Here ya go...
ComboFix 08-05-09.1 - Owner 2008-05-10 18:06:16.9 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.461 [GMT -4:00]
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
[color=\"red\"]
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/color]
.
((((((((((((((((((((((((( Files Created from 2008-04-10 to 2008-05-10 )))))))))))))))))))))))))))))))
.
2008-05-09 04:06 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-09 04:06 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-08 14:49 . 2008-05-08 14:49 <DIR> d-------- C:\Program Files\VistaDriveIcon
2008-05-08 14:49 . 2008-04-14 05:42 218,624 --a------ C:\WINDOWS\system32\uxtheme.backup
2008-05-08 14:48 . 2008-05-08 14:49 8,294,454 --a------ C:\WINDOWS\startup.bmp
2008-05-08 14:42 . 2008-05-08 14:49 <DIR> d-------- C:\WINDOWS\VistaMizer
2008-05-08 14:13 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\
000001_.tmp
2008-05-08 12:19 . 2008-05-08 12:19 <DIR> d-------- C:\Program Files\Lavasoft
2008-05-08 12:19 . 2008-05-08 12:19 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-07 20:17 . 2008-05-07 20:17 <DIR> d-------- C:\Program Files\Common Files\Synacast
2008-04-30 01:22 . 2008-04-30 01:22 25,992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe
2008-04-29 22:56 . 2008-04-30 01:24 <DIR> d-------- C:\Program Files\Common Files\AOL
2008-04-29 19:19 . 2008-04-29 19:19 <DIR> d-------- C:\Program Files\Virtual Earth 3D
2008-04-29 10:33 . 2008-04-13 22:06 144,384 --------- C:\WINDOWS\system32\drivers\hdaudbus.sys
2008-04-29 10:33 . 2008-04-14 00:10 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2008-04-23 21:34 . 2008-04-23 21:34 <DIR> d-------- C:\WatchNow
2008-04-23 11:43 . 2008-04-23 11:43 <DIR> d-------- C:\Program Files\Apple Software Update
2008-04-23 11:43 . 2008-04-23 11:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-04-23 11:40 . 2008-05-09 07:24 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-23 11:40 . 2008-04-23 11:40 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-23 09:17 . 2008-04-23 09:18 <DIR> d-------- C:\Program Files\QuickTime
2008-04-23 09:14 . 2008-04-23 09:15 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-04-23 07:04 . 2007-01-18 08:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2008-04-22 23:43 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-04-22 23:42 . 2008-04-22 23:42 <DIR> d-------- C:\Program Files\Common Files\Java
2008-04-22 21:24 . 2008-04-22 21:24 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-22 21:24 . 2008-04-22 21:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-22 17:34 . 2008-04-22 17:34 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-04-22 12:16 . 2008-04-22 12:16 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\Malwarebytes
2008-04-22 12:15 . 2008-04-22 12:15 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-22 12:15 . 2008-04-22 12:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-21 23:21 . 2008-04-21 23:21 <DIR> d-------- C:\Deckard
2008-04-21 22:58 . 2008-04-21 22:58 <DIR> d-------- C:\Program Files\Trend Micro
2008-04-21 20:49 . 2008-04-21 20:49 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2008-04-21 20:13 . 2008-04-22 00:21 345 --ahs---- C:\WINDOWS\system32\hgjjRXyb.ini
2008-04-21 18:30 . 2004-05-04 11:53 1,645,320 --a------ C:\WINDOWS\gdiplus.dll
2008-04-21 18:30 . 2006-05-20 16:16 1,184,984 --a------ C:\WINDOWS\system32\wvc1dmod.dll
2008-04-21 18:30 . 2006-05-11 19:21 626,688 --a------ C:\WINDOWS\system32\vp7vfw.dll
2008-04-21 18:30 . 2006-09-29 12:24 217,127 --a------ C:\WINDOWS\system32\drv43260.dll
2008-04-21 18:30 . 2006-09-29 12:25 208,935 --a------ C:\WINDOWS\system32\drv33260.dll
2008-04-21 18:30 . 2006-09-29 12:26 176,165 --a------ C:\WINDOWS\system32\drv23260.dll
2008-04-21 18:30 . 2007-03-18 20:37 65,602 --a------ C:\WINDOWS\system32\cook3260.dll
2008-04-21 18:30 . 2008-04-21 18:32 47,360 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.sys
2008-04-21 15:08 . 2008-04-21 15:08 13,144 --a------ C:\WINDOWS\system32\lsdelete.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-08 18:49 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-05-08 16:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-05-08 16:20 15,648 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2008-05-08 16:20 12,960 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
2008-05-08 16:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-08 13:58 --------- d-----w C:\Program Files\XoftSpySE
2008-05-04 03:20 --------- d-----w C:\Documents and Settings\Owner\Application Data\Azureus
2008-04-30 05:06 --------- d-----w C:\Program Files\AIM
2008-04-30 05:06 --------- d-----w C:\Documents and Settings\Owner\Application Data\Aim
2008-04-30 04:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-04-30 04:02 --------- d-----w C:\Program Files\Common Files\Stardock
2008-04-30 02:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-04-30 02:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-04-29 14:45 96,384 ----a-w C:\WINDOWS\system32\drivers\sptd9373.sys
2008-04-24 08:08 --------- d-----w C:\Program Files\Winamp
2008-04-24 08:08 --------- d-----w C:\Documents and Settings\Owner\Application Data\Winamp
2008-04-23 15:45 --------- d-----w C:\Program Files\Web Publish
2008-04-23 13:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-23 03:43 --------- d-----w C:\Program Files\Java
