iexplorer.exe virus

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

asankadon

Thread Starter
Joined
Apr 22, 2010
Messages
7
this iexplorer.exe virus keeps slowing down my computer...help im a noob how do i delete it?
 

asankadon

Thread Starter
Joined
Apr 22, 2010
Messages
7
ComboFix 10-04-21.01 - Buddy Altar 04/22/2010 23:25:23.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.136 [GMT 8:00]
Running from: c:\documents and settings\Buddy Altar\My Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\Programs\Startup\NCProTray.lnk
c:\documents and settings\Buddy Altar\Application Data\logs.dat
c:\documents and settings\Buddy Altar\Application Data\SQLite3.dll
c:\program files\HyperCam Toolbar\tbHElper.dll
c:\program files\Words
c:\program files\Words\ADDONS.LAT
c:\program files\Words\DICTFILE.GEN
c:\program files\Words\EWDSFILE.GEN
c:\program files\Words\INDXFILE.GEN
c:\program files\Words\INFLECTS.SEC
c:\program files\Words\meanings.exe
c:\program files\Words\SPQR.ICO
c:\program files\Words\STEMFILE.GEN
c:\program files\Words\UNIQUES.LAT
c:\program files\Words\words.exe
c:\program files\Words\words.htm
c:\program files\Words\wordsdoc.htm
c:\program files\Words\wordswin.htm
c:\windows\wpe pro.INI

.
((((((((((((((((((((((((( Files Created from 2010-03-22 to 2010-04-22 )))))))))))))))))))))))))))))))
.

