application Data\Move Networks
2008-12-23 22:25 --------- d-----w c:\documents and settings\All Users\Application Data\FaceOnBody
2008-12-22 23:30 --------- d-----w c:\program files\7-Zip
2008-12-22 20:56 --------- d-----w c:\documents and settings\trancemc\Application Data\Notepad++
2008-12-22 17:21 --------- d-----w c:\program files\PixPlantPhotoshop
2008-12-22 00:04 --------- d-----w c:\program files\Google
2008-12-21 23:44 --------- d-----w c:\program files\Notepad++
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 09:02 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2001-09-10 14:00 139,264 ----a-w c:\windows\inf\i386\Rtscan.dll
2001-09-10 13:10 61,440 ----a-w c:\windows\inf\i386\onetUSD.dll
2001-08-17 23:43 32,768 -c--a-w c:\windows\inf\i386\Wiamicro.dll
2001-08-03 23:29 13,824 -c--a-w c:\windows\inf\i386\usbscan.sys
2001-06-29 13:10 163,840 ----a-w c:\windows\inf\i386\viceo.dll
2006-09-25 12:57 3,072 ----a-w c:\program files\mozilla firefox\plugins\ractrlkeyhook.dll
2006-09-25 12:57 245,408 ----a-w c:\program files\mozilla firefox\plugins\unicows.dll
2005-09-15 23:26 44,153 ----a-w c:\program files\mozilla firefox\components\inspector.dll
2007-10-14 13:13 56 -csh--r c:\windows\system32\B97678233E.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"Pop-Up Stopper"="c:\program files\Panicware\Pop-Up Stopper\dpps2.exe" [2001-10-16 675840]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-25 172032]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2002-09-27 4214784]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
"RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2007-05-09 2299400]
"Webroot Desktop Firewall"="c:\program files\Webroot\Webroot Desktop Firewall\WDF.exe" [2008-07-31 2401672]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-05-16 648504]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"ACD mPower Tools"="c:\program files\ACD Systems\mPower Tools\1.0\mPowerTools.exe" [2003-03-11 1003520]
"SpySweeper"="c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2008-01-04 5367664]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2008-02-01 8699904]
c:\documents and settings\trancemc\Start Menu\Programs\Startup\
Text Monkey PRO.lnk - c:\program files\Text Monkey\TextMonkeyPRO.exe [2005-06-29 918016]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
DataViz Inc Messenger.lnk - c:\program files\Common Files\DataViz\DvzIncMsgr.exe [2009-01-29 28672]
HotSync Manager.lnk - c:\palm\Hotsync.exe [2004-06-09 471040]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2007-08-22 784912]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\program files\QUALCOMM\Eudora\EuShlExt.dll" [2005-06-07 86016]
"{FE24CD78-7C63-465D-8787-4EDF7FC79895}"= "c:\program files\Logitech\Easy Synchronization\shellexecutehook.dll" [2004-11-29 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2007-11-15 10:10 72208 c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=jzhtkq.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"midi1"= evolusbn.dll
"midi3"= evolusbn.dll
"midi5"= evolusbn.dll
"msvideo9"= SDVC03.drv
"midi6"= evolusbn.dll
"midi7"= evolusbn.dll
"midi8"= evolusbn.dll
"midi9"= evolusbn.dll
"VIDC.JPEG"= JpegCode.dll
"VIDC.MJPG"= JpegCode.dll
"msacm.l3fhg"= mp3fhg.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"msacm.divxa32"= divxa32.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Palm\\HOTSYNC.EXE"=
"c:\\Program Files\\Games\\oiltyc\\ot.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1104974216\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Pando Networks\\Pando\\pando.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Roxio\\Easy Media Creator 8\\Digital Home\\RoxUpnpServer.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"67:UDP"= 67:UDP:DHCP Discovery Service
"25333:TCP"= 25333:TCP:BitComet 25333 TCP
"25333:UDP"= 25333:UDP:BitComet 25333 UDP
"135:TCP"= 135:TCP:DCOM(135)
R2 Sdselect;Sdselect;c:\windows\system32\drivers\sdselect.sys [2004-03-02 73296]
S1 c2scsi;c2scsi; [x]
S1 pwipf6;pwipf6;c:\windows\system32\drivers\pwipf6.sys [2008-07-02 103304]
S2 ALIEHCD;ALi PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\AliEhci.sys [2006-05-07 104088]
S2 FlashNT;FlashNT;c:\windows\system32\drivers\FLASHNT.SYS [2004-12-10 72784]
S2 gupdate1c963c8beb4f11b;Google Update Service (gupdate1c963c8beb4f11b);c:\program files\Google\Update\GoogleUpdate.exe [2008-12-21 133104]
S2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2007-08-22 10640]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\RaInfo.sys --> c:\program files\LogMeIn\RaInfo.sys [?]