2008-04-23 00:08 --------- d-----w C:\Documents and Settings\Owner\Application Data\Vso
2008-04-22 22:49 --------- d-----w C:\Program Files\LimeWire
2008-04-22 22:10 --------- d-----w C:\Documents and Settings\Owner\Application Data\Mp3tag
2008-04-22 21:49 --------- d-----w C:\Program Files\Mp3tag
2008-04-22 21:34 --------- d-----w C:\Program Files\Common Files\Real
2008-04-22 21:33 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-04-21 22:30 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2008-04-21 22:30 --------- d-----w C:\Program Files\vso
2008-04-20 17:18 --------- d--h--w C:\Program Files\PF
2008-04-19 20:17 --------- d-----w C:\Program Files\Azureus
2008-04-14 09:55 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 09:46 3,556,352 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 09:43 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 09:43 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 09:43 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 09:43 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 09:43 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 09:43 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 09:43 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 09:41 98,304 ----a-w C:\WINDOWS\system32\actxprxy.dll
2008-04-14 09:40 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 09:40 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 09:40 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-14 06:30 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 05:00 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 04:58 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-14 04:57 2,446,208 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 04:51 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-14 04:50 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-14 04:50 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-14 04:50 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-14 04:49 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-14 04:49 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-14 04:49 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-14 04:49 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-14 04:49 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-14 04:48 52,480 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 04:47 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-14 04:47 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-14 04:47 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-14 04:46 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-14 04:46 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-14 04:45 64,512 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 04:45 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-14 04:45 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-14 04:45 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-14 04:44 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-14 04:44 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-14 04:30 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 04:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-14 04:30 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-14 04:27 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-14 04:27 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-14 04:27 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-14 04:27 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-14 04:27 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-14 04:27 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-14 04:27 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-14 04:26 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-14 04:26 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-14 04:26 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-14 04:26 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-14 04:26 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-14 04:26 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-14 04:26 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-14 04:26 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-14 04:26 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-14 04:26 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-14 04:25 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-14 04:24 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-14 04:23 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-14 04:23 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-14 04:23 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-14 04:23 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-14 04:21 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-14 04:21 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-14 04:21 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
2008-04-14 04:21 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
2008-04-14 04:21 101,120 ----a-w C:\WINDOWS\system32\drivers\bthpan.sys
2008-04-14 04:17 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-14 04:15 60,160 ----a-w C:\WINDOWS\system32\drivers\drmk.sys
2006-05-06 16:42 7,260,160 ----a-w C:\Program Files\mozilla firefox\plugins\libvlc.dll
2006-07-07 21:03 80 --sh--r C:\WINDOWS\system32\114AFAE353.dll
.
