ianjones2003

Hello again

I've run CombFix and attached the log. I tried to run Panda ActiveScan again, twice, but both times it exited partway through back to my desktop without completing so can't add a log from that.

Regards

Ian


ComboFix 08-06-11.7 - Ian and Joelle 2008-06-13 16:53:18.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1879 [GMT 1:00]
Running from: C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users.WINDOWS\Desktop\internetgamebox.lnk
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\InternetGameBox
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\InternetGameBox\InternetGameBox.lnk
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\InternetGameBox\Privacy Policy.url
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\InternetGameBox\Terms and Conditions.url
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\InternetGameBox\Uninstall.lnk
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\InternetGameBox\Website.url
C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Local Settings\Application Data\cemqkoq.dat
C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Local Settings\Application Data\cemqkoq.exe
C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Local Settings\Application Data\cemqkoq_nav.dat
C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Local Settings\Application Data\cemqkoq_navps.dat
C:\Program Files\internetgamebox
C:\Program Files\internetgamebox\InternetGameBox.exe
C:\Program Files\internetgamebox\language
C:\Program Files\internetgamebox\ressources\AttenteOff.html
C:\Program Files\internetgamebox\ressources\AttenteOn.html
C:\Program Files\internetgamebox\ressources\configv2_en.xml
C:\Program Files\internetgamebox\ressources\configv2_es.xml
C:\Program Files\internetgamebox\ressources\configv2_fr.xml
C:\Program Files\internetgamebox\ressources\favoris\defaultv2.swf
C:\Program Files\internetgamebox\skins\skinv2.skn
C:\Program Files\internetgamebox\uninst.exe
C:\WINDOWS\Fonts\CALIBRIB.TTF

.
((((((((((((((((((((((((( Files Created from 2008-05-13 to 2008-06-13 )))))))))))))))))))))))))))))))
.

