Webuser Forums: Kindly check my hijack this log

Hi Joe
Many thanks for help I hope this is what is required

ComboFix 08-08-30.01 - John Kearns 2008-08-30 22:12:38.1 - NTFSx86
Running from: C:\Documents and Settings\John Kearns\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\test.txt
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\actskn43.ocx
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\eWebControl.dll
C:\WINDOWS\system32\rtl60.bpl
C:\WINDOWS\system32\url(2)(2)(3).dll

.
((((((((((((((((((((((((( Files Created from 2008-07-28 to 2008-08-30 )))))))))))))))))))))))))))))))
.

2008-08-30 16:17 . 2008-08-30 16:19 <DIR> d-------- C:\Program Files\Hide IP NG
2008-08-30 13:35 . 2008-08-30 13:35 <DIR> d-------- C:\MxDownload
2008-08-30 13:35 . 2008-08-30 13:35 0 --a------ C:\WINDOWS\system32\cid_store.dat
2008-08-30 13:34 . 2008-08-30 18:32 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\MxBoost
2008-08-30 13:33 . 2008-08-30 13:34 <DIR> d-------- C:\Program Files\Maxthon2
2008-08-30 13:19 . 2008-08-30 13:19 <DIR> d-------- C:\Program Files\Veetle
2008-08-30 13:19 . 2008-08-30 13:19 48,396 --a------ C:\WINDOWS\UninstVeetleTVPlayer.exe
2008-08-28 13:27 . 2008-08-29 00:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PrevxCSI
2008-08-24 21:38 . 2008-08-24 21:38 <DIR> d-------- C:\Program Files\Windows Resource Kits
2008-08-24 15:48 . 2008-08-24 15:48 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-24 15:48 . 2008-08-24 15:48 <DIR> d-------- C:\ConvertTemp
2008-08-24 15:46 . 2008-08-24 15:47 <DIR> d-------- C:\Program Files\NOS
2008-08-22 09:46 . 0 C:\WINDOWS\system32\Y;Y;
2008-08-16 23:34 . 2008-08-24 15:45 <DIR> d-------- C:\Program Files\DigiMode
2008-08-15 23:29 . 2008-08-15 23:29 <DIR> d-------- C:\Program Files\SDP Multimedia
2008-08-15 21:44 . 2008-08-24 15:47 <DIR> d-------- C:\Program Files\Common Files\Adobe AIR
2008-08-15 21:42 . 2008-08-15 21:42 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-08-15 17:12 . 2008-08-15 17:12 <DIR> d-------- C:\Program Files\Secunia
2008-08-15 16:25 . 2008-08-24 15:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-08-14 11:06 . 2008-08-14 11:21 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-08-10 09:36 . 2008-08-10 09:37 <DIR> d-------- C:\Program Files\MP3 Remix
2008-08-10 09:36 . 2008-08-10 09:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MP3 Remix
2008-08-08 17:58 . 2008-08-08 17:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-08-08 17:53 . 2008-08-08 17:53 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-08-08 17:44 . 2008-08-08 18:35 165,244 --a------ C:\WINDOWS\hpoins28.dat
2008-08-08 17:44 . 2008-05-12 21:12 796 --------- C:\WINDOWS\hpomdl28.dat
2008-08-08 16:22 . 2008-08-08 18:50 141,136 --a------ C:\WINDOWS\hpoins14.dat
2008-08-08 16:22 . 2007-09-20 03:14 2,000 --------- C:\WINDOWS\hpomdl14.dat
2008-08-08 11:52 . 2008-08-08 11:52 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\HP
2008-08-05 22:53 . 2008-08-05 22:54 <DIR> d-------- C:\Program Files\honestech Video Editor 7.0
2008-08-05 12:09 . 2008-08-05 12:09 230,454 --a------ C:\WINDOWS\0000.bmp
2008-08-05 11:39 . 2008-08-05 11:39 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\Yahoo!
2008-08-05 11:39 . 2008-08-05 11:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-08-04 16:24 . 2008-08-04 17:47 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\IObit
2008-08-04 16:24 . 2008-04-17 16:19 90,668 --a------ C:\WINDOWS\system32\vobis32.dll
2008-08-04 16:23 . 2008-08-04 16:23 <DIR> d-------- C:\Program Files\IObit
2008-08-03 22:29 . 2008-08-03 22:29 <DIR> d-------- C:\Hide IP NG
2008-08-03 22:02 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-08-03 22:02 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-08-03 22:02 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-08-03 22:02 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-08-03 20:21 . 2008-08-04 17:42 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-08-02 19:33 . 2008-08-02 19:33 <DIR> d-------- C:\Program Files\Seamless
2008-08-01 14:50 . 2008-08-01 14:59 <DIR> d-------- C:\Movavi files
2008-08-01 14:45 . 2008-08-02 20:56 <DIR> d-------- C:\Program Files\Aplus Video Joiner
2008-08-01 13:02 . 2008-08-01 13:02 <DIR> d-------- C:\Documents and Settings\John Kearns\LocalLow
2008-08-01 13:02 . 2008-08-01 13:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TVU Networks
2008-07-31 13:16 . 2008-07-31 14:43 23 --a------ C:\Documents and Settings\John Kearns\jagex_runescape_preferences.dat
2008-07-31 13:15 . 2008-07-31 13:15 <DIR> d-------- C:\WINDOWS\.jagex_cache_32
2008-07-30 00:26 . 2008-08-03 09:14 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\tor
2008-07-30 00:24 . 2008-07-30 00:25 <DIR> d-------- C:\Program Files\Vidalia Bundle
2008-07-30 00:24 . 2008-08-03 10:03 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\Vidalia
2008-07-28 14:22 . 1998-05-11 20:01 240,944 --a------ C:\WINDOWS\system32\RICHED.DLL
2008-07-26 11:01 . 2008-07-29 11:51 <DIR> d-------- C:\Program Files\PCPitstop
2008-07-24 18:15 . 2008-07-24 19:03 <DIR> dr------- C:\My Movie Files
2008-07-22 19:07 . 2008-07-22 19:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-07-22 19:05 . 2007-03-08 06:20 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-07-22 19:05 . 2007-03-08 06:20 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-07-22 19:04 . 2008-07-22 19:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-07-22 19:04 . 2007-03-30 17:07 267,864 -ra------ C:\WINDOWS\system32\hpzids01.dll
2008-07-22 19:04 . 2007-03-28 14:01 117,760 --a------ C:\WINDOWS\system32\hpzll5ha.dll
2008-07-22 19:04 . 2007-03-08 06:20 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-07-22 19:03 . 2007-03-17 18:11 675,840 -ra------ C:\WINDOWS\system32\hpowiax3.dll
2008-07-22 19:03 . 2007-03-17 18:11 569,344 -ra------ C:\WINDOWS\system32\hpotscl3.dll
2008-07-22 19:03 . 2007-03-08 06:20 364,544 -ra------ C:\WINDOWS\system32\hppldcoi.dll
2008-07-22 19:03 . 2007-03-08 06:20 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll
2008-07-22 19:03 . 2007-03-17 18:11 303,104 -ra------ C:\WINDOWS\system32\hpovst10.dll
2008-07-22 19:03 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-07-22 19:03 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2008-07-22 17:02 . 2008-08-08 15:06 141,021 --------- C:\WINDOWS\hpoins14.dat.temp
2008-07-22 17:02 . 2007-09-20 03:14 2,000 --------- C:\WINDOWS\hpomdl14.dat.temp
2008-07-22 16:43 . 2008-08-08 18:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-07-22 16:42 . 2008-07-22 16:42 <DIR> d-------- C:\Program Files\Common Files\HP
2008-07-22 16:41 . 2008-07-22 16:41 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-07-22 16:39 . 2008-08-08 17:58 <DIR> d-------- C:\Program Files\HP
2008-07-22 08:44 . 2008-08-02 17:13 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\Cabos
2008-07-22 08:43 . 2008-07-22 08:43 <DIR> d-------- C:\Program Files\Cabos
2008-07-21 00:29 . 2008-07-21 00:29 <DIR> d-------- C:\Program Files\Fotosizer
2008-07-20 10:08 . 2008-07-22 11:22 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-07-20 10:02 . 2008-07-20 10:02 <DIR> d-------- C:\Program Files\PicLensIE
2008-07-20 09:10 . 2008-07-20 09:10 <DIR> d-------- C:\Documents and Settings\Abbey Kearns.VERDEPINO\Application Data\WinPatrol
2008-07-19 17:00 . 2008-08-30 16:17 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\Hide IP NG
2008-07-18 12:32 . 2008-07-18 12:32 <DIR> d-------- C:\Program Files\MIKSOFT
2008-07-18 11:48 . 2008-07-18 16:15 <DIR> d-------- C:\Program Files\3GP Player
2008-07-17 23:52 . 2008-08-04 17:04 <DIR> d-------- C:\Program Files\Password Manager Deluxe
2008-07-17 23:52 . 2008-07-17 23:52 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\Kristanix Software
2008-07-17 23:52 . 2008-07-17 23:52 <DIR> d-------- C:\Backup
2008-07-17 23:52 . 2008-07-17 23:52 23 --a------ C:\WINDOWS\system32\krx220.dat
2008-07-17 00:48 . 2008-07-17 00:59 <DIR> d-------- C:\Program Files\Proxy Switcher Standard
2008-07-16 15:06 . 2008-07-16 15:46 <DIR> d-------- C:\Program Files\Lx_cats
2008-07-16 15:05 . 2008-07-17 21:24 <DIR> d-------- C:\Temp\{9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15}
2008-07-16 15:05 . 2008-07-16 15:32 275 --a------ C:\lxcffire.csv
2008-07-16 15:05 . 2008-07-16 15:05 0 --a------ C:\lxcffire.000
2008-07-15 16:28 . 2008-07-16 09:43 <DIR> d-------- C:\Program Files\ExplorerXP
2008-07-15 12:57 . 2008-07-24 20:25 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-07-09 18:32 . 2008-07-09 18:32 <DIR> d-------- C:\Program Files\Common Files\Cadsoft
2008-07-09 18:31 . 2008-07-09 18:31 <DIR> d-------- C:\Program Files\IMSIDesign
2008-07-09 18:31 . 2008-07-09 18:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\IMSIDesign
2008-07-09 05:04 . 2008-07-09 05:04 <DIR> d-------- C:\WINDOWS\SQLTools9_KB948109_ENU
2008-07-09 05:03 . 2008-07-09 05:03 <DIR> d-------- C:\WINDOWS\SQL9_KB948109_ENU
2008-07-01 22:03 . 2008-07-01 22:03 <DIR> d-------- C:\CCProxy

