Webuser Forums: HJT Log help needed

Thanks for the reply....

Log details as requested

ComboFix 08-03-25.4 - Matt 2008-03-26 16:19:59.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.977 [GMT 0:00]
Running from: C:\Users\Matt\Desktop\ComboFix.exe
* Created a new restore point
.
-- Script messages for sUBs --
Findstr -MIF:/ sursen
pv -d80000 * -t -l

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\bjam.dll
C:\Windows\mspphe.dll
C:\Windows\mssvr.exe
C:\Windows\saiemod.dll
C:\Windows\system32\systeminfo.dll
C:\Windows\system32\wer8274.dll
C:\Windows\voiceip.dll

.
((((((((((((((((((((((((( Files Created from 2008-02-26 to 2008-03-26 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-26 16:26 --------- d-----w C:\ProgramData\STOPzilla!
2008-03-26 16:22 312 ----a-w C:\Windows\system32\drivers\kgpfr2.cfg
2008-03-26 16:14 --------- d-----w C:\Users\Matt\AppData\Roaming\AVG7
2008-03-26 15:30 352,615 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
2008-03-26 09:02 1,359,360 ----a-w C:\Windows\Internet Logs\xDB8EA7.tmp
2008-03-26 08:12 --------- d-----w C:\Users\Matt\AppData\Roaming\uTorrent
2008-03-25 17:11 --------- d-----w C:\ProgramData\SITEguard
2008-03-25 15:48 1,593,344 ----a-w C:\Windows\Internet Logs\xDBB6FF.tmp
2008-03-25 15:48 1,354,240 ----a-w C:\Windows\Internet Logs\xDBBDB4.tmp
2008-03-22 15:33 --------- d-----w C:\Users\Matt\AppData\Roaming\Grisoft
2008-03-22 15:32 --------- d-----w C:\ProgramData\Grisoft
2008-03-22 15:16 --------- d-----w C:\Users\Matt\AppData\Roaming\Uniblue
2008-03-22 15:15 --------- d-----w C:\Program Files\Uniblue
2008-03-22 12:44 --------- d---a-w C:\ProgramData\TEMP
2008-03-22 12:02 --------- d-----w C:\Program Files\Spyware Doctor
2008-03-22 11:58 --------- d-----w C:\Users\Matt\AppData\Roaming\PC Tools
2008-03-22 11:48 --------- d-----w C:\Program Files\InterMute
2008-03-22 10:57 --------- d-----w C:\ProgramData\avg7
2008-03-22 10:45 --------- d-----w C:\ProgramData\CheckPoint
2008-03-22 10:45 --------- d-----w C:\Program Files\Zone Labs
2008-03-22 10:41 --------- d-----w C:\ProgramData\Rabio
2008-03-22 02:47 --------- d-----w C:\Program Files\Bat
2008-03-22 02:15 --------- d-----w C:\Program Files\STOPzilla!
2008-03-22 02:15 --------- d-----w C:\Program Files\Common Files\iS3
2008-03-22 00:51 --------- d-----w C:\ProgramData\Roxio
2008-03-21 23:45 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-03-21 23:23 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-21 23:13 --------- d-----w C:\Program Files\Trend Micro
2008-03-21 22:39 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
2008-03-21 22:33 --------- d-----w C:\ProgramData\Kaspersky Lab
2008-03-21 10:09 --------- d-----w C:\ProgramData\Avg8
2008-03-20 17:43 --------- d-----w C:\ProgramData\Skype
2008-03-20 17:31 --------- d-----w C:\Program Files\AVG
2008-03-18 18:33 --------- d-----w C:\ProgramData\Maxtor
2008-03-18 08:26 97 ----a-w C:\Extractor.bat
2008-03-17 16:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-17 16:08 --------- d-----w C:\Program Files\Maxtor
2008-03-16 20:33 27,240 ----a-w C:\Users\Matt\AppData\Roaming\nvModes.dat
2008-03-16 19:11 --------- d-----w C:\Program Files\ValuSoft
2008-03-13 16:24 --------- d-----w C:\ProgramData\Lavasoft
2008-03-13 16:23 --------- d-----w C:\Program Files\Lavasoft
2008-03-13 16:22 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-12 08:30 --------- d-----w C:\Program Files\Windows Mail
2008-03-07 15:14 --------- d-----w C:\Users\Matt\AppData\Roaming\Nokia
2008-03-07 10:04 229,376 ----a-r C:\Windows\System32\SZBase5.dll
2008-03-07 08:51 --------- d-----w C:\Program Files\Nokia
2008-03-04 23:09 --------- d-----w C:\Users\Matt\AppData\Roaming\PC Suite
2008-03-03 14:16 33,920 ----a-r C:\Windows\system32\drivers\SZKG.sys
