Avast ripped out a bunch of viruses--but everything didn't work till combofix!
Thank you so much.
Here is the new HJT log file I just generated on this computer--I am typing to you from the sick computer--I can now get on again. Beneath that is the combofix. Thank you sooooo much for your help. I spent days on this myself and was getting nowhere.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:27:04 PM, on 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LxrSII1s.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Secunia PSI.lnk = C:\Program Files\Secunia\PSI\psi.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/MAKENC~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Component 1: (no name) - file:///C:/DOCUME~1/MAKENC~1/LOCALS~1/Temp/msohtml1/01/clip_image003.gif
--
End of file - 5452 bytes
ComboFix 08-12-09.03 - Maken Change 2008-12-10 16:10:16.1 - NTFSx86
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\3FEFADFC.exe
c:\documents and settings\Maken Change\Application Data\gadcom
c:\documents and settings\Maken Change\Application Data\SpeedRunner
c:\documents and settings\Maken Change\Local Settings\Temporary Internet Files\bestwiner.stt
c:\documents and settings\Maken Change\Local Settings\Temporary Internet Files\fbk.sts
c:\program files\GetModule
c:\program files\iCheck
c:\program files\iCheck\Uninstall.exe
c:\program files\Mjcore
c:\windows\system32\drivers\TDSSmact.sys
c:\windows\system32\LlSvyGgh.ini
c:\windows\system32\LlSvyGgh.ini2
c:\windows\system32\TDSScfgb.dll
c:\windows\system32\TDSSfpmp.dll
c:\windows\system32\TDSSnmxh.log
c:\windows\system32\TDSSnrsr.dll
c:\windows\system32\TDSSoeqh.dll
c:\windows\system32\TDSSosvn.dat
c:\windows\system32\TDSSriqp.dll
c:\windows\system32\TDSSsbhc.dll
c:\windows\system32\TDSSthym.log
c:\windows\system32\TDSStkdv.log
c:\windows\system32\tmfnafvn.ini
c:\windows\wiaserviv.log
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_TDSSSERV.SYS
-------\Legacy_TDSSSERV.SYS
((((((((((((((((((((((((( Files Created from 2008-11-10 to 2008-12-10 )))))))))))))))))))))))))))))))
.
2009-01-03 17:31 . 2009-01-03 17:31 <DIR> d-------- c:\windows\system32\scripting
2009-01-03 17:31 . 2009-01-03 17:31 <DIR> d-------- c:\windows\system32\en
2009-01-03 17:31 . 2009-01-03 17:31 <DIR> d-------- c:\windows\l2schemas
2009-01-02 23:59 . 2009-01-02 23:59 <DIR> d-------- c:\program files\uTorrent
2009-01-02 23:59 . 2009-01-03 00:39 <DIR> d-------- c:\documents and settings\Maken Change\Application Data\uTorrent
2009-01-02 22:30 . 2009-01-02 22:51 <DIR> d-------- c:\program files\RegScrubXP
2009-01-02 21:48 . 2009-01-02 22:01 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\uTorrent
2009-01-02 21:48 . 2009-01-02 21:48 <DIR> d-------- c:\windows\system32\@[Ç
2009-01-02 18:17 . 2009-01-02 22:48 <DIR> d-------- c:\documents and settings\Maken Change\Application Data\Twain
2008-12-31 12:57 . 2008-12-04 07:37 <DIR> d-------- c:\program files\Webtools
2008-12-30 11:43 . 2009-01-02 18:17 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\gadcom
2008-12-27 22:19 . 2001-08-17 22:36 8,704 --a------ c:\windows\system32\kbdjpn.dll
2008-12-27 22:19 . 2001-08-17 22:36 8,704 --a--c--- c:\windows\system32\dllcache\kbdjpn.dll
2008-12-27 22:19 . 2001-08-17 22:36 8,192 --a------ c:\windows\system32\kbdkor.dll
2008-12-27 22:19 . 2001-08-17 22:36 8,192 --a--c--- c:\windows\system32\dllcache\kbdkor.dll
2008-12-27 22:19 . 2008-04-13 19:09 6,144 --a------ c:\windows\system32\kbd106.dll
2008-12-27 22:19 . 2001-08-17 14:55 6,144 --a------ c:\windows\system32\kbd101c.dll
2008-12-27 22:19 . 2001-08-17 14:55 6,144 --a------ c:\windows\system32\kbd101b.dll