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-30 14:32 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\uTorrent
2008-08-30 03:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-28 22:40 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\ImgBurn
2008-08-24 13:48 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-24 13:44 --------- d-----w C:\Program Files\Bit Che
2008-08-20 17:12 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Skype
2008-08-15 14:59 --------- d-----w C:\Program Files\Java
2008-08-15 14:38 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-06 08:23 --------- d-----w C:\Program Files\ComfortKeyboard
2008-08-05 20:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-04 21:03 --------- d-----w C:\Program Files\Yahoo!
2008-08-04 20:13 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-08-04 20:09 --------- d-----w C:\Program Files\ESET
2008-08-04 17:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-08-04 16:36 --------- d-----w C:\Program Files\Intel
2008-08-04 16:28 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-04 15:18 --------- d-----w C:\Program Files\TVAnts
2008-08-04 15:18 --------- d-----w C:\Program Files\OpenExpert
2008-08-04 15:18 --------- d-----w C:\Program Files\LimeWire
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\FEP
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Azureus
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\MVTLogs
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kontiki
2008-08-04 15:04 --------- d-----w C:\Program Files\Spy Cleaner Gold
2008-08-04 15:04 --------- d-----w C:\Program Files\NetScream
2008-08-04 15:04 --------- d-----w C:\Program Files\ModemTest
2008-08-04 15:04 --------- d-----w C:\Program Files\Modem Helper
2008-08-04 15:04 --------- d-----w C:\Program Files\Microsoft AntiSpyware
2008-08-04 15:04 --------- d-----w C:\Program Files\MagicISO
2008-08-04 15:04 --------- d-----w C:\Program Files\MagicDisc
2008-08-04 15:04 --------- d-----w C:\Program Files\ImageBadger
2008-08-04 15:04 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Sylpheed
2008-08-04 15:04 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\ProspectorV5
2008-08-04 15:04 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\BitTorrent
2008-08-04 15:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\PCPitstop
2008-08-03 14:02 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\skypePM
2008-08-02 15:02 --------- d-----w C:\Program Files\Ashampoo
2008-08-01 11:02 --------- d-----w C:\Program Files\TVUPlayer
2008-08-01 10:42 --------- d-----w C:\Program Files\Google
2008-08-01 06:54 --------- d-----w C:\Program Files\MediaJoin
2008-07-29 09:45 --------- d-----w C:\Program Files\URLSnooper2
2008-07-29 09:43 --------- d-----w C:\Program Files\RS audials
2008-07-29 09:38 --------- d-----w C:\Program Files\InAlbum 3 Deluxe
2008-07-28 16:43 --------- d-----w C:\Program Files\Opera
2008-07-25 17:43 --------- d-----w C:\Program Files\Kontiki
2008-07-25 17:30 --------- d-----w C:\Program Files\Bonjour
2008-07-25 17:29 --------- d-----w C:\Program Files\Apple Software Update
2008-07-25 17:13 --------- d-----w C:\Program Files\SmartDraw 2008
2008-07-25 17:12 --------- d-----w C:\Program Files\TweakNow RegCleaner Std
2008-07-25 17:11 --------- d-----w C:\Program Files\WinMPG VideoConvert
2008-07-25 16:54 --------- d-----w C:\Program Files\The Rosetta Stone
2008-07-25 16:51 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\ppstream
2008-07-19 22:21 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Apple Computer
2008-07-19 22:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-18 21:04 --------- d-----w C:\Program Files\QuickTime
2008-07-18 21:01 --------- d-----w C:\Program Files\iTunes
2008-07-18 21:00 --------- d-----w C:\Program Files\iPod
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-08 13:45 --------- d--h--w C:\Documents and Settings\John Kearns\Application Data\InAlbumTemp
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll
2008-07-06 21:58 --------- d-----w C:\Program Files\EMCO Malware Destroyer
2008-07-01 20:31 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Ashampoo
2008-06-30 13:03 --------- d-----w C:\Program Files\Word Search Deluxe
2008-06-27 13:15 259,584 ----a-w C:\WINDOWS\system32\xtsupermenuhook.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 08:57 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:20 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:20 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-21 05:23 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-13 13:10 272,128 ----a-w C:\WINDOWS\system32\dllcache\bthport.sys
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2008-05-01 14:30 331,776 ----a-w C:\WINDOWS\system32\dllcache\msadce.dll
2007-10-01 07:51 1,138 --sh--w C:\WINDOWS\lcfep5b.drv
2006-11-25 13:45 88 --sh--r C:\WINDOWS\system32\C33E00BCB7.sys
2008-01-10 16:35 3,454 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-05-18 08:07 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2008-05-18 08:07 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
2008-05-18 08:07 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"New Application"="C:\Program Files\TrojanHunter 4.7\THGuard.exe" [2007-09-05 13:55 523264]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [X]
"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2007-04-19 13:33 271936]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 21:42 1404928]
"OFFICEKB"="C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe" [2007-03-18 19:44 387584]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-02-18 20:57 949376]
"FLMOFFICE4DMOUSE"="C:\Program Files\Labtec\Desktop\V5.1\moffice.exe" [2006-08-27 19:57 958464]
"BigDog303"="C:\WINDOWS\VM303_STI.EXE" [2005-06-23 11:13 61440]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 23:22 3739648]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 09:01 437160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideFastUserSwitching"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableChangePassword"= 0 (0x0)
"DisableLockWorkstation"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
"NoResolveSearch"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoLogoff"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.MSNAUDIO"= msnaudio.acm
"vidc.dvsd"= pdvcodec.dll
"msacm.ac3filter"= ac3filter.acm
"VIDC.MJPG"= pvmjpg21.dll
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4oD]
--a------ 2008-02-27 18:56 1032376 C:\Program Files\Kontiki\KHost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostSurf Reminder]
--a------ 2005-08-15 00:32 82037 C:\Program Files\GhostSurf Platinum\Privacy Control Center.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
--a------ 2008-02-27 18:56 1032376 C:\Program Files\Kontiki\KHost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"Copernic Desktop Search 2"="C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe
"AgenteADSL_15"=C:\Program Files\Telefonica\KitAIM\AimExDll.exe AimGestA.dll 7
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
"DMXLauncher"=C:\Program Files\Dell\Media Experience\DMXLauncher.exe
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe
"THGuard"="C:\Program Files\TrojanHunter 4.7\THGuard.exe"
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
"BigDog303"=C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"BigDog303"=C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\Program Files\\utorrent\\utorrent.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\TVAnts\\Tvants.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"C:\\AV-CLS\\WGET.EXE"=
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"<NO NAME>"= "C:\\Program Files\\PPStream\\PPStream.exe" "C:\\Program Files\\PPStream\\PPStream.exe
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\EMCO Malware Destroyer\\MalwareDestroyer.exe"=
"C:\\Program Files\\Kontiki\\KService.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Zattoo\\Zattoo2.exe"=
"C:\\Program Files\\Zattoo\\zattood.exe"=
"C:\\Program Files\\SmartHide\\2\\SmartHide.exe"=
"C:\\Program Files\\SmartHide\\SmartHide.exe"=
"C:\\CCProxy\\CCProxy.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Labtec\\Desktop\\V5.1\\KBDAP32A.EXE"=
"C:\\WINDOWS\\system32\\java.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Maxthon2\\Modules\\MxDownloader\\MxDownloadServer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20747:TCP"= 20747:TCP:BitComet 20747 TCP
"20747:UDP"= 20747:UDP:BitComet 20747 UDP
"58970:TCP"= 58970:TCP:Pando P2P TCP Listening Port
"58970:UDP"= 58970:UDP:Pando P2P UDP Listening Port