2008-03-02 22:34 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-02 22:30 --------- d-----w C:\ProgramData\ALM
2008-03-02 21:54 --------- d-----w C:\Program Files\Bonjour
2008-03-02 21:49 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-03-02 18:42 --------- d-----w C:\Program Files\Windows Live
2008-03-02 18:41 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-02 18:39 --------- d-----w C:\ProgramData\WLInstaller
2008-03-02 10:30 --------- d-----w C:\Users\Matt\AppData\Roaming\TomTom
2008-03-02 10:30 --------- d-----w C:\Program Files\TomTom HOME 2
2008-02-23 11:13 --------- d-----w C:\ProgramData\BlazeVideo
2008-02-23 11:13 --------- d-----w C:\Program Files\BlazeVideo
2008-02-22 14:52 126,976 ----a-r C:\Windows\System32\IS3HTUI5.dll
2008-02-22 14:51 372,736 ----a-r C:\Windows\System32\IS3UI5.dll
2008-02-22 14:51 364,544 ----a-r C:\Windows\System32\IS3DBA5.dll
2008-02-22 14:50 61,440 ----a-r C:\Windows\System32\IS3Hks5.dll
2008-02-22 14:50 23,040 ----a-r C:\Windows\System32\IS3XDat5.dll
2008-02-22 14:50 192,512 ----a-r C:\Windows\System32\IS3Win325.dll
2008-02-22 14:49 94,208 ----a-r C:\Windows\System32\IS3Inet5.dll
2008-02-22 14:49 90,112 ----a-r C:\Windows\System32\IS3Svc5.dll
2008-02-22 14:45 708,608 ----a-r C:\Windows\System32\IS3Base5.dll
2008-02-13 03:07 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 03:07 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 03:03 806,400 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 03:01 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 03:01 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 03:01 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 03:01 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-05 18:58 --------- d-----w C:\Program Files\MagicISO
2008-02-01 12:55 42,376 ----a-w C:\Windows\system32\drivers\ikfilesec.sys
2008-01-28 21:00 --------- d-----w C:\Users\Matt\AppData\Roaming\Creative
2008-01-28 20:41 --------- d--h--w C:\Program Files\Creative Installation Information
2008-01-28 20:33 --------- d-----w C:\Program Files\Creative
2008-01-28 20:33 --------- d-----w C:\Program Files\Common Files\Creative
2008-01-28 20:29 --------- d-----w C:\ProgramData\Creative
2008-01-28 20:13 409,600 ----a-w C:\Windows\System32\wrap_oal.dll
2008-01-28 20:13 114,688 ----a-w C:\Windows\System32\OpenAL32.dll
2008-01-27 00:45 --------- d-----w C:\Program Files\Mozilla Sunbird
2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-01-10 03:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-09 03:31 1,086,952 ----a-w C:\Windows\System32\zpeng24.dll
2007-12-17 19:21 32 ----a-w C:\ProgramData\ezsid.dat
2007-10-25 15:50 0 ----a-w C:\Users\Matt\AppData\Roaming\wklnhst.dat
2007-09-13 13:18 174 --sha-w C:\Program Files\desktop.ini
2007-08-29 22:23 76 --sh--r C:\Windows\CT4CET.bin
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 12:35 125440]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 11:24 167368]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 12:36 201728]
"RemoteControl"="" []
"SetDefaultMIDI"="MIDIDef.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-30 06:01 1006264]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-04-18 03:31 159744]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-05-09 16:01 36864]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-08-29 22:17 77824]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 10:37 81920]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 10:22 221184]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-04-16 15:10 184320]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-03-16 10:50 17920]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 10:35 221184]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 12:20 227328]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-10-04 21:24 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-10-04 21:24 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-10-04 21:24 81920]
"NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2007-10-04 21:24 86016]
"MAAgent"="C:\Program Files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 20:36 57344]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]
"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-07 10:23 405504]
"CTSysVol"="C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43 57344]
"SbUsb AudCtrl"="sbusbdll.dll" [2004-07-09 02:27 119296 C:\Windows\System32\sbusbdll.dll]
"Creative SB Monitoring Utility"="sbavmon.dll" [2007-06-28 17:27 93696 C:\Windows\System32\SBAVMon.dll]
"Module Loader"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 15:43 57344]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 15:43 57344]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46 624248]
"Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40 1884160]
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-09-06 14:53 169264]
"MSServer"="C:\Windows\system32\ursrrqo.dll" [ ]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-03-21 22:38 579072]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-01-09 03:31 959976]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 14:58 1744896]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-03-21 22:39 219136]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 16:55:50 703280]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-08-29 22:21:13 50688]
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-08-29 22:20:12 45056]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 16:51 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2008-03-21 22:39 9216 C:\Windows\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{48305C11-2450-4AC8-9E21-304DA6A86A1F}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{F3CB169A-456C-40F4-854E-3B11DD597F74}"= C:\Program Files\Dell\MediaDirect\PowerCinema.exe:CyberLink PowerCinema
"{D42834DD-A6DD-4100-8D2D-49FC0CA0927D}"= C:\Program Files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{9D3BC2E1-0986-4AFC-BBD2-6B001C111F4D}"= C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{86465CE6-95DD-49BF-8054-7802D0FE1B1D}"= C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"TCP Query User{F547F305-B5E5-417D-960B-D3684E67AE21}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{6777CEBB-54F3-4BD5-B564-61D45DF00634}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{3CF80D06-103A-417E-B8DF-78F957BEE453}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{FE2961A1-4177-4442-A422-7A14AA6172BD}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{48961D3F-C9BA-47F8-859D-AD31069E5A14}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{6F5213C3-5A9A-4077-AD82-01224D692D4B}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{1539A08E-27D0-4968-B1F0-2B8E4D4023D3}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player
"{0E2BBD35-D0B2-4F4A-9619-7C48FD9418E3}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player
"TCP Query User{C9611BC6-4A95-4724-8F1F-F878F1230861}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{63A4E4C3-6EAB-4CCC-A3B4-1F38B2C69A9A}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{8AD35AF3-D181-4E2A-B839-422ADCDD3E93}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{AC67FAE7-35D5-4080-A75B-A546FD368990}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{E1FD88EF-0CE4-4D2B-B42B-62E153FE1B73}C:\\program files\\skype\\phone\\skype.exe"= UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{9F532F50-95C3-426E-8814-A10D6F64CF5D}C:\\program files\\skype\\phone\\skype.exe"= TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{21188A45-D5FB-4CE6-9265-EBCBCBBD3830}C:\\program files\\bitcomet\\bitcomet.exe"= Disabled:UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{84B25783-1610-41D1-98A3-13FFFC53605E}C:\\program files\\bitcomet\\bitcomet.exe"= Disabled:TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{CF47B527-5050-4DB9-AA14-2EC1FAF87AA5}C:\\program files\\quicktime\\quicktimeplayer.exe"= UDP:C:\program files\quicktime\quicktimeplayer.exe:QuickTime Player