------- Sigcheck -------
2006-06-23 07:25 664576 64ce26db72810b30f7855ea51e1df836 C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\wininet.dll
2004-08-04 00:56 656384 c0823fc5469663ba63e7db88f9919d70 C:\WINDOWS\$NtServicePackUninstall$\wininet.dll
2006-06-23 07:02 658944 2b4db890936430c71419037039502752 C:\WINDOWS\$NtUninstallKB918899$\wininet.dll
2004-08-04 00:56 656384 c0823fc5469663ba63e7db88f9919d70 C:\WINDOWS\$NtUninstallKB918899_0$\wininet.dll
2006-06-23 07:25 664576 64ce26db72810b30f7855ea51e1df836 C:\WINDOWS\ie7\wininet.dll
2006-08-23 00:31 910848 bb5f137acb539029bb32853a52ec073b C:\WINDOWS\ServicePackFiles\i386\wininet.dll
2006-08-23 00:31 910848 bb5f137acb539029bb32853a52ec073b C:\WINDOWS\system32\wininet.dll
2006-08-23 00:31 809472 02b4473e3c5fede0d3573ce297e8504a C:\WINDOWS\VistaMizer\old\wininet.dll
2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
2008-04-14 05:42 547328 a55b8899d2ea2e800061bcfd456e34dc C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
2008-04-14 05:42 547328 a55b8899d2ea2e800061bcfd456e34dc C:\WINDOWS\system32\winlogon.exe
2008-04-14 05:42 507904 ed0ef0a136dec83df69f04118870003e C:\WINDOWS\VistaMizer\old\winlogon.exe
2005-03-01 20:36 2056832 d8aba3eab509627e707a3b14f00fbb6b C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
2006-12-19 12:12 2059392 ba4b97c00a437c1cc3da365d93ee1e9d C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
2007-02-28 05:15 2059392 4d3dbdccbf97f5ba1e74f322b155c3ba C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
2007-02-28 04:38 2057600 515d30e2c90a3665a2739309334c9283 C:\WINDOWS\$NtServicePackUninstall$\ntkrnlpa.exe
2004-08-03 22:59 2056832 947fb1d86d14afcffdb54bf837ec25d0 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
2005-03-01 20:34 2056832 81013f36b21c7f72cf784cc6731e0002 C:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe
2006-12-19 08:55 2057600 1d659bfb788ed2ba45075624b748d249 C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
2008-04-14 00:01 2323072 063ff1fa9777d2fd8d6b608f1f700e1f C:\WINDOWS\ServicePackFiles\i386\ntkrnlpa.exe
2008-04-14 00:01 2323072 063ff1fa9777d2fd8d6b608f1f700e1f C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 00:01 2323072 063ff1fa9777d2fd8d6b608f1f700e1f C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-04-14 00:01 2065792 109f8e3e3c82e337bb71b6bc9b895d61 C:\WINDOWS\VistaMizer\old\ntkrnlpa.exe
2005-03-01 21:04 2179456 28187802b7c368c0d3aef7d4c382aabb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
2006-12-19 12:51 2182016 cef243f6defd20be4adde26c7ecacb54 C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
2007-02-28 05:55 2182144 5a5c8db4aa962c714c8371fbdf189fc9 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
2007-02-28 05:10 2180352 582a8dbaa58c3b1f176eb2817daee77c C:\WINDOWS\$NtServicePackUninstall$\ntoskrnl.exe
2004-08-03 23:20 2180992 ce218bc7088681faa06633e218596ca7 C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
2005-03-01 20:59 2179328 4d4cf2c14550a4b7718e94a6e581856e C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe
2006-12-19 10:17 2180352 8f0deab1f81fb83f9c5995853ce48b9f C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
2008-04-14 00:57 2446208 1c48d9f3ea6db95915564655c006be8a C:\WINDOWS\ServicePackFiles\i386\ntoskrnl.exe
2008-04-14 00:57 2446208 1c48d9f3ea6db95915564655c006be8a C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 00:57 2446208 1c48d9f3ea6db95915564655c006be8a C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-04-14 00:57 2188928 0c89243c7c3ee199b96fcc16990e0679 C:\WINDOWS\VistaMizer\old\ntoskrnl.exe
2008-04-14 05:42 1551872 c26978d5f821a7330439dd7f0aaaf678 C:\WINDOWS\explorer.exe
2007-06-13 07:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 06:23 1033216 97bd6515465659ff8f3b7be375b2ea87 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