R0 HWFProt;Hywave File Protector HWFProt;C:\WINDOWS\system32\Drivers\HWFProt.sys [2003-05-11 16:20]
R0 tdrpman;Acronis Try&Decide and Restore Points filter;C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2007-11-22 18:17]
R2 TryAndDecideService;Acronis Try And Decide Service;C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-09-14 05:01]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-04 07:00]
R3 tap0801;Smarthide TAP driver;C:\WINDOWS\system32\DRIVERS\tap0801.sys [2007-10-12 15:07]
S3 CachemanXPService;CachemanXPService;C:\PROGRA~1\CACHEM~1\CachemanXP.exe [2008-03-03 22:39]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2007-11-14 21:40]
S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 10:31]
S3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 23:25]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-02-29 23:24]
S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 00:01]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - setup.exe
.
Contents of the 'Scheduled Tasks' folder

2008-08-30 C:\WINDOWS\Tasks\AWC Update.job
- C:\Program Files\IObit\Advanced WindowsCare 3 Beta\IObitUpdate.exe []

2008-08-30 C:\WINDOWS\Tasks\AWC Update.job
- C:\Program Files\IObit\Advanced WindowsCare 3 Beta\ [2008-08-24 15:53]

2008-08-30 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

2008-08-30 C:\WINDOWS\Tasks\XoftSpySE.job
- C:\Program Files\XoftSpySE\XoftSpy.exe [2007-05-14 17:04]
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{29f0230f-a825-44d0-b98f-a044b7592cff} - (no file)
ShellExecuteHooks-{EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - (no file)