"UDP Query User{DAA24047-7819-4237-B01F-B1CA17A66574}C:\\program files\\quicktime\\quicktimeplayer.exe"= TCP:C:\program files\quicktime\quicktimeplayer.exe:QuickTime Player
"{FB02AF49-F5E1-427E-8BC9-07273E68FCBA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0B5C81B1-1ACE-4526-A851-4E0B9A168C55}"= UDP:3703:Adobe Version Cue CS3 Server
"{39CEF71F-B120-47C8-9B22-CB3FD45C1681}"= UDP:3704:Adobe Version Cue CS3 Server
"{BFFD9471-446B-4994-A514-195712336CE3}"= UDP:50900:Adobe Version Cue CS3 Server
"{4DD48DB4-130B-46A8-A213-F791EADD3C69}"= UDP:50901:Adobe Version Cue CS3 Server
"{8E5DE8AC-66E9-4FED-8BDF-840A8A407A25}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{0EADFB2D-7B44-499F-981C-ACF435685A51}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"TCP Query User{D28EF8F2-B2D8-47AB-8B67-7DCB776E3E8B}C:\\kav\\kis7.0\\english\\setup.exe"= UDP:C:\kav\kis7.0\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{71EB7E29-2511-4772-9999-F2FA2F3E6826}C:\\kav\\kis7.0\\english\\setup.exe"= TCP:C:\kav\kis7.0\english\setup.exe:Kaspersky Internet Security 7.0 Setup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 szkg5;szkg;C:\Windows\system32\DRIVERS\szkg.sys [2008-03-03 14:16]
R1 nltdi;nltdi;C:\Windows\system32\drivers\nltdi.sys [2007-04-23 11:03]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\system32\aestsrv.exe [2007-08-29 13:25]
R2 Maxtor Sync Service;Maxtor Service;"C:\Program Files\Maxtor\Sync\SyncServices.exe" [2007-09-28 12:24]
R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-09-05 14:43]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 00:39]
R3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-07-17 16:02]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-03-06 02:45]
S3 btwaudio;Bluetooth Audio Device Service;C:\Windows\system32\drivers\btwaudio.sys [2006-11-07 01:37]
S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys [2006-11-06 23:13]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-06 23:13]
S3 ce6230;Intel CE6230 Standalone USB Driver;C:\Windows\system32\DRIVERS\CE6230StandaloneDriver.sys [2007-04-27 09:13]
S3 ce6230BDACAP;Realfine CE6230 BDA Driver;C:\Windows\system32\DRIVERS\CE6230BDA.sys [2007-04-27 03:29]
S3 CE9500;CE9500.Sys driver;C:\Windows\system32\Drivers\ce9500.sys [2007-11-29 10:12]
S3 ksaud;Creative USB Audio Driver;C:\Windows\system32\drivers\ksaud.sys [2007-08-06 16:36]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 07:36]
S3 RimSerPort;RIM Virtual Serial Port;C:\Windows\system32\DRIVERS\RimSerial.sys [2005-08-16 13:02]
S3 wrssweep;Webroots Volume Access Driver;C:\Program Files\Webroot\Washer\wrssweep.sys [2007-09-05 14:43]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\Launch.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32678c06-f433-11dc-817f-00197eda99f5}]
\shell\AutoRun\command - H:\Launch.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e047221-8629-11dc-9b21-00197eda99f5}]
\shell\AutoRun\command - F:\OblivionLauncher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e63c905-f1ca-11dc-8154-00197eda99f5}]
\shell\AutoRun\command - G:\setup.exe

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-26 16:26:42
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-26 16:27:16
ComboFix-quarantined-files.txt 2008-03-26 16:27:12
.
2008-03-26 15:14:41 --- E O F ---

Post Extras