Thread: Multiple serious problems...
View Single Post
Old 10-21-2007, 04:26 AM   #7 (permalink)
SANDWICHMASTA
Registered User
 
Join Date: Oct 2007
Posts: 22
OS: xp sp2


Re: Multiple serious problems...
Yes, I did have FolderLock installed. but only for a bit cause I did'nt like the way it worked. I uninstalled it a long time ago, like 3-4 months maybe.

Deckard's System Scanner v20071014.68
Run by Chris on 2007-10-21 02:35:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Chris.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:35:40 AM, on 10/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
F:\chris's Shiz\Programs and such\ramboosteraksdasd\RAMBoosterPro.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trillian\trillian.exe
C:\Documents and Settings\Chris\desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Chris.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [RAMBoosterPro] "F:\chris's Shiz\Programs and such\ramboosteraksdasd\RAMBoosterPro.exe" auto
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\system32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKUS\S-1-5-21-329068152-1708537768-839522115-1007\..\Run: [SetDefaultMIDI] MIDIDef.exe (User '?')
O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AOL Instant Messenger (SM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.2.4.3...-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.2.4.3...-ob-assets.cab
O16 - DPF: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} (Microsoft VM) - file://D:\GAMES\msjavx86_3805.exe
O16 - DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} (SkillJamLoader Class) - http://aol.skilljam.com/ssp/SkillJamLoader.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.3/g_bin/eng/cards_2_0_0_65.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {41D1977F-4161-4720-800F-EA4903983A38} (Jigsaw Genius Control) - http://www.worldwinner.com/games/v42/jigsaw/jigsaw.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} (WordMojo Control) - http://www.worldwinner.com/games/v45...o/wordmojo.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/be...ploader_v7.cab
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7314 bytes