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\John Kearns\Application Data\Mozilla\Firefox\Profiles\6rtk0nnf.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://uk.yahoo.com/index_narrow.html
FF -: plugin - C:\Documents and Settings\John Kearns\Application Data\Mozilla\Firefox\Profiles\6rtk0nnf.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}\plugins\npagent.dll
FF -: plugin - C:\Documents and Settings\John Kearns\Application Data\Mozilla\Firefox\Profiles\6rtk0nnf.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07074039.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npagent.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npvirtools.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
FF -: plugin - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF -: plugin - C:\Program Files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-30 22:25:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\ESET\nod32krn.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Labtec\Desktop\V5.1\mouse32a.exe
C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE
C:\WINDOWS\system32\dwwin.exe
.
**************************************************************************
.
Completion time: 2008-08-30 22:36:29 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-30 20:36:20
ComboFix2.txt 2007-01-22 20:21:45

Pre-Run: 4,931,682,304 bytes free
Post-Run: 5,959,118,848 bytes free

430 --- E O F --- 2008-08-30 03:10:53
And my Hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:42:59, on 30/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Labtec\Desktop\V5.1\moffice.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\TrojanHunter 4.7\THGuard.exe
C:\Program Files\Labtec\Desktop\V5.1\MOUSE32A.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\John Kearns\Desktop\HiJackThis.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Desktop\V5.1\moffice.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [New Application] C:\Program Files\TrojanHunter 4.7\THGuard.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Launch PicLens - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\PicLens.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.es
O15 - Trusted Zone: http://www.kaspersky.com
O15 - Trusted Zone: http://www.pandasoftware.com
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {4C833081-D026-4FF8-968F-7EAB660D2FBA} (TVAnts ActiveX Control) - http://download.tvants.com/pub/tvants/tvants1/win32/cab/tvants.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://upload.divshare.com/scripts/uploader/ImageUploader4.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - https://ukplay.toontown.com/download/sv1.0.31.3/ttinst.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/v...l/installer.exe
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2F0D09B-DCD6-47ED-8B97-458C6015B7CC}: NameServer = 80.58.61.250 80.58.61.254
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CachemanXPService - Outertech - C:\PROGRA~1\CACHEM~1\CachemanXP.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 12249 bytes

Hi Joe
Heres the logs
ComboFix 08-08-30.01 - John Kearns 2008-09-01 17:22:01.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.212 [GMT 2:00]
Running from: C:\Documents and Settings\John Kearns\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\John Kearns\Desktop\CFScript.txt
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-08-01 to 2008-09-01 )))))))))))))))))))))))))))))))
.

2008-09-01 17:04 . 2008-09-01 17:04 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-31 22:23 . 2008-08-31 22:23 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-31 22:23 . 2008-08-31 22:23 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\Malwarebytes
2008-08-31 22:23 . 2008-08-31 22:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-31 22:23 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-31 22:23 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-31 22:17 . 2008-08-31 22:17 <DIR> d-------- C:\Program Files\CCleaner
2008-08-30 13:35 . 2008-08-30 13:35 <DIR> d-------- C:\MxDownload
2008-08-30 13:35 . 2008-08-30 13:35 0 --a------ C:\WINDOWS\system32\cid_store.dat
2008-08-30 13:34 . 2008-09-01 09:40 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\MxBoost
2008-08-30 13:33 . 2008-08-30 13:34 <DIR> d-------- C:\Program Files\Maxthon2
2008-08-30 13:19 . 2008-08-30 13:19 <DIR> d-------- C:\Program Files\Veetle
2008-08-30 13:19 . 2008-08-30 13:19 48,396 --a------ C:\WINDOWS\UninstVeetleTVPlayer.exe
2008-08-28 13:27 . 2008-08-29 00:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PrevxCSI
2008-08-24 21:38 . 2008-08-24 21:38 <DIR> d-------- C:\Program Files\Windows Resource Kits
2008-08-24 15:48 . 2008-08-24 15:48 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-24 15:48 . 2008-08-24 15:48 <DIR> d-------- C:\ConvertTemp
2008-08-24 15:46 . 2008-08-24 15:47 <DIR> d-------- C:\Program Files\NOS
2008-08-22 09:46 . 0 C:\WINDOWS\system32\Y;Y;
2008-08-16 23:34 . 2008-08-24 15:45 <DIR> d-------- C:\Program Files\DigiMode
2008-08-15 23:29 . 2008-08-15 23:29 <DIR> d-------- C:\Program Files\SDP Multimedia
2008-08-15 21:44 . 2008-08-24 15:47 <DIR> d-------- C:\Program Files\Common Files\Adobe AIR
2008-08-15 21:42 . 2008-08-15 21:42 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-08-15 17:12 . 2008-08-15 17:12 <DIR> d-------- C:\Program Files\Secunia
2008-08-15 16:25 . 2008-08-24 15:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NOS
2008-08-10 09:36 . 2008-08-10 09:37 <DIR> d-------- C:\Program Files\MP3 Remix
2008-08-10 09:36 . 2008-08-10 09:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MP3 Remix
2008-08-08 17:58 . 2008-08-08 17:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-08-08 17:53 . 2008-08-08 17:53 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-08-08 17:44 . 2008-08-08 18:35 165,244 --a------ C:\WINDOWS\hpoins28.dat
2008-08-08 17:44 . 2008-05-12 21:12 796 --------- C:\WINDOWS\hpomdl28.dat
2008-08-08 16:22 . 2008-08-08 18:50 141,136 --a------ C:\WINDOWS\hpoins14.dat
2008-08-08 16:22 . 2007-09-20 03:14 2,000 --------- C:\WINDOWS\hpomdl14.dat
2008-08-08 11:52 . 2008-08-08 11:52 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\HP
2008-08-05 22:53 . 2008-08-05 22:54 <DIR> d-------- C:\Program Files\honestech Video Editor 7.0
2008-08-05 12:09 . 2008-08-05 12:09 230,454 --a------ C:\WINDOWS\0000.bmp
2008-08-05 11:39 . 2008-08-05 11:39 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\Yahoo!
2008-08-05 11:39 . 2008-08-05 11:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-08-04 16:24 . 2008-08-04 17:47 <DIR> d-------- C:\Documents and Settings\John Kearns\Application Data\IObit
2008-08-04 16:24 . 2008-04-17 16:19 90,668 --a------ C:\WINDOWS\system32\vobis32.dll
2008-08-04 16:23 . 2008-08-04 16:23 <DIR> d-------- C:\Program Files\IObit
2008-08-03 22:29 . 2008-08-03 22:29 <DIR> d-------- C:\Hide IP NG
2008-08-03 22:02 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-08-03 22:02 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-08-03 22:02 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-08-03 22:02 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-08-03 20:21 . 2008-08-04 17:42 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-08-02 19:33 . 2008-08-02 19:33 <DIR> d-------- C:\Program Files\Seamless
2008-08-01 14:50 . 2008-08-01 14:59 <DIR> d-------- C:\Movavi files
2008-08-01 14:45 . 2008-08-02 20:56 <DIR> d-------- C:\Program Files\Aplus Video Joiner
2008-08-01 13:02 . 2008-08-01 13:02 <DIR> d-------- C:\Documents and Settings\John Kearns\LocalLow
2008-08-01 13:02 . 2008-08-01 13:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TVU Networks

