Results 1 to 4 of 4
  1. #1
    Member
    Join Date
    Nov 2008
    Posts
    2
    Points
    0

    Default Combofix LogCan I please have my Combofix log reveiwed

    I have been having issues with this computer and have a current Combofix log that I would like to be looked at for problems. I have included it for your review. Thanks for your help.
    ComboFix 09-03-22.01 - Steve 2009-03-22 23:45:11.7 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1151.580 [GMT -7:00]
    Running from: c:\documents and settings\Steve\Desktop\ComboFix.exe
    AV: McAfee VirusScan *On-access scanning disabled* (Updated)
    FW: McAfee Personal Firewall *disabled*
    * Created a new restore point
    .

    ((((((((((((((((((((((((( Files Created from 2009-02-23 to 2009-03-23 )))))))))))))))))))))))))))))))
    .

    2009-03-08 17:01 . 2009-03-08 17:01 11,924 --a------ c:\windows\AtxClient2001.grd
    2009-03-06 17:38 . 2009-03-08 17:01 76 --a------ c:\windows\AtxControl2001.ini
    2009-03-06 17:25 . 2009-03-08 16:51 <DIR> d-------- c:\program files\ATX2001
    2009-03-06 17:25 . 2009-03-08 17:01 1,340 --a------ c:\windows\AtxPref2001.ini
    2009-03-06 17:24 . 2009-03-06 17:24 <DIR> d-------- c:\windows\lhsp
    2009-03-06 17:24 . 2002-03-18 13:19 2,285,568 --a------ c:\windows\system32\EFASTPrint2001.ocx
    2009-03-06 17:24 . 2001-12-11 12:04 1,585,152 --a------ c:\windows\system32\atxsslc.dll
    2009-03-06 17:24 . 2002-02-17 23:06 1,138,688 --a------ c:\windows\system32\MX1.ocx
    2009-03-06 17:24 . 2000-09-07 13:31 509,440 --a------ c:\windows\system32\AdcSSL.dll
    2009-03-06 17:24 . 2002-01-17 10:35 258,048 --a------ c:\windows\system32\atxtls01.dll
    2009-03-06 17:24 . 2001-12-27 14:57 139,264 --a------ c:\windows\system32\ATXWeb.dll
    2009-03-06 17:24 . 1999-08-02 12:03 106,496 --a------ c:\windows\system32\Cp5ocx32.ocx
    2009-03-06 17:24 . 2002-03-18 13:20 58,880 --a------ c:\windows\system32\TALPDF32.dll
    2009-03-06 17:24 . 2001-09-14 15:30 57,344 --a------ c:\windows\system32\ATXLinkView.ocx
    2009-03-06 17:24 . 2002-03-18 13:20 34,304 --a------ c:\windows\system32\Talc3932.dll
    2009-02-27 11:35 . 2009-02-28 20:29 <DIR> d-------- c:\documents and settings\Steve\.housecall6.6
    2009-02-26 13:16 . 2006-01-12 14:52 1,904 --------- c:\windows\system32\SetupBD.din
    2009-02-24 21:38 . 2009-01-09 12:19 1,089,593 -----c--- c:\windows\system32\dllcache\ntprint.cat