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

2 Alerter - c:\windows\system32\svchost.exe
3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe
3 AppMgmt (Application Management) - c:\windows\system32\svchost.exe
2 AudioSrv (Windows Audio) - c:\windows\system32\svchost.exe
2 AVG Anti-Spyware Guard - c:\program files\grisoft\avg anti-spyware 7.5\guard.exe <Verified; GRISOFT s.r.o.; AVG Anti-Spyware>
2 BITS (Background Intelligent Transfer Service) - c:\windows\system32\svchost.exe
2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - c:\program files\bonjour\mdnsresponder.exe
3 Browser (Computer Browser) - c:\windows\system32\svchost.exe
3 CiSvc (Indexing Service) - c:\windows\system32\cisvc.exe
4 ClipSrv (ClipBook) - c:\windows\system32\clipsrv.exe
3 COMSysApp (COM+ System Application) - c:\windows\system32\dllhost.exe
2 Creative Service for CDROM Access - c:\windows\system32\ctsvccda.exe <Not Verified; Creative Technology Ltd; Creative Service for CDROM Access>
2 CryptSvc (Cryptographic Services) - c:\windows\system32\svchost.exe
2 DcomLaunch (DCOM Server Process Launcher) - c:\windows\system32\svchost
2 Dhcp (DHCP Client) - c:\windows\system32\svchost.exe
3 dmadmin (Logical Disk Manager Administrative Service) - c:\windows\system32\dmadmin.exe
2 dmserver (Logical Disk Manager) - c:\windows\system32\svchost.exe
3 Dnscache (DNS Client) - c:\windows\system32\svchost.exe
2 ERSvc (Error Reporting Service) - c:\windows\system32\svchost.exe
2 Eventlog (Event Log) - c:\windows\system32\services.exe
3 EventSystem (COM+ Event System) - c:\windows\system32\svchost.exe
3 FastUserSwitchingCompatibility (Fast User Switching Compatibility) - c:\windows\system32\svchost.exe
3 FLEXnet Licensing Service - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
2 helpsvc (Help and Support) - c:\windows\system32\svchost.exe
2 HidServ (HID Input Service) - c:\windows\system32\svchost.exe
3 HTTPFilter (HTTP SSL) - c:\windows\system32\svchost.exe
3 ImapiService (IMAPI CD-Burning COM Service) - c:\windows\system32\imapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2 lanmanserver (Server) - c:\windows\system32\svchost.exe
2 lanmanworkstation (Workstation) - c:\windows\system32\svchost.exe
2 LexBceS (LexBce Server) - c:\windows\system32\lexbces.exe <Not Verified; Lexmark International, Inc.; MarkVision for Windows (32 bit)>
3 LmHosts (TCP/IP NetBIOS Helper) - c:\windows\system32\svchost.exe
4 Messenger - c:\windows\system32\svchost.exe
3 mnmsrvc (NetMeeting Remote Desktop Sharing) - c:\windows\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
3 MSIServer (Windows Installer) - c:\windows\system32\msiexec.exe
4 NetDDE (Network DDE) - c:\windows\system32\netdde.exe
4 NetDDEdsdm (Network DDE DSDM) - c:\windows\system32\netdde.exe
3 Netlogon (Net Logon) - c:\windows\system32\lsass.exe
3 Netman (Network Connections) - c:\windows\system32\svchost.exe
3 Nla (Network Location Awareness (NLA)) - c:\windows\system32\svchost.exe
2 NOD32krn (NOD32 Kernel Service) - c:\program files\eset\nod32krn.exe
3 NtLmSsp (NT LM Security Support Provider) - c:\windows\system32\lsass.exe
3 NtmsSvc (Removable Storage) - c:\windows\system32\svchost.exe
2 NVSvc (NVIDIA Display Driver Service) - c:\windows\system32\nvsvc32.exe
2 PlugPlay (Plug and Play) - c:\windows\system32\services.exe
2 PolicyAgent (IPSEC Services) - c:\windows\system32\lsass.exe
2 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe
3 RasAuto (Remote Access Auto Connection Manager) - c:\windows\system32\svchost.exe
3 RasMan (Remote Access Connection Manager) - c:\windows\system32\svchost.exe
3 RDSessMgr (Remote Desktop Help Session Manager) - c:\windows\system32\sessmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
4 RemoteAccess (Routing and Remote Access) - c:\windows\system32\svchost.exe
3 RemoteRegistry (Remote Registry) - c:\windows\system32\svchost.exe
3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe
2 RpcSs (Remote Procedure Call (RPC)) - c:\windows\system32\svchost
3 RSVP (QoS RSVP) - c:\windows\system32\rsvp.exe
2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe
3 SCardSvr (Smart Card) - c:\windows\system32\scardsvr.exe
2 Schedule (Task Scheduler) - c:\windows\system32\svchost.exe
2 seclogon (Secondary Logon) - c:\windows\system32\svchost.exe
2 SENS (System Event Notification) - c:\windows\system32\svchost.exe
2 SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - c:\windows\system32\svchost.exe
2 ShellHWDetection (Shell Hardware Detection) - c:\windows\system32\svchost.exe
2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe
2 srservice (System Restore Service) - c:\windows\system32\svchost.exe
3 SSDPSRV (SSDP Discovery Service) - c:\windows\system32\svchost.exe
2 stisvc (Windows Image Acquisition (WIA)) - c:\windows\system32\svchost.exe
3 SwPrv (MS Software Shadow Copy Provider) - c:\windows\system32\dllhost.exe
3 SysmonLog (Performance Logs and Alerts) - c:\windows\system32\smlogsvc.exe
3 TapiSrv (Telephony) - c:\windows\system32\svchost.exe
3 TermService (Terminal Services) - c:\windows\system32\svchost
2 Themes - c:\windows\system32\svchost.exe
4 TlntSvr (Telnet) - c:\windows\system32\tlntsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
3 TrkWks (Distributed Link Tracking Client) - c:\windows\system32\svchost.exe
2 UMWdf (Windows User Mode Driver Framework) - c:\windows\system32\wdfmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
3 upnphost (Universal Plug and Play Device Host) - c:\windows\system32\svchost.exe
3 UPS (Uninterruptible Power Supply) - c:\windows\system32\ups.exe
3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe
3 W32Time (Windows Time) - c:\windows\system32\svchost.exe
2 WebClient - c:\windows\system32\svchost.exe
2 winmgmt (Windows Management Instrumentation) - c:\windows\system32\svchost.exe
3 WmdmPmSN (Portable Media Serial Number Service) - c:\windows\system32\svchost.exe
3 Wmi (Windows Management Instrumentation Driver Extensions) - c:\windows\system32\svchost.exe
3 WmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2 wscsvc (Security Center) - c:\windows\system32\svchost.exe
2 wuauserv (Automatic Updates) - c:\windows\system32\svchost.exe
4 WZCSVC (Wireless Zero Configuration) - c:\windows\system32\svchost.exe
3 xmlprov (Network Provisioning Service) - c:\windows\system32\svchost.exe