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-31 20:43 --------- d-----w C:\Program Files\Windows Installer Clean Up
2008-08-31 20:21 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\ImgBurn
2008-08-31 20:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-31 19:42 --------- d-----w C:\Program Files\RogueRemover
2008-08-31 07:40 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Hide IP NG
2008-08-31 07:30 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\uTorrent
2008-08-31 03:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-24 13:48 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-24 13:44 --------- d-----w C:\Program Files\Bit Che
2008-08-20 17:12 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Skype
2008-08-15 14:59 --------- d-----w C:\Program Files\Java
2008-08-15 14:38 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-08 16:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP
2008-08-08 15:58 --------- d-----w C:\Program Files\HP
2008-08-06 08:23 --------- d-----w C:\Program Files\ComfortKeyboard
2008-08-05 20:53 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-04 21:03 --------- d-----w C:\Program Files\Yahoo!
2008-08-04 20:13 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-08-04 20:09 --------- d-----w C:\Program Files\ESET
2008-08-04 17:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-08-04 16:36 --------- d-----w C:\Program Files\Intel
2008-08-04 16:28 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-04 15:18 --------- d-----w C:\Program Files\TVAnts
2008-08-04 15:18 --------- d-----w C:\Program Files\OpenExpert
2008-08-04 15:18 --------- d-----w C:\Program Files\LimeWire
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\FEP
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Azureus
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\MVTLogs
2008-08-04 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kontiki
2008-08-04 15:04 --------- d-----w C:\Program Files\Password Manager Deluxe
2008-08-04 15:04 --------- d-----w C:\Program Files\NetScream
2008-08-04 15:04 --------- d-----w C:\Program Files\ModemTest
2008-08-04 15:04 --------- d-----w C:\Program Files\Modem Helper
2008-08-04 15:04 --------- d-----w C:\Program Files\Microsoft AntiSpyware
2008-08-04 15:04 --------- d-----w C:\Program Files\MagicISO
2008-08-04 15:04 --------- d-----w C:\Program Files\MagicDisc
2008-08-04 15:04 --------- d-----w C:\Program Files\ImageBadger
2008-08-04 15:04 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Sylpheed
2008-08-04 15:04 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\ProspectorV5
2008-08-04 15:04 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\BitTorrent
2008-08-04 15:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\PCPitstop
2008-08-03 14:02 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\skypePM
2008-08-03 08:03 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Vidalia
2008-08-03 07:14 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\tor
2008-08-02 15:13 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Cabos
2008-08-02 15:02 --------- d-----w C:\Program Files\Ashampoo
2008-08-01 11:02 --------- d-----w C:\Program Files\TVUPlayer
2008-08-01 10:42 --------- d-----w C:\Program Files\Google
2008-08-01 06:54 --------- d-----w C:\Program Files\MediaJoin
2008-07-31 12:43 23 ----a-w C:\Documents and Settings\John Kearns\jagex_runescape_preferences.dat
2008-07-29 22:25 --------- d-----w C:\Program Files\Vidalia Bundle
2008-07-29 09:51 --------- d-----w C:\Program Files\PCPitstop
2008-07-29 09:45 --------- d-----w C:\Program Files\URLSnooper2
2008-07-29 09:43 --------- d-----w C:\Program Files\RS audials
2008-07-29 09:38 --------- d-----w C:\Program Files\InAlbum 3 Deluxe
2008-07-28 16:43 --------- d-----w C:\Program Files\Opera
2008-07-25 17:43 --------- d-----w C:\Program Files\Kontiki
2008-07-25 17:30 --------- d-----w C:\Program Files\Bonjour
2008-07-25 17:29 --------- d-----w C:\Program Files\Apple Software Update
2008-07-25 17:13 --------- d-----w C:\Program Files\SmartDraw 2008
2008-07-25 17:12 --------- d-----w C:\Program Files\TweakNow RegCleaner Std
2008-07-25 17:11 --------- d-----w C:\Program Files\WinMPG VideoConvert
2008-07-25 16:54 --------- d-----w C:\Program Files\The Rosetta Stone
2008-07-25 16:51 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\ppstream
2008-07-24 18:25 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-07-22 17:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\WEBREG
2008-07-22 17:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-07-22 14:42 --------- d-----w C:\Program Files\Common Files\HP
2008-07-22 14:41 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2008-07-22 06:43 --------- d-----w C:\Program Files\Cabos
2008-07-20 22:29 --------- d-----w C:\Program Files\Fotosizer
2008-07-20 08:02 --------- d-----w C:\Program Files\PicLensIE
2008-07-20 07:10 --------- d-----w C:\Documents and Settings\Abbey Kearns.VERDEPINO\Application Data\WinPatrol
2008-07-19 22:21 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Apple Computer
2008-07-19 22:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-18 21:04 --------- d-----w C:\Program Files\QuickTime
2008-07-18 21:01 --------- d-----w C:\Program Files\iTunes
2008-07-18 21:00 --------- d-----w C:\Program Files\iPod
2008-07-18 14:15 --------- d-----w C:\Program Files\3GP Player
2008-07-18 10:32 --------- d-----w C:\Program Files\MIKSOFT
2008-07-17 21:52 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Kristanix Software
2008-07-16 22:59 --------- d-----w C:\Program Files\Proxy Switcher Standard
2008-07-16 13:46 --------- d-----w C:\Program Files\Lx_cats
2008-07-16 07:43 --------- d-----w C:\Program Files\ExplorerXP
2008-07-09 16:32 --------- d-----w C:\Program Files\Common Files\Cadsoft
2008-07-09 16:31 --------- d-----w C:\Program Files\IMSIDesign
2008-07-09 16:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\IMSIDesign
2008-07-08 13:45 --------- d--h--w C:\Documents and Settings\John Kearns\Application Data\InAlbumTemp
2008-07-01 20:31 --------- d-----w C:\Documents and Settings\John Kearns\Application Data\Ashampoo
2007-12-07 12:20 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-10-13 18:02 235,533 ----a-w C:\Program Files\VirtualDub.chm
2007-10-13 17:58 946,176 ----a-w C:\Program Files\VirtualDub.exe
2007-10-13 17:58 199,570 ----a-w C:\Program Files\VirtualDub.vdi
2007-10-13 17:55 8,704 ----a-w C:\Program Files\vdub.exe
2007-10-13 17:55 33,792 ----a-w C:\Program Files\auxsetup.exe
2007-10-13 17:55 31,232 ----a-w C:\Program Files\vdremote.dll
2007-10-13 17:55 29,696 ----a-w C:\Program Files\vdicmdrv.dll
2007-10-13 17:54 25,088 ----a-w C:\Program Files\vdsvrlnk.dll
2006-04-24 22:04 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2007-10-01 07:51 1,138 --sh--w C:\WINDOWS\lcfep5b.drv
2006-11-25 13:45 88 --sh--r C:\WINDOWS\system32\C33E00BCB7.sys
2008-01-10 16:35 3,454 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-05-18 08:07 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2008-05-18 08:07 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
2008-05-18 08:07 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-08-30_22.35.19.42 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-07-07 09:17:45 781,104 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-08-31 03:18:59 783,744 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2007-07-07 09:19:49 118,112 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
+ 2008-08-31 03:19:32 120,408 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
- 2007-07-07 09:19:48 609,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2008-08-31 03:19:31 611,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2006-10-26 17:49:48 1,011,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109010090400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2006-10-26 17:49:46 970,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109010090400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2006-10-27 13:00:10 576,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACACEDAO.DLL
+ 2006-10-26 19:18:12 162,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACCWIZ.DLL
+ 2006-10-27 13:00:12 1,751,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2006-10-27 13:00:10 576,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 13:00:06 47,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-27 13:00:08 191,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-26 18:13:34 338,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-26 18:13:44 629,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-26 18:13:28 207,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-26 18:13:32 279,352 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-26 18:13:12 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 13:00:06 387,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-26 18:13:38 392,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-26 18:13:30 260,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-26 18:13:32 289,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-26 18:13:20 56,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-26 18:13:38 551,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-26 18:13:30 224,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 13:40:34 208,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-26 18:13:34 371,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 13:41:04 399,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-26 17:59:24 205,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-26 19:30:42 65,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\COLLIMP.DLL
+ 2006-10-26 18:12:52 189,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL
+ 2006-10-26 22:48:08 234,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DRAT.EXE
+ 2006-10-26 17:48:14 439,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DWDCW20.DLL
+ 2006-10-26 12:10:08 1,190,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2006-10-26 12:04:58 75,576 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FORM.DLL
+ 2006-10-26 17:21:24 1,682,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-27 13:09:36 983,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 18:02:12 2,526,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-27 13:37:44 338,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVE.EXE
+ 2006-10-27 13:38:02 6,191,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEACCOUNTMGR.DLL
+ 2006-10-27 13:37:44 284,448 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDIO.DLL
+ 2006-10-26 22:47:54 65,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEAUDITSERVICE.EXE
+ 2006-10-27 13:37:40 34,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEAUTOPROXY.DLL
+ 2006-10-27 13:37:44 300,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECALENDARTOOL.DLL
+ 2006-10-26 22:47:44 33,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECLEAN.EXE
+ 2006-10-27 13:37:56 2,689,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMONCOMPONENTS.DLL
+ 2006-10-27 13:38:00 3,508,544 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSERVICES.DLL
+ 2006-10-27 13:37:40 117,584 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSTATUSANDCONTROL.DLL
+ 2006-10-27 13:37:50 768,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECOMPONENTMGR.DLL
+ 2006-10-27 13:37:52 1,359,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVECRYPTO.DLL
+ 2006-10-26 22:48:24 377,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEDATAVIEWERTOOL.DLL
+ 2006-10-27 13:37:58 3,071,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEDOCUMENTSHARETOOL.DLL
+ 2006-10-27 13:37:44 284,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEFETCHSERVICES.DLL
+ 2006-10-26 22:48:00 197,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEGAMES.DLL
+ 2006-10-26 22:48:18 317,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEMIGRATOR.EXE
+ 2006-10-26 22:48:40 1,555,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEMISC.DLL
+ 2006-10-26 22:47:42 31,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEMONITOR.EXE