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-03-23 05:35 --------- d-----w c:\documents and settings\Steve\Application Data\Orbit
    2009-03-23 02:39 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
    2009-03-16 22:22 --------- d-----w c:\program files\Avant Browser
    2009-03-16 19:10 --------- d-----w c:\program files\Microsoft Baseline Security Analyzer 2
    2009-03-15 01:28 --------- d-----w c:\program files\MP3 Rocket
    2009-03-11 10:01 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
    2009-03-02 18:08 --------- d-----w c:\documents and settings\All Users\Application Data\DriverScanner
    2009-03-01 21:26 --------- d-----w c:\program files\Answers.com
    2009-02-28 17:22 --------- d-----w c:\program files\Orbitdownloader
    2009-02-26 20:17 --------- d-----w c:\program files\Intel
    2009-02-26 07:16 --------- d-----w c:\program files\Microsoft Silverlight
    2009-02-26 02:13 --------- d-----w c:\program files\SUPERAntiSpyware
    2009-02-24 23:28 --------- d-----w c:\documents and settings\Steve\Application Data\ArcSoft
    2009-02-21 05:53 --------- d-----w c:\program files\Client
    2009-02-21 05:53 --------- d-----w c:\program files\AIM6
    2009-02-20 20:06 --------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
    2009-02-20 20:05 --------- d-----w c:\documents and settings\Steve\Application Data\SUPERAntiSpyware.com
    2009-02-20 20:04 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
    2009-02-20 01:53 --------- d-----w c:\documents and settings\Steve\Application Data\GrabPro
    2009-02-18 06:55 --------- d-----w c:\program files\Google
    2009-02-14 20:02 --------- d-----w c:\program files\Timeslips
    2009-02-09 20:12 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
    2009-02-09 19:57 --------- d-----w c:\program files\Plaxo
    2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
    2009-02-09 04:06 --------- d-----w c:\program files\Panda Security
    2009-02-07 02:25 64,160 ----a-w c:\windows\system32\drivers\Lbd.sys
    2009-02-07 01:37 --------- dc-h--w c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
    2009-02-05 19:07 --------- d-----w c:\documents and settings\Steve\Application Data\MP3Rocket
    2009-01-31 23:49 --------- d-----w c:\program files\Samsung Network Printer Utilities
    2009-01-31 23:38 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! Companion
    2009-01-29 22:25 --------- d-----w c:\program files\Borland
    2009-01-29 18:02 --------- d-----w c:\program files\KeyScrambler
    2009-01-29 17:27 --------- d-----w c:\program files\Common Files\Adobe AIR
    2009-01-29 17:03 --------- d-----w c:\program files\Common Files\Adobe
    2009-01-29 04:34 --------- d-----w c:\program files\Microsoft
    2009-01-28 18:51 --------- dc-h--w c:\documents and settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
    2009-01-28 18:51 --------- d-----w c:\program files\Uniblue DriverScanner 2009
    2009-01-28 18:48 --------- d-----w c:\program files\Uniblue
    2009-01-28 00:20 --------- d-----w c:\program files\2Wire 802.11g Wireless
    2009-01-26 20:24 --------- d-----w c:\program files\ANI
    2009-01-26 20:23 --------- d-----w c:\program files\Airlink101
    2009-01-23 18:27 --------- d-----w c:\documents and settings\Steve\Application Data\Software Informer
    2009-01-23 18:22 --------- d-----w c:\program files\1-Click Answers
    2009-01-13 20:49 410,984 ----a-w c:\windows\system32\deploytk.dll
    2008-02-03 07:35 124,606 ----a-w c:\documents and settings\Incomplete\downloads.dat
    2008-05-19 11:53 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008051920080520\index.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{dd634e3e-abc7-4286-8d55-dfd3aa3f2cc5}"= "c:\program files\SilverTag\tbSil0.dll" [2008-05-19 1470488]
    "{6341761b-babe-406d-b0d6-8d99b81c2ee5}"= "c:\program files\Answers.com\tbAns1.dll" [2009-03-01 1883672]

    [HKEY_CLASSES_ROOT\clsid\{dd634e3e-abc7-4286-8d55-dfd3aa3f2cc5}]

    [HKEY_CLASSES_ROOT\clsid\{6341761b-babe-406d-b0d6-8d99b81c2ee5}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6341761b-babe-406d-b0d6-8d99b81c2ee5}]
    2009-03-01 14:27 1883672 --a------ c:\program files\Answers.com\tbAns1.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dd634e3e-abc7-4286-8d55-dfd3aa3f2cc5}]
    2008-05-19 23:58 1470488 --a------ c:\program files\SilverTag\tbSil0.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{dd634e3e-abc7-4286-8d55-dfd3aa3f2cc5}"= "c:\program files\SilverTag\tbSil0.dll" [2008-05-19 1470488]
    "{6341761b-babe-406d-b0d6-8d99b81c2ee5}"= "c:\program files\Answers.com\tbAns1.dll" [2009-03-01 1883672]

    [HKEY_CLASSES_ROOT\clsid\{dd634e3e-abc7-4286-8d55-dfd3aa3f2cc5}]

    [HKEY_CLASSES_ROOT\clsid\{6341761b-babe-406d-b0d6-8d99b81c2ee5}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{DD634E3E-ABC7-4286-8D55-DFD3AA3F2CC5}"= "c:\program files\SilverTag\tbSil0.dll" [2008-05-19 1470488]
    "{6341761B-BABE-406D-B0D6-8D99B81C2EE5}"= "c:\program files\Answers.com\tbAns1.dll" [2009-03-01 1883672]

    [HKEY_CLASSES_ROOT\clsid\{dd634e3e-abc7-4286-8d55-dfd3aa3f2cc5}]