2004-08-04 00:56 1032192 a0732187050030ae399b241436565e64 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2008-04-14 05:42 1551872 c26978d5f821a7330439dd7f0aaaf678 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
2008-04-14 05:42 1033728 12896823fb95bfb3dc9b46bcaedc9923 C:\WINDOWS\VistaMizer\old\explorer.exe
2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe
2008-04-14 05:42 25088 b5e8782d4af1b3756f38e11e7c157bbe C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe
2008-04-14 05:42 25088 b5e8782d4af1b3756f38e11e7c157bbe C:\WINDOWS\system32\ctfmon.exe
2008-04-14 05:42 15360 5f1d5f88303d4a4dbc8e5f97ba967cc3 C:\WINDOWS\VistaMizer\old\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 05:42 25088]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-11-30 22:49 4662776]
"Internet Download Accelerator"="C:\Program Files\IDA\ida.exe" [2006-06-02 10:34 2934784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-21 23:48 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-21 23:44 126976]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 14:37 79224]
"DrvIcon"="C:\Program Files\VistaDriveIcon\DrvIcon.exe" [2008-04-13 08:39 49152]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-22 17:33 185896]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 14:49 36352]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-30 12:42 6731312]
C:\Documents and Settings\Owner\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-12-22 23:37:41 113664]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2006-12-26 14:43:45 450560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^iWin Desktop Alerts.lnk]
backup=C:\WINDOWS\pss\iWin Desktop Alerts.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!ewido]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Memory Optimizer]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Documents and Settings\\Owner\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\TVAnts\\Tvants.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\WINDOWS\\system32\\ftp.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\iWin Games\\iWinGames.exe"=
"C:\\Program Files\\iWin Games\\WebUpdater.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 14:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 14:35]
S1 vcdrom;Virtual CD-ROM Device Driver;C:\Documents and Settings\Owner\Desktop\VCdRom.sys []
S2 RVIEG01;VSC Engine;C:\Program Files\Cakewalk\Shared Dxi\Roland\RVIEg01.sys []
S4 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" []
Start Pending2 RpcxSs;Remote Procedure Call (RPC) Extensions;C:\WINDOWS\System32\svchost.exe [2008-04-14 05:42]
.
Contents of the 'Scheduled Tasks' folder
"2008-05-06 15:49:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-10 22:04:07 C:\WINDOWS\Tasks\RegCure Program Check.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-05-08 11:23:18 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2008-05-05 22:57:00 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2007-10-08 22:57:16 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job"
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
"2008-05-10 22:04:07 C:\WINDOWS\Tasks\XoftSpySE 2.job"
- C:\Program Files\XoftSpySE\XoftSpy.exe
"2007-09-23 23:47:53 C:\WINDOWS\Tasks\XoftSpySE.job"
- C:\Program Files\XoftSpySE\XoftSpy.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-05-10 18:08:54
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-05-10 18:12:17
ComboFix-quarantined-files.txt 2008-05-10 22:11:50
ComboFix2.txt 2008-04-23 03:39:30
ComboFix3.txt 2008-04-22 23:34:09
ComboFix4.txt 2008-04-22 04:59:33
Pre-Run: 28,541,739,008 bytes free
Post-Run: 28,712,427,520 bytes free
306 --- E O F --- 2008-04-18 20:50:11