+ 2006-10-26 22:47:40 22,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVENEW.DLL
+ 2006-10-26 22:48:02 224,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEPROJECTTOOLSET.DLL
+ 2006-10-27 13:38:04 7,053,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVERESOURCE.DLL
+ 2006-10-26 22:48:42 2,210,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESHELLEXTENSIONS.DLL
+ 2006-10-26 22:48:18 363,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESKETCHTOOL.DLL
+ 2006-10-26 22:47:40 16,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESTDURLLAUNCHER.EXE
+ 2006-10-27 13:37:56 2,738,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESTORAGEMGR.DLL
+ 2006-10-27 13:37:38 35,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMMODE.DLL
+ 2006-10-26 22:48:02 222,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVESYSTEMSERVICES.DLL
+ 2006-10-27 13:37:50 1,163,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVETEXTTOOLS.DLL
+ 2006-10-27 13:38:00 4,746,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVETRANSCEIVER.DLL
+ 2006-10-27 13:37:54 1,396,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEUIFRAMEWORK.DLL
+ 2006-10-26 22:48:34 955,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEUTIL.DLL
+ 2006-10-27 13:37:40 268,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBBROWSERTOOL2.DLL
+ 2006-10-26 22:48:26 572,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBPLATFORMSERVICES.DLL
+ 2006-10-27 13:37:48 631,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GROOVEWEBSERVICES.DLL
+ 2006-10-26 18:12:52 173,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-27 13:10:08 1,439,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\INFOPATH.EXE
+ 2006-10-27 13:10:10 5,456,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPDESIGN.DLL
+ 2006-10-27 13:10:10 5,281,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-26 19:42:00 176,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPOLK.DLL
+ 2007-07-07 09:19:48 609,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPOMHOST.DLL
+ 2007-07-07 09:19:49 118,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IPOMINT.DLL
+ 2006-10-26 17:55:10 828,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-27 13:01:34 10,371,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-26 19:18:06 66,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-26 11:58:14 117,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-27 12:59:06 161,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 17:48:12 14,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 18:12:58 428,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-26 19:13:36 26,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 18:00:08 6,635,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 11:56:36 436,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-26 17:50:04 672,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 11:56:40 505,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 17:55:12 832,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 17:55:06 538,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 18:12:30 65,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-27 13:14:34 14,151,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-26 18:06:54 232,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 18:14:06 7,033,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-27 13:18:36 1,658,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 18:00:08 274,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-26 18:00:12 998,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 18:00:10 285,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-26 18:32:42 604,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONBTTNIE.DLL
+ 2006-10-27 13:39:36 687,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONBTTNOL.DLL
+ 2006-10-27 13:03:04 1,018,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONENOTE.EXE
+ 2006-10-26 18:24:54 98,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONENOTEM.EXE
+ 2006-10-26 18:24:50 72,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONFILTER.DLL
+ 2006-10-26 18:24:58 1,165,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONLIBS.DLL
+ 2006-10-27 13:03:06 6,579,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONMAIN.DLL
+ 2006-10-26 18:23:00 782,720 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ONSYNCPC.DLL
+ 2006-10-26 18:07:04 6,536,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-07-26 16:53:56 459,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-26 19:30:44 482,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-26 17:52:10 2,012,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-26 12:05:00 77,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PSOM.DLL
+ 2006-10-26 19:13:38 38,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 19:42:12 744,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REGFORM.EXE
+ 2006-10-26 12:04:44 19,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REVERSE.DLL
+ 2006-10-26 18:13:00 503,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-26 18:06:58 439,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 19:18:16 502,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-07-28 13:21:58 277,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-27 12:57:08 2,330,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 12:04:48 29,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\THOCRAPI.DLL
+ 2006-10-26 12:05:04 126,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL
+ 2006-10-26 12:05:02 86,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL
+ 2006-10-26 12:04:56 58,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWLAY32.DLL
+ 2006-10-26 12:04:48 27,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWORIENT.DLL
+ 2006-10-26 12:04:54 51,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWRECE.DLL
+ 2006-10-26 12:04:44 19,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWRECS.DLL
+ 2006-10-26 12:04:58 76,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL
+ 2006-09-29 22:42:56 2,583,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-26 20:58:38 3,732,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2007-07-07 09:17:45 781,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2006-10-26 12:05:08 1,181,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL
+ 2006-10-26 12:05:08 530,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\XPAGE3C.DLL
- 2008-08-29 03:18:00 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-08-31 03:25:38 1,165,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-08-29 03:18:00 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-08-31 03:25:40 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-08-29 03:18:00 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-08-31 03:25:39 159,504 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-08-29 03:18:00 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-08-31 03:25:39 184,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-08-29 03:18:00 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-08-31 03:25:40 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-08-29 03:18:00 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-08-31 03:25:40 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-08-29 03:18:00 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-08-31 03:25:42 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-08-29 03:18:00 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-08-31 03:25:39 845,584 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-08-29 03:18:00 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-08-31 03:25:39 922,384 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-08-29 03:18:00 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-08-31 03:25:40 272,648 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-08-29 03:18:00 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-08-31 03:25:41 888,080 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-08-29 03:18:00 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-08-31 03:25:38 1,172,240 ----a-r C:\WINDOWS\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-08-28 21:58:28 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2008-08-31 03:36:07 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2006-10-26 12:10:08 1,190,688 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2007-08-22 23:03:38 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2008-08-30 20:26:49 86,452 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-09-01 15:34:35 86,452 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-08-30 20:26:50 483,832 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-09-01 15:34:35 483,832 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-09-01 15:30:33 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_7ac.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"New Application"="C:\Program Files\TrojanHunter 4.7\THGuard.exe" [2007-09-05 13:55 523264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2007-04-19 13:33 271936]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 21:42 1404928]
"OFFICEKB"="C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe" [2007-03-18 19:44 387584]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-02-18 20:57 949376]
"FLMOFFICE4DMOUSE"="C:\Program Files\Labtec\Desktop\V5.1\moffice.exe" [2006-08-27 19:57 958464]
"BigDog303"="C:\WINDOWS\VM303_STI.EXE" [2005-06-23 11:13 61440]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 03:18 437160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideFastUserSwitching"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableChangePassword"= 0 (0x0)
"DisableLockWorkstation"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
"NoResolveSearch"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoLogoff"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.MSNAUDIO"= msnaudio.acm
"vidc.dvsd"= pdvcodec.dll
"msacm.ac3filter"= ac3filter.acm
"VIDC.MJPG"= pvmjpg21.dll
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4oD]
--a------ 2008-02-27 18:56 1032376 C:\Program Files\Kontiki\KHost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostSurf Reminder]
--a------ 2005-08-15 00:32 82037 C:\Program Files\GhostSurf Platinum\Privacy Control Center.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
--a------ 2008-02-27 18:56 1032376 C:\Program Files\Kontiki\KHost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"Copernic Desktop Search 2"="C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe
"AgenteADSL_15"=C:\Program Files\Telefonica\KitAIM\AimExDll.exe AimGestA.dll 7
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
"DMXLauncher"=C:\Program Files\Dell\Media Experience\DMXLauncher.exe
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe
"THGuard"="C:\Program Files\TrojanHunter 4.7\THGuard.exe"
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
"BigDog303"=C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"BigDog303"=C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\StubInstaller.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\WINDOWS\\system32\\dxdiag.exe"=
"C:\\Program Files\\utorrent\\utorrent.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\TVAnts\\Tvants.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"C:\\AV-CLS\\WGET.EXE"=
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"<NO NAME>"= "C:\\Program Files\\PPStream\\PPStream.exe" "C:\\Program Files\\PPStream\\PPStream.exe
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\Kontiki\\KService.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Zattoo\\Zattoo2.exe"=
"C:\\Program Files\\Zattoo\\zattood.exe"=
"C:\\Program Files\\SmartHide\\2\\SmartHide.exe"=
"C:\\Program Files\\SmartHide\\SmartHide.exe"=
"C:\\CCProxy\\CCProxy.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Labtec\\Desktop\\V5.1\\KBDAP32A.EXE"=
"C:\\WINDOWS\\system32\\java.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Maxthon2\\Modules\\MxDownloader\\MxDownloadServer.exe"=
"C:\\Program Files\\Maxthon2\\Maxthon.exe"=