    [HKEY_CLASSES_ROOT\clsid\{6341761b-babe-406d-b0d6-8d99b81c2ee5}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-20 68856]
    "SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2009-02-19 202064]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-25 1830128]
    "Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [2008-08-26 2019624]
    "Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-02-22 2272592]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-10-09 36352]
    "TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2007-08-01 540672]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-13 136600]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
    "pdfFactory Dispatcher v3"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" [2008-10-27 573440]
    "pdfFactory Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2004-08-25 442368]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-08-02 4493312]
    "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-11-01 582992]
    "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-01-15 267048]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2008-06-10 1406024]
    "HostManager"="c:\program files\Common Files\AOL\1159002859\ee\AOLSoftware.exe" [2007-10-08 41824]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-01 29744]
    "eBayToolbar"="c:\program files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [2009-01-17 632048]
    "ASM"="c:\program files\AOL\Active Security Monitor\ASMonitor.exe" [2006-11-07 2500096]
    "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
    "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2006-06-29 49152]
    "Airlink101 WLAN Monitor"="c:\program files\Airlink101\Airlink101 WLAN Monitor\WLANmon.exe" [2006-10-12 958464]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
    "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-02-06 509784]
    "SmartDefrag"="c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [2009-02-13 1986896]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160]

    c:\documents and settings\Lauren\Start Menu\Programs\Startup\
    MP3 Rocket (Minimized).lnk - c:\program files\MP3 Rocket\MP3Rocket.exe [2009-02-03 116224]
    OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

    c:\documents and settings\Steve\Start Menu\Programs\Startup\
    Microsoft Office Groove.lnk - c:\program files\Microsoft Office\Office12\GROOVE.EXE [2007-08-29 340856]
    MP3 Rocket (Minimized).lnk - c:\program files\MP3 Rocket\MP3Rocket.exe [2009-02-03 116224]
    OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Orbit.lnk - c:\program files\Orbitdownloader\orbitdm.exe [2009-02-19 1719496]
    Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.JPEG"= JpegCode.dll
    "VIDC.MJPG"= JpegCode.dll
    "vidc.divx"= svmp4.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^Steve^Start Menu^Programs^Startup^AOL Desktop.lnk]
    path=c:\documents and settings\Steve\Start Menu\Programs\Startup\AOL Desktop.lnk
    backup=c:\windows\pss\AOL Desktop.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
    "c:\\Program Files\\MAX2004\\atx2004.exe"=
    "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
    "c:\\Program Files\\Lavasoft\\Ad-Aware 2007\\LSUpdateManager.exe"=
    "c:\\Program Files\\1-Click Answers\\answers.exe"=
    "c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
    "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
    "c:\\Program Files\\ATX2001\\Atx2001.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R0 IABFilt;Iomega Snapshot Volume Filter;c:\windows\system32\drivers\IABFilt.sys [2006-09-26 25344]
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-06 64160]
    R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-02-08 28544]
    R0 ppa;Iomega Parallel Port Filter Driver;c:\windows\system32\drivers\ppa.sys [2008-11-27 17792]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
    R2 DBService;SyncThru Web Admin Service Database Service;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvDatabase.exe [2006-01-16 114688]
    R2 DispatcherServiceNT;SyncThru Web Admin Service Dispatcher Service;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvDispatcher.exe [2006-01-16 106496]
    R2 DMService;SyncThru Web Admin Service Device Manager Service;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvDeviceManager.exe [2006-01-16 327680]
    R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2002-08-29 14336]
    R2 SLPService;SyncThru Web Admin Service SLP Service;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvSLP.exe [2006-01-16 110592]
    R2 SNMPService;SyncThru Web Admin Service SNMP Service;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTSrvSNMP.exe [2006-01-16 229376]
    R2 TSScheduleBackup;TimeslipsBackup;c:\windows\system32\TSSchBkpService.exe [2009-01-29 705024]
    R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2008-01-27 24652]
    R2 WebServiceNT;SyncThru Web Admin Service Web Server;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Service\WSTWebServer.exe [2006-01-16 126976]
    R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2008-01-10 113896]
    R3 N5SG;Airlink101 SuperG Wireless Network Adapter Service;c:\windows\system32\drivers\N5SG.sys [2006-11-03 467040]
    R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
    S1 DCDisk;DCDisk; [x]
    S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2006-09-23 29744]
    S3 WlanUIG;2Wire 802.11g USB Driver;c:\windows\system32\drivers\WlanUIG.sys [2006-09-23 347648]

    --- Other Services/Drivers In Memory ---

    *Deregistered* - uphcleanhlp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{830dfb5a-b8e1-11dc-be39-00038a000015}]
    \Shell\AutoRun\command - G:\InstallTomTomHOME.exe
    .
    Contents of the 'Scheduled Tasks' folder

    2009-03-22 c:\windows\Tasks\AdwareAlert Scheduled Scan.job
    - c:\program files\AdwareAlert\AdwareAlert.exe []

    2009-03-22 c:\windows\Tasks\AdwareAlert Scheduled Scan.job
    - c:\program files\AdwareAlert [2008-01-19 05:17]

    2009-03-11 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe []

    2009-03-22 c:\windows\Tasks\ErrorKiller Scheduled Scan.job
    - c:\program files\errorkiller\ErrorKiller.exe []