-- Files created between 2007-09-21 and 2007-10-21 -----------------------------

2007-10-20 13:58:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-10-20 01:17:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-10-20 00:58:30 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys <Not Verified; GRISOFT, s.r.o.; AVG7 Clean Driver>
2007-10-20 00:58:26 0 d-------- C:\Program Files\Grisoft
2007-10-20 00:55:54 0 dr-h----- C:\Documents and Settings\Chris\Recent
2007-10-20 00:52:38 0 d-------- C:\Program Files\CCleaner
2007-10-20 00:49:43 0 d-------- C:\Deckard
2007-10-18 19:05:38 0 d-------- C:\WINDOWS\TEMP
2007-10-18 19:05:05 0 d-------- C:\WINDOWS\erdnt
2007-10-18 19:02:27 0 d-------- C:\qoobox
2007-10-18 19:02:17 51200 --a------ C:\WINDOWS\NirCmd.exe <Not Verified; NirSoft; NirCmd>
2007-10-18 19:02:16 135168 --a------ C:\WINDOWS\catchme.exe
2007-10-18 19:02:15 49152 --a------ C:\WINDOWS\system32\VFind.exe
2007-10-18 19:02:15 212480 --a------ C:\WINDOWS\system32\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2007-10-18 19:02:15 370688 --a------ C:\WINDOWS\system32\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2007-10-18 19:02:15 279552 --a------ C:\WINDOWS\system32\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2007-10-18 19:02:06 0 d-------- C:\ComboFix
2007-10-15 01:05:09 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-11 12:47:50 536403968 --ahs---- C:\hiberfil.sys
2007-10-11 12:46:20 0 d-------- C:\Documents and Settings\Administrator.MIKE6-1-81\Application Data\Mozilla
2007-10-10 19:38:11 0 d-------- C:\Program Files\RegCure
2007-10-10 01:01:37 0 d-------- C:\RM
2007-10-10 00:52:17 0 d-------- C:\Program Files\Trend Micro
2007-10-09 00:30:02 0 d--h----- C:\Documents and Settings\Administrator.MIKE6-1-81\Templates
2007-10-09 00:30:02 0 dr------- C:\Documents and Settings\Administrator.MIKE6-1-81\Start Menu
2007-10-09 00:30:02 0 dr-h----- C:\Documents and Settings\Administrator.MIKE6-1-81\SendTo
2007-10-09 00:30:02 0 d--h----- C:\Documents and Settings\Administrator.MIKE6-1-81\Recent
2007-10-09 00:30:02 0 d--h----- C:\Documents and Settings\Administrator.MIKE6-1-81\PrintHood
2007-10-09 00:30:02 0 d--h----- C:\Documents and Settings\Administrator.MIKE6-1-81\NetHood
2007-10-09 00:30:02 0 d-------- C:\Documents and Settings\Administrator.MIKE6-1-81\My Documents
2007-10-09 00:30:02 0 d--h----- C:\Documents and Settings\Administrator.MIKE6-1-81\Local Settings
2007-10-09 00:30:02 0 d-------- C:\Documents and Settings\Administrator.MIKE6-1-81\Favorites
2007-10-09 00:30:02 0 d-------- C:\Documents and Settings\Administrator.MIKE6-1-81\Desktop
2007-10-09 00:30:02 0 d---s---- C:\Documents and Settings\Administrator.MIKE6-1-81\Cookies
2007-10-09 00:30:02 0 dr-h----- C:\Documents and Settings\Administrator.MIKE6-1-81\Application Data