2008-06-12 19:43 . 2008-06-12 19:43 <DIR> d-------- C:\Program Files\Sierra On-Line
2008-06-12 19:42 . 2008-06-12 19:43 388 --a------ C:\WINDOWS\SIERRA.INI
2008-06-10 21:38 . 2008-06-10 21:38 <DIR> d-------- C:\Program Files\Nelson Thornes
2008-06-09 15:59 . 2008-06-09 15:59 <DIR> d-------- C:\Deckard
2008-06-08 17:43 . 2008-06-10 20:36 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-07 23:36 . 2008-06-07 23:36 <DIR> d-------- C:\ie-spyad_zo
2008-06-07 23:26 . 2008-06-07 23:26 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-06-07 22:03 . 2008-06-07 22:03 <DIR> d-------- C:\Program Files\Panda Security
2008-06-06 15:12 . 2008-06-06 15:12 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-06 15:11 . 2008-06-06 15:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-05 16:01 . 2006-02-28 13:00 571,392 --a--c--- C:\WINDOWS\system32\dllcache\tintlgnt.ime
2008-06-05 16:00 . 2006-02-28 13:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-06-05 15:59 . 2006-02-28 13:00 2,134,528 --a--c--- C:\WINDOWS\system32\dllcache\smtpsnap.dll
2008-06-05 15:58 . 2006-02-28 13:00 290,816 --a--c--- C:\WINDOWS\system32\dllcache\adsiis51.dll
2008-06-05 15:58 . 2006-02-28 13:00 94,720 --a--c--- C:\WINDOWS\system32\dllcache\certmap.ocx
2008-06-05 15:58 . 2006-02-28 13:00 43,520 --a--c--- C:\WINDOWS\system32\dllcache\admwprox.dll
2008-06-05 15:58 . 2003-03-24 16:52 20,540 --a--c--- C:\WINDOWS\system32\dllcache\author.dll
2008-06-05 15:58 . 2003-03-24 16:52 20,540 --a--c--- C:\WINDOWS\system32\dllcache\admin.dll
2008-06-05 15:58 . 2003-03-24 16:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\author.exe
2008-06-05 15:58 . 2003-03-24 16:52 16,439 --a--c--- C:\WINDOWS\system32\dllcache\admin.exe
2008-06-05 15:56 . 2008-06-05 15:56 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-06-05 15:55 . 2006-02-28 13:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe
2008-06-05 15:55 . 2008-06-05 15:55 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-06-05 15:55 . 2008-06-05 15:55 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-06-05 15:55 . 2008-06-05 15:55 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-06-05 15:55 . 2008-06-05 15:55 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-06-05 15:55 . 2008-06-05 15:55 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-06-05 15:53 . 2004-08-04 00:56 152,576 --a------ C:\WINDOWS\system32\irftp.exe
2008-06-05 15:53 . 2004-08-03 23:00 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2008-06-05 15:53 . 2004-08-04 00:56 27,136 --a------ C:\WINDOWS\system32\irmon.dll
2008-06-05 15:53 . 2004-08-04 00:56 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2008-06-05 15:44 . 2006-02-28 13:00 1,086,058 -ra------ C:\WINDOWS\SET43.tmp
2008-06-05 15:44 . 2006-02-28 13:00 1,042,903 -ra------ C:\WINDOWS\SET40.tmp
2008-06-05 15:44 . 2006-02-28 13:00 14,573 -ra------ C:\WINDOWS\SET8B.tmp
2008-06-05 15:44 . 2006-02-28 13:00 13,753 -ra------ C:\WINDOWS\SET4F.tmp
2008-06-05 15:15 . 2006-02-28 13:00 1,086,058 -ra------ C:\WINDOWS\SET42.tmp
2008-06-05 15:15 . 2006-02-28 13:00 1,042,903 -ra------ C:\WINDOWS\SET3F.tmp
2008-06-05 15:15 . 2006-02-28 13:00 14,573 -ra------ C:\WINDOWS\SET8A.tmp
2008-06-05 15:15 . 2006-02-28 13:00 13,753 -ra------ C:\WINDOWS\SET4E.tmp
2008-06-05 14:58 . 2006-02-28 13:00 1,086,058 -ra------ C:\WINDOWS\SET41.tmp
2008-06-05 14:58 . 2006-02-28 13:00 1,042,903 -ra------ C:\WINDOWS\SET3E.tmp
2008-06-05 14:58 . 2006-02-28 13:00 14,573 -ra------ C:\WINDOWS\SET89.tmp
2008-06-05 14:58 . 2006-02-28 13:00 13,753 -ra------ C:\WINDOWS\SET4D.tmp
2008-06-05 14:43 . 2001-08-17 13:51 18,688 --a------ C:\WINDOWS\system32\drivers\irsir.sys
2008-06-05 14:39 . 2001-08-17 13:51 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2008-06-05 14:36 . 2006-02-28 13:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-06-05 14:36 . 2006-02-28 13:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
2008-06-05 14:36 . 2006-02-28 13:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2008-06-05 14:36 . 2006-02-28 13:00 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
2008-06-05 14:34 . 2008-06-07 22:03 1,043,240 --a------ C:\WINDOWS\setupapi.log.0.old
2008-06-04 17:12 . 2008-06-04 17:12 880,560 --a------ C:\WINDOWS\system32\drivers\vetefile.sys
2008-06-04 17:12 . 2008-06-04 17:12 108,368 --a------ C:\WINDOWS\system32\drivers\veteboot.sys
2008-06-03 12:04 . 2008-06-03 12:04 <DIR> d-------- C:\Program Files\Windows Defender
2008-06-02 17:39 . 1999-08-03 10:50 172,032 --a------ C:\WINDOWS\system32\binkw32.dll
2008-06-01 17:28 . 2008-06-02 17:41 <DIR> d-------- C:\Program Files\Core Design
2008-06-01 17:28 . 1997-08-14 16:17 117,248 --a------ C:\WINDOWS\system32\Edec.dll
2008-06-01 17:28 . 1997-08-14 16:31 98,816 --a------ C:\WINDOWS\system32\Dec130.dll
2008-06-01 17:28 . 1997-08-14 16:24 89,600 --a------ C:\WINDOWS\system32\Winsdec.dll
2008-06-01 17:28 . 1997-08-14 11:10 80,896 --a------ C:\WINDOWS\system32\Winstr.dll
2008-06-01 17:28 . 1997-08-14 16:06 60,416 --a------ C:\WINDOWS\system32\Winplay.dll
2008-06-01 17:02 . 2008-06-01 17:19 <DIR> d-------- C:\TOMBRAID
2008-06-01 08:36 . 2008-06-13 11:08 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-01 08:36 . 2008-06-01 08:36 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-29 16:52 . 2008-06-06 00:34 <DIR> d-------- C:\Program Files\PestPatrol
2008-05-28 18:46 . 2008-05-28 18:49 547 --a------ C:\WINDOWS\wininit.ini
2008-05-28 17:55 . 2008-06-06 00:37 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-28 17:55 . 2008-06-06 00:30 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-05-27 14:42 . 2008-06-06 14:06 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-05-26 00:02 . 2008-05-26 00:02 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sandlot Games
2008-05-25 12:24 . 2008-05-25 13:20 <DIR> d-------- C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Application Data\MysteryStudio
2008-05-23 18:52 . 2008-05-23 18:52 <DIR> d-------- C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Application Data\SultansLabyrinth
2008-05-16 11:58 . 2008-05-16 11:58 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-05-14 20:34 . 2008-05-14 20:34 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\WildTangent