R0 HWFProt;Hywave File Protector HWFProt;C:\WINDOWS\system32\Drivers\HWFProt.sys [2003-05-11 16:20]
R0 tdrpman;Acronis Try&Decide and Restore Points filter;C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2007-11-22 18:17]
R2 TryAndDecideService;Acronis Try And Decide Service;C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-09-14 05:01]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-04 07:00]
R3 tap0801;Smarthide TAP driver;C:\WINDOWS\system32\DRIVERS\tap0801.sys [2007-10-12 15:07]
R3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 00:01]
S3 CachemanXPService;CachemanXPService;C:\PROGRA~1\CACHEM~1\CachemanXP.exe [2008-03-03 22:39]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2007-11-14 21:40]
S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 10:31]
S3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 23:25]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-02-29 23:24]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - setup.exe
.
Contents of the 'Scheduled Tasks' folder

2008-08-31 C:\WINDOWS\Tasks\AWC Update.job
- C:\Program Files\IObit\Advanced WindowsCare 3 Beta\IObitUpdate.exe []

2008-08-31 C:\WINDOWS\Tasks\AWC Update.job
- C:\Program Files\IObit\Advanced WindowsCare 3 Beta\ [2008-08-31 21:27]

2008-09-01 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-01 17:36:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\ESET\nod32krn.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Labtec\Desktop\V5.1\mouse32a.exe
.
**************************************************************************
.
Completion time: 2008-09-01 17:46:46 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-01 15:46:32
ComboFix2.txt 2008-08-30 20:36:31
ComboFix3.txt 2007-01-22 20:21:45