    2009-03-22 c:\windows\Tasks\ErrorKiller Scheduled Scan.job
    - c:\program files\errorkiller [2008-01-19 05:17]

    2009-03-23 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-18 00:06]

    2009-03-15 c:\windows\Tasks\McDefragTask.job
    - c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

    2009-03-01 c:\windows\Tasks\McQcTask.job
    - c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 13:32]

    2008-10-17 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
    - c:\program files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 12:56]

    2008-10-17 c:\windows\Tasks\Microsoft_Hardware_Launch_IType_exe.job
    - c:\program files\Microsoft IntelliType Pro\itype.exe [2008-06-10 12:56]

    2009-03-23 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

    2009-03-22 c:\windows\Tasks\SmartDefrag.job
    - c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-02-13 18:15]

    2009-03-22 c:\windows\Tasks\SmartDefrag.job
    - c:\program files\IObit\IObit SmartDefrag\ [2009-03-01 20:32]

    2008-01-08 c:\windows\Tasks\Uniblue SpyEraser.job
    - c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2007-12-03 15:39]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://search.orbitdownloader.com
    mStart Page =
    mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*Yahoo! SearchBar Home Page
    uInternet Settings,ProxyOverride = localhost;*.local
    uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*Yahoo!
    IE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
    IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
    IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
    IE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTM
    IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
    IE: Answers... - file://c:\program files\1-Click Answers\Html\atiemenu.htm
    IE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTM
    IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
    IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    IE: Lookup on Merriam Webster - file://c:\program files\ieSpell\Merriam Webster.HTM
    IE: Lookup on Wikipedia - file://c:\program files\ieSpell\wikipedia.HTM
    IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
    IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
    IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
    Trusted Zone: mcafee.com
    Trusted Zone: paypal.com\www
    DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java
    DPF: {0A76211B-A2ED-4A88-A547-0527440E7642} - hxxp://samsungdp.com/Install119.CAB
    DPF: {70109DD3-3F72-4EF1-80BF-76BF64923237} - hxxp://www.numarasoftware.com/includes/cldownldr6.cab
    DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} - hxxp://www.intel.com/design/motherbd/boardid/BoardID.cab
    FF - ProfilePath - c:\documents and settings\Steve\Application Data\Mozilla\Firefox\Profiles\xn44oqf6.default\
    FF - prefs.js: browser.startup.homepage - hxxp://search.orbitdownloader.com
    FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-03-22 23:50:00
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Iomega Activity Disk2]
    "ImagePath"="\"\""
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(1096)
    c:\program files\SUPERAntiSpyware\SASWINLO.dll
    .
    Completion time: 2009-03-22 23:53:52
    ComboFix-quarantined-files.txt 2009-03-23 06:53:40
    ComboFix2.txt 2009-03-01 09:46:41
    ComboFix3.txt 2009-02-27 02:01:28
    ComboFix4.txt 2009-02-10 23:12:47
    ComboFix5.txt 2009-03-23 06:44:01

    Pre-Run: 193,947,357,184 bytes free
    Post-Run: 193,922,605,056 bytes free

    295 --- E O F --- 2009-03-20 08:51:14

  2. #2
    Member MrDarn's Avatar
    Join Date
    Jul 2007
    Location
    South East Northumberland
    Posts
    2,949
    Points
    557

    Default

    Who told you too, or why, did you run combofix?

    Time is given freely here at Help2Go by the helpers, and whilst you may think you are helping by running programs like that, they really shouldnt be run without trained supervision. doing so, and misinterpreting the results can seriously damage your machine.

    Quote Originally Posted by combofix tutorial
    You should not run ComboFix unless you are specifically asked to by a helper. Also, due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer.
    Please let us know what symptoms you are having to make you want to run the scan, and we will advise you how to proceed safely.

  3. #3
    Member
    Join Date
    Nov 2008
    Posts
    2
    Points
    0

    Default Combofix run

    It was run because I have 4 computers on a network and all have had major issues two of which I am still attempting to clear-up. I have been working with some people at Window BBS and have yet to resolve the issues. One computer will not even run Combofix or any other virus remover. I got combo fix to run on this computer and was curious as to another opinion as this computer had it security sector wiped-out and still needs repair including missing windows XP files which I have been unable to install. The newest of the four I have now been refereed back to Microsoft for assistance. The fact that I could run Combo Fix on this system surprised me so I am looking for another opinion as to what someone else sees that others have not been able to... Would you like some more information? I will be happy to supply it as this has been plaguing me for quite sometime now. I also have a lap top that suddenly lost its display for some unknown reason but these are work machines and it is hard to work with machines in the shape these appear to be currently. I was also hoping for perhaps a different perspective and opinion. Thanks.

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,189
    Points
    1308

    Default

    Hi,

    CountVak

    Are these computers set up in a business environment or home use.

    zep516