2008-12-27 22:19 . 2001-08-17 14:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101c.dll
2008-12-27 22:19 . 2001-08-17 14:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101b.dll
2008-12-27 22:19 . 2001-08-17 14:55 5,632 --a------ c:\windows\system32\kbd103.dll
2008-12-27 22:19 . 2001-08-17 14:55 5,632 --a--c--- c:\windows\system32\dllcache\kbd103.dll
2008-12-13 17:43 . 2008-10-24 06:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-12-10 15:49 . 2008-12-10 15:58 <DIR> d-------- C:\2222222222222222222222
2008-12-09 20:46 . 2008-12-10 16:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\_comodo_
2008-12-09 18:11 . 2008-12-09 18:11 <DIR> d-------- c:\program files\AskBarDis
2008-12-09 18:11 . 2008-12-09 18:11 249,592 --a------ c:\windows\system32\cssdll32.dll
2008-12-09 18:10 . 2008-12-09 18:11 <DIR> d-------- c:\program files\COMODO
2008-12-09 18:10 . 2008-12-09 20:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\comodo
2008-12-09 18:10 . 2008-12-09 18:10 147,192 --a------ c:\windows\system32\guard32.dll
2008-12-09 18:10 . 2008-12-09 18:10 101,776 --a------ c:\windows\system32\drivers\cmdguard.sys
2008-12-09 18:10 . 2008-12-09 18:10 31,504 --a------ c:\windows\system32\drivers\cmdhlp.sys
2008-12-09 16:51 . 2008-12-09 16:51 <DIR> d-------- c:\program files\Alwil Software
2008-12-08 18:14 . 2008-12-08 18:14 <DIR> d-------- C:\0fd471b509267df4af70edfdb7929745
2008-12-08 17:51 . 2008-12-08 18:18 <DIR> d-------- c:\program files\Winamp Toolbar
2008-12-08 17:51 . 2008-12-08 17:51 <DIR> d-------- c:\program files\Common Files\Apple
2008-12-08 17:51 . 2008-12-08 17:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\Winamp Toolbar
2008-12-08 17:47 . 2008-12-08 17:47 <DIR> d-------- c:\program files\Apple Software Update
2008-12-08 17:47 . 2008-12-08 17:47 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-12-08 17:41 . 2008-12-08 17:41 <DIR> d--hs---- c:\documents and settings\Maken Change\PrivacIE
2008-12-08 17:30 . 2008-12-08 17:32 <DIR> d--h-c--- c:\windows\ie8
2008-12-07 20:12 . 2008-12-07 20:12 <DIR> d-------- c:\program files\Foxit Software
2008-12-07 20:12 . 2008-12-07 20:12 <DIR> d-------- c:\documents and settings\Maken Change\Application Data\Foxit
2008-12-07 20:08 . 2008-12-07 20:08 <DIR> d-------- c:\program files\Secunia
2008-12-04 11:22 . 2008-12-04 11:22 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-04 11:22 . 2008-12-04 11:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-04 11:22 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-04 11:22 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-03 21:32 . 2008-12-03 21:32 <DIR> d-------- c:\program files\Lavasoft
2008-12-03 21:32 . 2008-12-03 21:32 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-03 21:32 . 2008-12-03 21:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-03 20:23 . 2008-12-03 20:24 <DIR> d-------- c:\windows\system32\NtmsData
2008-12-03 19:16 . 2007-03-07 09:51 139,264 --a------ c:\windows\system32\LxrSII1.dll
2008-12-03 19:16 . 2007-03-07 09:51 72,672 --a------ c:\windows\system32\drivers\LxrSII1d.sys
2008-12-03 19:16 . 2007-03-07 09:51 49,152 --a------ c:\windows\system32\LxrSII1s.exe
2008-12-03 19:16 . 2007-03-07 09:51 23,934 --a------ c:\windows\LxrEncVlt.ico
2008-12-03 19:16 . 2007-03-07 09:51 3,262 --a------ c:\windows\LxrSgeEnc.ico
2008-12-03 18:50 . 2008-12-03 18:53 <DIR> d-------- c:\program files\Windows Live Safety Center
2008-11-18 08:36 . 2008-11-18 08:36 7,808 --a------ c:\windows\system32\drivers\psi_mf.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-03 05:17 --------- d-----w c:\program files\Soulseek
2009-01-03 04:52 --------- d-----w c:\program files\Microsoft AntiSpyware