S2 ousbehci;%OWC_USBEHCD.DeviceDesc%;c:\windows\system32\drivers\ousbehci.sys [2006-07-11 42752]
S2 ppsio2;PPDevice;c:\windows\system32\drivers\ppsio2.sys [2002-12-06 23200]
S2 UnoInstallerService;Uno Installer;c:\program files\M-Audio Uno\UnoInst.exe [2006-12-19 106496]
S2 USBSafelyRemoveService;USB Safely Remove Assistant;c:\program files\USB Safely Remove\USBSRService.exe [2009-01-14 208144]
S2 WDFNet;Webroot Desktop Firewall network service;c:\program files\Webroot\Webroot Desktop Firewall\wdfsvc.exe [2008-07-31 353672]
S3 aligp;USB Composite Device;c:\windows\system32\drivers\AliGP.sys [2006-05-07 8668]
S3 alihub;Generic Hub on USB 2.0 Bus;c:\windows\system32\drivers\AliHub.sys [2006-05-07 17835]
S3 aliroothub;USB 2.0 Root Hub;c:\windows\system32\drivers\AliRtHub.sys [2006-05-07 5337]
S3 DVC;USB DVC Svc;c:\windows\system32\drivers\DVC.sys [2007-08-28 38604]
S3 EVOLUSB;%EVOL_USB_SvcDesc%;c:\windows\system32\drivers\evolusb.sys [2006-12-30 21984]
S3 msvad_multi;Samson Audio (WDM);c:\windows\system32\drivers\SWAudWDM.sys [2005-11-10 25088]
S3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [2006-07-11 55552]
S3 radpms;Driver for RADPMS Device;c:\windows\system32\DRIVERS\radpms.sys --> c:\windows\system32\DRIVERS\radpms.sys [?]
S3 SamsonLLDriver;Samson LL Driver;c:\windows\system32\drivers\SamsonLLDriver.sys [2006-12-12 56832]
S3 SDVC05;USB SDVC05;c:\windows\system32\drivers\SDVC05.sys [2007-07-31 18088]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - LBEEPKE
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
2009-02-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 14:21]
2009-01-28 c:\windows\Tasks\EasyShare Registration Task.job
- c:\docume~1\ALLUSE~1\APPLIC~1\Kodak\EasyShareSetup\$REGIS~1\Registration_7.4.20.2.sxt _RegistrationOffer@16 []
2009-02-10 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-12-21 18:02]
2009-02-09 c:\windows\Tasks\wrSpySweeper_LD1ABDC500FFC45D1BBBD5076ECC7612A.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-01-04 20:56]
2009-02-09 c:\windows\Tasks\wrSpySweeper_LD1ABDC500FFC45D1BBBD5076ECC7612A.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-01-04 20:56]
2009-02-09 c:\windows\Tasks\wrSpySweeper_LD1ABDC500FFC45D1BBBD5076ECC7612A.job
- A:\ []
.
- - - - ORPHANS REMOVED - - - -
BHO-{082a0e13-ff2b-4db6-bb96-5a141ab30244} - c:\windows\system32\jzhtkq.dll
HKLM-Run-MSRSvC - c:\recycler\MSRecycler.exe
Notify-ssqNFUKd - ssqNFUKd.dll
.
------- Supplementary Scan -------
.
mWindow Title = Microsoft Internet Explorer
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4metq9c2.default\
FF - component: c:\program files\Google\Google Gears\Firefox\components\gears.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAdbESD.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npalnn.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npRACtrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npsabffx.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-02-09 22:01:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\EncryptionInterface*]
"l_encryption_d"="585A4A5A445F"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(252)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
c:\windows\system32\WRLogonNTF.dll
.
Completion time: 2009-02-09 22:07:06
ComboFix-quarantined-files.txt 2009-02-10 04:06:54
Pre-Run: 67,679,268,864 bytes free
Post-Run: 71,065,481,216 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
329 --- E O F --- 2009-01-15 09:19:10