2010-04-22 14:45 . 2010-04-22 14:48 -------- d-----w- c:\program files\Registry Easy
2010-04-22 10:17 . 2010-04-22 10:17 704512 ----a-w- C:\Garena Universal MH.exe
2010-04-22 10:16 . 2010-04-22 10:16 -------- d-sh--w- c:\documents and settings\Budz\IETldCache
2010-04-22 08:28 . 2010-04-17 02:52 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100421.036\NAVENG.SYS
2010-04-22 08:28 . 2010-04-17 02:52 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100421.036\EECTRL.SYS
2010-04-22 08:28 . 2010-04-17 02:52 2747440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100421.036\CCERASER.DLL
2010-04-22 08:28 . 2010-04-17 02:52 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100421.036\ECMSVR32.DLL
2010-04-22 08:28 . 2010-04-17 02:52 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100421.036\NAVENG32.DLL
2010-04-22 08:28 . 2010-04-17 02:52 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100421.036\NAVEX32A.DLL
2010-04-22 08:28 . 2010-04-17 02:52 1324720 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100421.036\NAVEX15.SYS
2010-04-22 08:28 . 2010-04-17 02:52 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100421.036\ERASER.SYS
2010-04-22 05:11 . 2008-09-30 12:33 198184 ----a-w- c:\windows\system32\Contig.exe
2010-04-22 04:18 . 2010-04-22 08:42 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure
2010-04-22 02:01 . 2010-04-22 02:09 -------- d-----w- c:\documents and settings\Buddy Altar\Application Data\TS3Client
2010-04-22 01:38 . 2010-02-12 09:41 558448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
2010-04-21 13:54 . 2010-04-21 13:56 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-04-21 11:30 . 2010-02-01 11:20 165240 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
2010-04-21 09:49 . 2010-01-13 08:48 230752 ----a-w- c:\windows\patchw32.dll
2010-04-21 09:49 . 2010-01-13 08:48 118176 ----a-w- c:\windows\patchw.dll
2010-04-21 09:07 . 2010-04-22 08:20 -------- d-----w- c:\program files\Outspark
2010-04-21 02:36 . 2010-04-22 15:36 -------- d-----w- c:\documents and settings\Buddy Altar\Local Settings\Application Data\PMB Files
2010-04-21 02:35 . 2010-04-21 02:36 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2010-04-21 02:32 . 2010-04-21 02:32 -------- d-----w- c:\program files\Pando Networks
2010-04-19 07:49 . 2010-04-19 07:49 -------- d-----r- c:\program files\Norton Support
2010-04-19 05:34 . 2010-04-19 05:34 -------- d-----w- c:\program files\GameClub
2010-04-19 05:32 . 2010-04-19 05:32 -------- d-----w- c:\program files\GameClub Launcher
2010-04-18 06:16 . 2010-04-18 06:26 -------- dc-h--w- c:\windows\ie8
2010-04-18 01:31 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-04-17 10:57 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\Scxpx86.dll
2010-04-17 10:57 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSvix86.sys
2010-04-17 10:57 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSXpx86.sys
2010-04-17 10:57 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSxpx86.dll
2010-04-17 10:57 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSviA64.sys
2010-04-16 01:14 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100409.001\Scxpx86.dll
2010-04-16 01:14 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100409.001\IDSxpx86.dll
2010-04-16 01:14 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100409.001\IDSvix86.sys
2010-04-16 01:14 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100409.001\IDSXpx86.sys
2010-04-16 01:14 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100409.001\IDSviA64.sys
2010-04-12 09:07 . 2010-04-22 12:01 -------- d-----w- c:\program files\Garena
2010-04-10 23:47 . 2010-04-10 23:47 -------- d-----w- C:\e83676f5200217cae5
2010-04-10 23:46 . 2010-04-10 23:46 -------- d-----w- C:\892787d6d3e27c291e49
2010-04-06 10:23 . 2010-04-06 10:13 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-04-06 10:23 . 2010-04-06 10:10 986904 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-04-06 10:23 . 2010-04-06 10:23 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-04-06 10:23 . 2010-04-06 10:23 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-04-06 10:22 . 2010-04-06 10:22 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
2010-04-06 10:22 . 2010-04-06 10:22 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-04-06 10:21 . 2010-04-06 10:21 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-04-06 10:20 . 2010-04-06 10:20 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-04-06 10:20 . 2010-04-06 10:20 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-04-06 10:14 . 2010-04-06 10:23 -------- d-----w- c:\program files\DivX
2010-04-06 10:11 . 2010-04-06 10:24 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-04-01 04:56 . 2010-04-15 09:37 25 ----a-w- c:\windows\popcinfot.dat
2010-03-31 03:07 . 2010-03-31 03:07 -------- d-----w- c:\documents and settings\All Users\Application Data\PopCap Games
2010-03-30 02:08 . 2010-03-30 02:08 -------- d-----w- c:\program files\Level Up Games
2010-03-29 04:57 . 2010-03-29 04:57 -------- d-----w- c:\documents and settings\Buddy Altar\Application Data\Toolbar4
2010-03-29 04:56 . 2010-04-22 15:35 -------- d-----w- c:\program files\HyperCam Toolbar
2010-03-29 04:56 . 2010-03-29 04:56 -------- d-----w- c:\program files\HyCam2
2010-03-29 01:26 . 2010-03-29 01:27 -------- d-----w- c:\program files\Perfect Macro Recorder 2.0
2010-03-27 05:01 . 2010-03-22 07:35 392878 ----a-w- c:\documents and settings\Buddy Altar\Application Data\install\server.exe
2010-03-27 04:52 . 2010-03-27 05:07 -------- d-----w- c:\documents and settings\Buddy Altar\Application Data\install
2010-03-27 04:51 . 2010-03-27 04:51 -------- d-----w- C:\directory
2010-03-27 04:37 . 2010-03-27 04:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Winferno
2010-03-27 04:30 . 2010-03-27 05:50 -------- d-----w- c:\program files\Winferno
2010-03-27 04:23 . 2010-03-27 04:23 -------- d-----w- c:\program files\Free Offers from Freeze.com
2010-03-26 08:29 . 2008-10-28 05:07 25152 ----a-w- c:\windows\system32\bassmidi.dll
2010-03-26 08:29 . 2008-04-02 04:26 25152 ----a-w- c:\windows\system32\bassflac.dll
2010-03-26 08:29 . 2008-10-28 06:00 98360 ----a-w- c:\windows\system32\bass.dll
2010-03-26 08:29 . 2004-06-17 06:19 155648 ----a-w- c:\windows\system32\ssleay32.dll
2010-03-26 08:29 . 2004-06-17 06:19 688128 ----a-w- c:\windows\system32\libeay32.dll
2010-03-26 08:29 . 2010-03-27 05:44 -------- d-----w- c:\program files\SCAR 3.22