2007-10-09 00:30:02 0 d---s---- C:\Documents and Settings\Administrator.MIKE6-1-81\Application Data\Microsoft
2007-10-09 00:30:01 786432 --ah----- C:\Documents and Settings\Administrator.MIKE6-1-81\NTUSER.DAT
2007-10-08 16:23:03 0 d-------- C:\Program Files\AOD
2007-10-08 14:47:14 0 d-------- C:\Documents and Settings\mike.MIKE6-1-81\Application Data\Media Player Classic
2007-10-08 14:46:54 0 d-------- C:\Documents and Settings\mike.MIKE6-1-81\Application Data\DivX
2007-10-08 14:45:21 221184 --a------ C:\WINDOWS\system32\wmpns.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows Media Player>
2007-10-08 02:08:27 125 --a------ C:\WINDOWS\system32\svchost
2007-10-04 18:04:52 0 d-------- C:\Program Files\Trillian
2007-10-04 02:07:54 0 d-------- C:\Documents and Settings\Chris\Incomplete
2007-10-04 02:07:44 0 d-------- C:\Documents and Settings\Chris\Application Data\LimeWire
2007-10-04 02:07:24 0 d-------- C:\Program Files\LimeWire
2007-10-03 11:44:25 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2007-10-03 11:41:20 0 d-------- C:\Program Files\World of Warcraft
2007-10-02 22:43:42 139264 --a------ C:\WINDOWS\system32\javaws.exe <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U3>
2007-10-02 22:43:42 135168 --a------ C:\WINDOWS\system32\javaw.exe <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U3>
2007-10-02 22:43:41 135168 --a------ C:\WINDOWS\system32\java.exe <Not Verified; Sun Microsystems, Inc.; Java(TM) Platform SE 6 U3>
2007-09-30 22:52:46 0 d-------- C:\Documents and Settings\Chris\Application Data\Sun
2007-09-30 20:41:31 0 d-------- C:\Program Files\Java
2007-09-30 20:40:46 0 d-------- C:\Program Files\Common Files\Java
2007-09-30 20:40:26 671 --a------ C:\WINDOWS\mozver.dat
2007-09-29 04:56:11 299392 --a------ C:\WINDOWS\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2007-09-29 04:56:11 15424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-09-29 04:56:11 512096 --a------ C:\WINDOWS\system32\drivers\amon.sys <Verified; Eset; NOD32 Antivirus System>
2007-09-27 17:56:09 0 d---s---- C:\Documents and Settings\Chris\UserData
2007-09-27 12:08:59 0 d-------- C:\Documents and Settings\mike.MIKE6-1-81\Application Data\Mozilla
2007-09-26 09:59:16 0 d-------- C:\Program Files\Eset
2007-09-26 03:56:01 0 d--h---c- C:\WINDOWS\$NtUninstallKB927779$
2007-09-26 03:55:55 0 d--h---c- C:\WINDOWS\$NtUninstallKB927802$
2007-09-26 03:55:49 0 d--h---c- C:\WINDOWS\$NtUninstallKB922819$
2007-09-26 03:55:42 0 d--h---c- C:\WINDOWS\$NtUninstallKB923414$
2007-09-26 03:55:33 0 d--h---c- C:\WINDOWS\$NtUninstallKB928255$
2007-09-26 03:55:23 0 d--h---c- C:\WINDOWS\$NtUninstallKB931784$
2007-09-26 03:55:16 0 d--h---c- C:\WINDOWS\$NtUninstallKB920685$
2007-09-26 03:55:09 0 d--h---c- C:\WINDOWS\$NtUninstallKB923980$
2007-09-26 03:55:03 0 d--h---c- C:\WINDOWS\$NtUninstallKB936021$
2007-09-26 03:54:57 0 d--h---c- C:\WINDOWS\$NtUninstallKB938828$