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-13 15:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Kontiki
2008-06-13 15:48 --------- d-----w C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Application Data\Skype
2008-06-13 15:09 --------- d-----w C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Application Data\skypePM
2008-06-12 20:58 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k7
2008-06-12 20:58 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k6
2008-06-12 20:58 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k5
2008-06-12 20:58 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k4
2008-06-12 20:58 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k3
2008-06-12 20:58 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k2
2008-06-12 20:58 64 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k1
2008-06-12 20:58 281,950 ----a-w C:\WINDOWS\system32\drivers\kmxcfg.u2k0
2008-06-08 20:30 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-06-07 23:16 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\RetroExp
2008-05-21 16:43 --------- d-----w C:\Program Files\Bonusprint PhotoBook Editor
2008-05-21 16:39 --------- d-----w C:\Program Files\Yahoo!
2008-04-30 22:50 --------- d-----w C:\Program Files\PopCap Games
2008-04-30 22:44 --------- d-----w C:\Documents and Settings\Ian and Joelle.IAN-7530FC48F2F\Application Data\Yahoo!
2008-04-30 22:43 --------- d-----w C:\Program Files\Yahoo! Games
2008-04-29 10:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 10:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 10:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-19 10:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-13 17:06 --------- d-----w C:\Program Files\Java
2008-03-05 16:51 0 ----a-w C:\Program Files\temp01
2007-11-21 12:07 32 ----a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\ezsid.dat
2006-05-21 18:01 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2003-03-12 13:05 433,280 ----a-w C:\WINDOWS\inf\EL2K_N64.sys
2003-03-12 13:05 143,744 ----a-w C:\WINDOWS\inf\EL2K_XP.sys
2003-03-12 13:05 143,616 ----a-w C:\WINDOWS\inf\EL2K_2K.sys
1999-06-25 09:55 149,504 ----a-w C:\Program Files\UNWISE.EXE
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 13:00 15360]
"BBC Alerts"="C:\Program Files\BBC Alerts\BBC_Alerts.exe" [2008-01-11 13:35 759728]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 18:22 21898024]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-14 00:26 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TCASUTIEXE"="TCAUDIAG -on" []
"SiS KHooker"="C:\WINDOWS\system32\khooker.exe" [2003-04-09 08:44 286720]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [2007-08-16 22:25 177416]
"QOELOADER"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe" [2007-10-11 16:03 14088]
"CAVRID"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [2007-08-20 13:42 230664]
"cafwc"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" [2008-05-22 15:55 1193224]
"capfasem"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" [2008-05-22 15:55 173320]
"capfupgrade"="C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe" [2008-05-22 15:55 259336]
"EPSON Stylus Photo R800"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2J1.exe" [2003-08-07 03:00 99840]
"RegistryMechanic"="" []
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-10 16:26 406016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 09:23 132624]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SoundMan"="SOUNDMAN.EXE" [2003-02-27 07:29 47104 C:\WINDOWS\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-02-28 13:00 15360]