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-22 08:20 . 2009-12-06 12:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-19 11:43 . 2009-12-12 06:03 -------- d-----w- c:\documents and settings\Buddy Altar\Application Data\BitTorrent
2010-04-15 10:13 . 2010-02-12 09:42 -------- d-----w- c:\program files\WarcraftIII
2010-04-06 10:23 . 2009-12-05 10:04 -------- d-----w- c:\program files\Google
2010-03-22 12:39 . 2010-03-22 11:18 1144 ----a-w- c:\windows\checkip.dat
2010-03-10 10:12 . 2010-02-26 09:28 848 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-03-10 06:15 . 2008-04-14 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-10 00:59 . 2010-01-04 09:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-03-10 00:55 . 2009-12-03 01:08 39152 ----a-w- c:\documents and settings\Buddy Altar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-07 11:57 . 2010-01-04 09:48 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-03-07 03:34 . 2010-03-07 03:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-03-07 03:29 . 2010-01-04 09:49 -------- d-----w- c:\program files\Symantec
2010-03-07 03:29 . 2010-01-07 13:23 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-03-07 03:29 . 2010-01-07 13:23 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-03-07 03:29 . 2010-01-04 09:49 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-03-07 03:29 . 2010-01-04 09:49 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-03-07 03:29 . 2010-03-07 03:29 36400 ----a-r- c:\windows\system32\drivers\SymIM.sys
2010-03-07 03:29 . 2010-03-07 03:29 26600 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-03-07 03:29 . 2010-03-07 03:29 1291104 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\SyKnAppS.dll
2010-03-07 03:29 . 2010-03-07 03:29 136840 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2010-03-07 03:29 . 2010-03-07 03:29 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2010-03-07 03:29 . 2010-03-07 03:29 771440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2010-03-07 03:28 . 2010-03-07 03:28 -------- d-----w- c:\program files\Norton 360
2010-03-07 03:28 . 2010-03-07 03:28 -------- d-----w- c:\program files\Windows Sidebar
2010-03-07 03:28 . 2010-03-07 03:02 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-03-07 03:03 . 2010-03-07 03:03 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings
2010-03-07 03:02 . 2010-03-07 03:02 -------- d-----w- c:\program files\NortonInstaller
2010-02-28 02:16 . 2010-02-22 04:06 -------- d-----w- c:\documents and settings\Buddy Altar\Application Data\gtk-2.0
2010-02-27 09:01 . 2010-02-27 09:01 -------- d-----w- c:\documents and settings\Buddy Altar\Application Data\ViStart
2010-02-27 03:49 . 2010-02-27 03:49 -------- d-----w- c:\program files\NetGames
2010-02-27 00:54 . 2010-02-27 00:54 -------- d-----w- c:\program files\Samurize
2010-02-27 00:52 . 2010-02-27 00:47 -------- d-----w- c:\program files\Styler
2010-02-26 09:29 . 2010-02-26 09:25 -------- d-----w- c:\program files\Enterbrain
2010-02-26 09:28 . 2010-02-26 09:28 56 --sh--r- c:\windows\system32\FB5DD7AAAB.sys
2010-02-26 09:24 . 2010-02-26 09:24 -------- d-----w- c:\program files\Common Files\Enterbrain
2010-02-25 06:24 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2008-04-14 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-22 04:01 . 2009-12-22 15:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-02-22 02:34 . 2010-02-22 02:34 100352 ----a-w- C:\War3HookO.dll
2010-02-17 01:10 . 2008-04-14 12:00 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2008-04-14 00:01 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2008-04-14 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2008-04-14 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-05 39408]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-04-21 2938552]
"MicrosftWindows"="c:\program files\Microsoft\svhost.exe" [2006-06-25 1525760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-11-16 577536]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-23 149280]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 52840]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
"MicrosftWindows"="c:\program files\Microsoft\svhost.exe" [2006-06-25 1525760]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56795:TCP"= 56795:TCP:pando Media Booster
"56795:UDP"= 56795:UDP:pando Media Booster

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0308000.029\SymEFA.sys [3/7/2010 6:42 PM 310320]
R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [12/19/2009 5:01 PM 149376]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0308000.029\BHDrvx86.sys [3/7/2010 6:42 PM 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0308000.029\cchpx86.sys [3/7/2010 6:42 PM 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100415.001\IDSXpx86.sys [4/17/2010 6:57 PM 329592]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [3/7/2010 6:39 PM 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [4/21/2010 4:05 PM 102448]
R3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\BUDDYA~1\LOCALS~1\Temp\YOD437.tmp --> c:\docume~1\BUDDYA~1\LOCALS~1\Temp\YOD437.tmp [?]
R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [4/3/2007 1:20 PM 795776]
S2 713xTVCard;SAA7130 TV Card;c:\windows\system32\drivers\SAA713x.sys [11/30/2004 12:00 PM 276736]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/1/2010 6:30 PM 135664]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E74J5VQ7-ENGK-D46X-5U7U-HEW7ND54T226}]
2006-06-25 07:43 1525760 --sha-r- c:\program files\Microsoft\svhost.exe
.
Contents of the 'Scheduled Tasks' folder

2010-04-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 04:34]

2010-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 10:29]

2010-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 10:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.garena.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Buddy Altar\Application Data\Mozilla\Firefox\Profiles\cnvp0656.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

ActiveSetup-{U2510KSG-KEMK-7748-44T5-WTYSR6216UP6} - c:\directory\CyberGate\install\server.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-22 23:36
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.8.0.41\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\BUDDYA~1\LOCALS~1\Temp\YOD437.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
Completion time: 2010-04-22 23:40:30
ComboFix-quarantined-files.txt 2010-04-22 15:40

Pre-Run: 17,308,196,864 bytes free
Post-Run: 17,472,520,192 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 85EB0053FF1DF6AA0F2A206426C1B058
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top