2007-09-26 03:54:52 0 d--h---c- C:\WINDOWS\$NtUninstallKB924667$
2007-09-26 03:54:45 0 d--h---c- C:\WINDOWS\$NtUninstallKB924270$
2007-09-26 03:54:40 0 d--h---c- C:\WINDOWS\$NtUninstallKB931261$
2007-09-26 03:54:34 0 d--h---c- C:\WINDOWS\$NtUninstallKB924496$
2007-09-26 03:54:27 0 d--h---c- C:\WINDOWS\$NtUninstallKB927891$
2007-09-26 03:54:21 0 d--h---c- C:\WINDOWS\$NtUninstallKB936357$
2007-09-26 03:54:16 0 d--h---c- C:\WINDOWS\$NtUninstallKB921503$
2007-09-26 03:54:11 0 d--h---c- C:\WINDOWS\$NtUninstallKB938829$
2007-09-26 03:54:06 0 d--h---c- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2007-09-26 03:53:45 0 d--h---c- C:\WINDOWS\$NtUninstallKB925902$
2007-09-26 03:53:38 0 d--h---c- C:\WINDOWS\$NtUninstallKB929123$
2007-09-26 03:53:33 0 d--h---c- C:\WINDOWS\$NtUninstallKB920670$
2007-09-26 03:52:36 0 d--h---c- C:\WINDOWS\$NtUninstallKB926436$
2007-09-26 03:52:28 0 d--h---c- C:\WINDOWS\$NtUninstallKB920872$
2007-09-26 03:52:20 0 d--h---c- C:\WINDOWS\$NtUninstallKB930178$
2007-09-26 03:52:14 0 d--h---c- C:\WINDOWS\$NtUninstallKB919007$
2007-09-26 03:52:09 0 d--h---c- C:\WINDOWS\$NtUninstallKB932168$
2007-09-26 03:52:03 0 d--h---c- C:\WINDOWS\$NtUninstallKB923191$
2007-09-26 03:51:56 0 d--h---c- C:\WINDOWS\$NtUninstallKB922582$
2007-09-26 03:51:48 0 d--h---c- C:\WINDOWS\$NtUninstallKB918118$
2007-09-26 03:51:42 0 d--h---c- C:\WINDOWS\$NtUninstallKB926255$
2007-09-26 03:51:37 0 d--h---c- C:\WINDOWS\$NtUninstallKB938127$
2007-09-26 03:51:31 0 d--h---c- C:\WINDOWS\$NtUninstallKB920213$
2007-09-26 03:51:25 0 d--h---c- C:\WINDOWS\$NtUninstallKB933360$
2007-09-26 03:51:20 0 d--h---c- C:\WINDOWS\$NtUninstallKB935840$
2007-09-26 03:51:15 0 d--h---c- C:\WINDOWS\$NtUninstallKB930916$
2007-09-26 03:51:09 0 d--h---c- C:\WINDOWS\$NtUninstallKB923689$
2007-09-26 03:50:41 0 d--h---c- C:\WINDOWS\$NtUninstallKB937143$
2007-09-26 03:50:33 0 d--h---c- C:\WINDOWS\$NtUninstallKB935839$
2007-09-26 03:50:27 0 d--h---c- C:\WINDOWS\$NtUninstallKB920683$
2007-09-26 03:50:20 0 d--h---c- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2007-09-26 03:49:51 0 d--h---c- C:\WINDOWS\$NtUninstallKB928843$
2007-09-26 02:09:12 0 d-------- C:\Program Files\WiFiConnector
2007-09-26 02:07:46 162944 --a------ C:\WINDOWS\system32\drivers\RT25USBAP.SYS <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
2007-09-26 01:54:53 0 d-------- C:\Program Files\uTorrent
2007-09-26 01:54:50 0 d-------- C:\Documents and Settings\Chris\Application Data\uTorrent
2007-09-26 01:52:18 0 d-------- C:\Program Files\DSL Speed
2007-09-25 20:25:31 0 d-------- C:\Program Files\Yahoo!
2007-09-25 20:25:20 929792 -ra------ C:\WINDOWS\system32\PRISME5.dll <Not Verified; Meetinghouse Data Communications; AEGIS Client API>
2007-09-25 20:25:20 15781 -ra------ C:\WINDOWS\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
2007-09-25 20:24:16 0 d-------- C:\Program Files\2Wire