Pre-Run: 5,344,325,632 bytes free
Post-Run: 5,358,325,760 bytes free

521 --- E O F --- 2008-08-31 21:42:40
Malwarebytes' Anti-Malware 1.25
Database version: 1102
Windows 5.1.2600 Service Pack 2

17:00:52 01/09/2008
mbam-log-09-01-2008 (17-00-37).txt

Scan type: Quick Scan
Objects scanned: 60328
Time elapsed: 7 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\DRam prosessor (Trojan.Agent) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
32 Bit HP CIO Components Installer
3D Groove Playback Engine
3GP Player 2008
AC3Filter (remove only)
Acrobat.com
Acrobat.com
Acronis True Image Home
Ad-Aware SE v1.06r1
Adobe Acrobat 8.1.2 Professional
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge 1.0
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color Common Settings
Adobe Color Common Settings
Adobe Color EU Recommended Settings
Adobe Color JA Extra Settings
Adobe Color NA Extra Settings
Adobe Common File Installer
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Flash Player ActiveX
Adobe Fonts All
Adobe Help Center 1.0
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS2
Adobe Reader 9
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Shockwave Player
Adobe SING CS3
Adobe Stock Photos 1.0
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced Disk Cleaner
Advanced WindowsCare 3 Beta
Agente ADSL USB
All Media Fixer 8.1
AMCap
AnyReader 2.0
Ashampoo Burning Studio 8.02
Ashampoo Movie Shrink & Burn 2
Ashampoo WinOptimizer 5.05
Autoplay Repair 2.2.1
AVG Anti-Rootkit Free
BBC iPlayer Download Manager
Belarc Advisor 7.2
Bit Che
Cabos
CCleaner (remove only)
CCProxy 6.61
CircleSurround II Plugin for Windows Media Player
CloneCD
CoffeeCup Visual Site Designer
Combined Community Codec Pack 2008-01-24
Comfort Keyboard 2.0
Conexant D850 56K V.9x DFVc Modem
dBpoweramp Music Converter
Dell Driver Reset Tool
Dell Media Experience
Dell Picture Studio v3.0
DigiMode Toolbar
Digital Line Detect
Diskeeper 2007 Pro Premier
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DriverMax 4
East-Tec Backup 2008 2.0
Easy Video Downloader v. 1.4.1
Eraser
Eraser
Error Messages for Windows
EVEREST Home Edition v2.20
Fotosizer 1.17
GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)
GDR 3068 for SQL Server Tools and Workstation Components 2005 ENU (KB948109)
GhostSurf 2007 Platinum
Glary Utilities 2.4
GOM Player
Google Talk (remove only)
HD Tune 2.53
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
honestech Video Editor
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
HP Customer Participation Program 11.0
HP Deskjet All-In-One Software 9.0
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
HP Imaging Device Functions 11.0
HP Print Diagnostic Utility
HP Product Detection
HP Solution Center 11.0
ImageMixer VCD/DVD2 for OLYMPUS
Intel(R) Extreme Graphics 2 Driver
Intel(R) Network Connections 13.0.42.0
Invisible IP Map
IrfanView (remove only)
ISOBURN 1.7
iTunes
IZArc 3.5 beta 3
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Java(TM) 6 Update 7
KillProcess 2.42
Labtec Desktop V5.1
Magic ISO Maker v5.4 (build 0247)
MagicDisc 2.6.93
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
Maxthon2 Browser (remove only)
MCU
MediaJoin
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5
Microsoft ActiveX Control Pad
Microsoft AutoRoute 2007
Microsoft Bootvis
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft Works 7.0
Modem Helper
ModemTest V1.3
MOVAVI VideoSuite 3.5
Mozilla Firefox (2.0.0.16)
MP3 Player Utilities 3.13
MP3 Player Utilities 3.68
MP3 Remix for Windows Media Player
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Multiple Image Resizer .NET
Nero OEM
NetWaiting
Nikon FotoShare
Nikon Message Center
NOD32 antivirus system
NOD32 FiX v2.1
OLYMPUS Master
Online Radio Tuner Standard Edition
OpenExpert 1.40
Opera
Opera 9.24
Opera 9.51
Paint.NET v3.22
Panda ActiveScan
PC Wizard 2008.1.84
PDF Settings
PicLens for Internet Explorer
PictureProject
Plato Video Joiner 4.33
Power Video Converter 1.5.52
PowerISO
Privoxy 3.0.6
Proxy Finder Enterprise Edition
ProxySwitcher Standard
Radio Station
RealPlayer
Registry Repair Wizard
RogueRemover 1.12
SAMSUNG Mobile Composite Device Software
Samsung PC Studio 3
Screenshot Captor 2.37.03
SDP Downloader
Secunia PSI (RC3)
Security Update for 2007 Microsoft Office System (KB951596)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB951546)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Office 2007 (KB934062)
Security Update for Office 2007 (KB934062)
Security Update for Office 2007 (KB934062)
Security Update for the 2007 Microsoft Office System (KB936960)
Security Update for the 2007 Microsoft Office System (KB936960)
Security Update for the 2007 Microsoft Office System (KB936960)
Security Update for Visio 2007 (KB947590)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Skype™ 3.8
Smart Menus (Windows Live Toolbar)
SmartHide 2.1.121
Sonic DLA
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
SopCast 3.0.0
SpeedTouch USB Software
Spybot - Search & Destroy
Spyware Doctor 6.0
System TuneUp
The Off By One Web Browser
The Ultimate Troubleshooter
TMPGEnc Plus 2.5
TMPGEnc Plus 2.5
Tor 0.1.2.19
Total Video Converter 2.41
Tracks Eraser Pro v7.0
TrojanHunter 4.7
TuneUp Utilities 2008
TurboFLOORPLAN Landscape & Deck
TVAnts 1.0
TVUPlayer 2.3.7.1
Ultra QuickTime Converter 2.2.0723
UnderCoverXP 1.14
Unlocker 1.8.5
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB932080)
Update for Office 2007 (KB932080)
Update for Office 2007 (KB932080)
Update for Office 2007 (KB934391)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb955433)
Update for Windows XP (KB932716)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB951072-v2)
URL Helper
VCDCutter
VCDEasy
Veetle TV Player 0.9.6
Veetle TV Player 0.9.6
Veoh Player
Vidalia 0.0.16
VideoLAN VLC media player 0.8.6i
Vimicro USB PC Camera (ZC0301PLH)
Virtools 3D Life Player
Volume Balancer 1.7
WinAVI Video Converter
Windows Defender
Windows Defender Signatures
Windows Imaging Component
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media P

Navigation

Webuser.co.uk

Web User Alerts

Web User Network

Site Policies

Magazine Subscription

Contacts

Search