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
EPSON SMART PANEL for Scanner.lnk - C:\Program Files\EPSON\EPSON SMART PANEL for Scanner\espmain.exe [2004-12-13 18:42:25 180224]
Event Planner Reminders Tray Icon.lnk - C:\SIERRA\CardStudio\PLNRnote.exe [2008-06-12 19:43:14 167936]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 17:51 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
UmxWnp.Dll 2007-05-18 14:30 79368 C:\WINDOWS\system32\UmxWNP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MaxtorOneTouch]
--a------ 2005-11-09 16:19 634880 C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RetroExpress]
--a------ 2005-09-21 16:40 18583552 C:\PROGRA~1\RETROS~1\RETROS~1.1\RetroExpress.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\CA Personal Firewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\Program Files\BBC Alerts\BBC_Alerts.exe"= C:\Program Files\BBC Alerts\BBC_Alerts.exe
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\muzapp.exe"=
"C:\\Program Files\\Kontiki\\KService.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 KmxStart;KmxStart;C:\WINDOWS\system32\DRIVERS\kmxstart.sys [2007-10-18 10:46]
R1 KmxAgent;KmxAgent;C:\WINDOWS\system32\DRIVERS\kmxagent.sys [2007-05-18 14:30]
R1 KmxFile;KmxFile;C:\WINDOWS\system32\DRIVERS\KmxFile.sys [2007-05-18 14:30]
R1 KmxFw;KmxFw;C:\WINDOWS\system32\DRIVERS\kmxfw.sys [2007-10-18 14:28]
R1 SiSEsc;SISLIB_ESC;C:\WINDOWS\system32\sisesc.sys [2003-03-26 16:34]
R2 KmxCF;KmxCF;C:\WINDOWS\system32\DRIVERS\KmxCF.sys [2007-10-18 10:46]
R2 KmxSbx;KmxSbx;C:\WINDOWS\system32\DRIVERS\KmxSbx.sys [2007-11-02 04:54]
R2 UmxAgent;HIPS Event Manager;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe" [2007-10-04 09:23]
R2 UmxCfg;HIPS Configuration Interpreter;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe" [2007-10-18 09:39]
R2 UmxPol;HIPS Policy Manager;"C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe" [2007-03-05 19:36]
R3 KmxCfg;KmxCfg;C:\WINDOWS\system32\DRIVERS\kmxcfg.sys [2007-09-12 12:02]
R3 PPCtlPriv;PPCtlPriv;"C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe" [2007-08-16 21:10]
S2 tcaicchg;tcaicchg;C:\WINDOWS\system32\tcaicchg.sys []
S2 TCAITDI;TCAITDI Protocol;C:\WINDOWS\system32\DRIVERS\TCAITDI.sys []

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-06-02 13:30:06 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-06-11 16:39:33 C:\WINDOWS\Tasks\CAAntiSpywareScan_Daily as Ian and Joelle at 17 39.job"
- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAAntiSpyware.exe
"2008-06-13 10:10:48 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2008-06-12 16:41:42 C:\WINDOWS\Tasks\User_Feed_Synchronization-{7EEAB4C9-F007-42E5-81E9-E64DBFE80633}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-13 16:56:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-13 16:57:40
ComboFix-quarantined-files.txt 2008-06-13 15:57:34

Pre-Run: 30,026,829,824 bytes free
Post-Run: 30,184,546,304 bytes free

243 --- E O F --- 2008-06-08 08:29:37