-- Find3M Report ---------------------------------------------------------------

2007-10-20 21:07:18 0 d-------- C:\Program Files\Mozilla Firefox
2007-10-20 20:53:40 2048 --a-s---- C:\WINDOWS\bootstat.dat
2007-10-20 20:53:37 805306368 --ahs---- C:\pagefile.sys
2007-10-15 01:05:09 0 d-------- C:\Program Files\Common Files
2007-10-11 12:39:13 0 d-------- C:\Program Files\Common Files\AOL
2007-10-11 12:39:12 0 d-------- C:\Documents and Settings\Chris\Application Data\AOL
2007-10-08 16:51:07 0 d-------- C:\Documents and Settings\Chris\Application Data\Creative
2007-10-01 22:35:02 0 d-------- C:\Program Files\Microsoft Xbox 360 Accessories
2007-09-27 17:50:01 0 d---s---- C:\Documents and Settings\Chris\Application Data\Microsoft
2007-09-26 08:41:53 90296 --a------ C:\WINDOWS\system32\FNTCACHE.DAT
2007-09-26 03:53:41 0 d-------- C:\Program Files\Outlook Express
2007-09-26 03:53:40 0 d-------- C:\Program Files\Common Files\System
2007-09-26 03:50:48 0 d-------- C:\Program Files\Internet Explorer
2007-09-26 02:04:08 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-26 02:01:34 0 d-------- C:\Program Files\Symantec
2007-09-25 20:25:19 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-09-05 19:50:44 17474680 --a------ C:\WINDOWS\system32\MRT.exe <Verified; Microsoft Corporation; Microsoft Windows Malicious Software Removal Tool>
2007-08-20 17:37:34 1469312 --a------ C:\WINDOWS\system32\LegitCheckControl.DLL <Verified; Microsoft Corporation; Windows Genuine Advantage>
2007-07-30 19:19:42 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 19:19:36 549720 --a------ C:\WINDOWS\system32\wuapi.dll <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 19:19:32 325976 --a------ C:\WINDOWS\system32\wucltui.dll <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 19:19:28 203096 --a------ C:\WINDOWS\system32\wuweb.dll <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 19:19:20 92504 --a------ C:\WINDOWS\system32\cdm.dll <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 19:19:16 53080 --a------ C:\WINDOWS\system32\wuauclt.exe <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 19:19:12 43352 --a------ C:\WINDOWS\system32\wups2.dll <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 19:18:40 33624 --a------ C:\WINDOWS\system32\wups.dll <Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [02/24/2005 07:32 AM]
"nwiz"="nwiz.exe" [02/24/2005 07:32 AM C:\WINDOWS\system32\nwiz.exe]
"AOL Spyware Protection"="C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" []
"P17Helper"="P17.dll" [05/03/2005 04:38 AM C:\WINDOWS\system32\P17.dll]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [10/31/2005 10:51 AM]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 01:00 AM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [03/23/2005 04:26 PM]
"RAMBoosterPro"="F:\chris's Shiz\Programs and such\ramboosteraksdasd\RAMBoosterPro.exe" [08/02/2006 09:49 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [06/29/2007 06:24 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"PRISMSVR.EXE"="C:\WINDOWS\system32\PRISMSVR.exe" []
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [09/29/2007 12:40 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [09/26/2007 06:05 PM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [10/20/2007 01:04 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [12/03/2002 02:16 AM C:\WINDOWS\MIDIDEF.EXE]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Spike^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
path=C:\Documents and Settings\Spike\Start Menu\Programs\Startup\PowerReg Scheduler.exe
backup=C:\WINDOWS\pss\PowerReg Scheduler.exeStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
"C:\Program Files\America Online 9.0c\AOL.EXE" -b