2009-01-03 04:17 15,771,935 ----a-w c:\windows\Internet Logs\tvDebug.zip
2008-12-15 02:40 --------- d--h--w c:\documents and settings\Maken Change\Application Data\Move Networks
2008-12-10 21:26 106,807,328 --sha-w c:\windows\system32\drivers\fidbox.dat
2008-12-10 21:20 1,254,668 --sha-w c:\windows\system32\drivers\fidbox.idx
2008-12-09 21:29 --------- d-----w c:\documents and settings\Maken Change\Application Data\AVGTOOLBAR
2008-12-09 21:04 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-12-08 22:59 --------- d-----w c:\program files\Winamp
2008-12-08 22:52 --------- d-----w c:\program files\QuickTime
2008-12-08 22:51 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-12-08 01:13 --------- d-----w c:\program files\BitLord
2008-12-08 01:07 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-08 01:07 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-08 01:01 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-08 01:01 --------- d-----w c:\program files\Logitech
2008-12-08 00:54 --------- d-----w c:\program files\DivX
2008-12-04 16:54 --------- d-----w c:\program files\PeerGuardian2
2008-12-04 15:37 3,075,072 ----a-w c:\windows\Internet Logs\xDB1.tmp
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-07-05 21:52 80,680 ----a-w c:\documents and settings\Maken Change\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-06 15:20 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2008-12-09 278264]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2008-12-09 1797880]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-10-06 5058560]
c:\documents and settings\Maken Change\Start Menu\Programs\Startup\
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2008-11-25 728408]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-09 111184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-12-09 101776]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-12-09 31504]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-12-09 20560]
R2 LxrSII1d;Secure II Driver;\??\c:\windows\system32\Drivers\LxrSII1d.sys [2008-12-03 72672]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2008-11-18 7808]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]
.
Contents of the 'Scheduled Tasks' folder
2008-12-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
- - - - ORPHANS REMOVED - - - -
URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - c:\program files\Winamp Toolbar\winamptb.dll
HKU-Default-RunOnce-FlashPlayerUpdate - c:\progra~1\MOZILL~1\plugins\GetFlash.exe
ShellExecuteHooks-{A63E645F-13BD-45ED-B15F-6E8C1BD57279} - (no file)
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mWindow Title = Windows Internet Explorer provided by Comcast
O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd
O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FireFox -: Profile - c:\documents and settings\Maken Change\Application Data\Mozilla\Firefox\Profiles\xsryrlra.default\
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF -: plugin - c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 16:23:58
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\LxrSII1s.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\ZoneLabs\vsmon.exe
.
**************************************************************************
.
Completion time: 2008-12-10 16:29:00 - machine was rebooted [Maken Change]
ComboFix-quarantined-files.txt 2008-12-10 21:28:51
Pre-Run: 99,183,448,064 bytes free
Post-Run: 99,851,300,864 bytes free
211 --- E O F --- 2008-12-09 22:51:55
I am running avast and spybot right now to see if I can pick up anything else. I will always keep my programs up to date after that--I can see I have allot of trash to remove from this computer.