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection]
"C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMUpdate]
C:\WINDOWS\system32\BMUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1118837898\EE\AOLHostManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
C:\Program Files\Scansoft\PaperPort\IndexSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mirabilis ICQ]
C:\Program Files\ICQ\NDetect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneTouch Monitor]
C:\Program Files\Visioneer OneTouch\OneTouchMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"C:\Program Files\Winamp\Winampa.exe"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
AutoRun\command- G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{390db900-2534-11dc-a1d3-00038a000015}]
AutoRun\command- G:\LaunchU3.exe -a




-- End of Deckard's System Scanner: finished at 2007-10-21 02:36:31 ------------


Combofix:
ComboFix 07-10-17.8 - Chris 2007-10-18 19:02:42.1 - NTFSx86
Running from: H:\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\a.exe
C:\WINDOWS\system32\a.exe

.
((((((((((((((((((((((((( Files Created from 2007-09-19 to 2007-10-19 )))))))))))))))))))))))))))))))
.

2007-10-18 19:02 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-15 01:05 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-10 19:38 <DIR> d-------- C:\Program Files\RegCure
2007-10-10 01:01 <DIR> d-------- C:\RM
2007-10-10 00:52 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-08 16:23 <DIR> d-------- C:\Program Files\AOD
2007-10-08 14:45 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-10-04 18:04 <DIR> d-------- C:\Program Files\Trillian
2007-10-04 02:07 <DIR> d-------- C:\Program Files\LimeWire
2007-10-04 02:07 <DIR> d-------- C:\Documents and Settings\Chris\Application Data\LimeWire
2007-10-03 11:44 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment
2007-10-03 11:41 <DIR> d-------- C:\Program Files\World of Warcraft
2007-09-30 20:41 <DIR> d-------- C:\Program Files\Java
2007-09-30 20:40 <DIR> d-------- C:\Program Files\Common Files\Java
2007-09-30 20:40 671 --a------ C:\WINDOWS\mozver.dat
2007-09-29 04:56 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-09-29 04:56 299,392 --a------ C:\WINDOWS\system32\imon.dll
2007-09-29 04:56 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-09-26 02:09 <DIR> d-------- C:\Program Files\WiFiConnector
2007-09-26 02:07 162,944 --a------ C:\WINDOWS\system32\drivers\RT25USBAP.SYS
2007-09-26 01:54 <DIR> d-------- C:\Program Files\uTorrent
2007-09-26 01:54 <DIR> d-------- C:\Documents and Settings\Chris\Application Data\uTorrent
2007-09-26 01:52 <DIR> d-------- C:\Program Files\DSL Speed
2007-09-25 20:25 <DIR> d-------- C:\Program Files\Yahoo!
2007-09-25 20:25 929,792 -ra------ C:\WINDOWS\system32\PRISME5.dll
2007-09-25 20:25 15,781 -ra------ C:\WINDOWS\system32\drivers\mdc8021x.sys
2007-09-25 20:24 <DIR> d-------- C:\Program Files\2Wire

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-11 19:39 --------- d-----w C:\Program Files\Common Files\AOL
2007-10-11 19:39 --------- d-----w C:\Documents and Settings\Chris\Application Data\AOL
2007-10-11 19:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-10-08 23:51 --------- d-----w C:\Documents and Settings\Chris\Application Data\Creative
2007-10-02 05:35 --------- d-----w C:\Program Files\Microsoft Xbox 360 Accessories
2007-09-26 09:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-09-26 09:04 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-09-26 09:01 --------- d-----w C:\Program Files\Symantec
2007-09-26 03:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-31 02:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-31 02:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-31 02:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-31 02:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-31 02:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-31 02:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-31 02:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-31 02:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2005-06-13 23:23 921,654 ----a-w C:\Program Files\008.bmp
2005-06-13 23:23 921,654 ----a-w C:\Program Files\007.bmp
2005-06-13 23:23 921,654 ----a-w C:\Program Files\006.bmp
2005-06-13 23:23 921,654 ----a-w C:\Program Files\005.bmp
2005-06-13 23:23 921,654 ----a-w C:\Program Files\004.bmp
2005-06-13 23:23 921,654 ----a-w C:\Program Files\003.bmp
2005-06-13 23:23 921,654 ----a-w C:\Program Files\002.bmp
2005-06-13 23:23 921,654 ----a-w C:\Program Files\001.bmp
2005-06-13 23:18 921,654 ----a-w C:\Program Files\009.bmp
2005-06-13 23:18 1,541 ----a-w C:\Program Files\008.wav
2005-06-01 09:52 8 --sh--w C:\Documents and Settings\All Users\DRM\pdrm.dat
2002-09-24 15:24 61,440 ----a-w C:\WINDOWS\inf\i386\onetUSD.dll
2002-07-09 15:23 36,864 ----a-w C:\WINDOWS\inf\i386\Vizmicro.dll
2002-05-20 15:20 172,032 ----a-w C:\WINDOWS\inf\i386\viceo.dll
2002-05-20 15:02 225,280 ----a-w C:\WINDOWS\inf\i386\rtscan.dll
2001-09-05 16:14 40,960 ----a-w C:\WINDOWS\inf\i386\CopyInf.exe
2001-08-04 01:29 13,824 ----a-w C:\WINDOWS\inf\i386\Usbscan.sys
2007-06-20 02:52:48 8 --sh--r C:\WINDOWS\system32\573F8C5CD3.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-02-24 07:32]
"nwiz"="nwiz.exe" [2005-02-24 07:32 C:\WINDOWS\system32\nwiz.exe]
"AOL Spyware Protection"="C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" []
"P17Helper"="P17.dll" [2005-05-03 04:38 C:\WINDOWS\system32\P17.dll]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 10:51]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2005-03-23 16:26]
"RAMBoosterPro"="F:\chris's Shiz\Programs and such\ramboosteraksdasd\RAMBoosterPro.exe" [2006-08-02 21:49]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"PRISMSVR.EXE"="C:\WINDOWS\system32\PRISMSVR.exe" []
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-09-29 12:40]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 18:05]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2002-12-03 02:16 C:\WINDOWS\MIDIDEF.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Spike^Start Menu^Programs^Startup^PowerReg Scheduler.exe]
path=C:\Documents and Settings\Spike\Start Menu\Programs\Startup\PowerReg Scheduler.exe
backup=C:\WINDOWS\pss\PowerReg Scheduler.exeStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
"C:\Program Files\America Online 9.0c\AOL.EXE" -b

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Spyware Protection]
"C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMUpdate]
C:\WINDOWS\system32\BMUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1118837898\EE\AOLHostManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
C:\Program Files\Scansoft\PaperPort\IndexSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mirabilis ICQ]
C:\Program Files\ICQ\NDetect.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneTouch Monitor]
C:\Program Files\Visioneer OneTouch\OneTouchMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"C:\Program Files\Winamp\Winampa.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{390db900-2534-11dc-a1d3-00038a000015}]
AutoRun\command - G:\LaunchU3.exe -a

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2007-10-04 20:15:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
"2007-10-11 02:38:15 C:\WINDOWS\Tasks\RegCure Program Check.job"
"2007-10-11 02:38:15 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2005-06-15 16:45:52 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-18 19:04:54
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-18 19:05:27
.
--- E O F ---

Like I staed before, I'm unable to copy and paste (unless its from notepad for some reason), so I'm trying my best to enter these commands manualy. I got the dss thing throught, but i'm having trouble entering the check.bat thing, this is exactly what i typed in:

reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost" /s C:\svchost.txt
::

Yet it quickly flashes a command prompt that, through multiple trys(as in:over and over) I was able to determine it saying invalid command. Did I mess up somewhere?
SANDWICHMASTA is offline