Hi. The following log is the log produced by Combofix after using the CFscript notepad as you requested:
ComboFix 08-11-09.01 - Administrator 2008-11-10 19:08:04.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1699 [GMT 10:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt.txt
* Created a new restore point
* Resident AV is active
FILE ::
c:\windows\
002555_.tmp
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrator\Application Data\LimeWire
c:\documents and settings\Administrator\Application Data\LimeWire\active.mojito
c:\documents and settings\Administrator\Application Data\LimeWire\bugs.data
c:\documents and settings\Administrator\Application Data\LimeWire\certificate\limewire.keystore
c:\documents and settings\Administrator\Application Data\LimeWire\createtimes.cache
c:\documents and settings\Administrator\Application Data\LimeWire\downloads.dat
c:\documents and settings\Administrator\Application Data\LimeWire\fileurns.bak
c:\documents and settings\Administrator\Application Data\LimeWire\fileurns.cache
c:\documents and settings\Administrator\Application Data\LimeWire\filters.props
c:\documents and settings\Administrator\Application Data\LimeWire\gnutella.net
c:\documents and settings\Administrator\Application Data\LimeWire\installation.props
c:\documents and settings\Administrator\Application Data\LimeWire\library.dat
c:\documents and settings\Administrator\Application Data\LimeWire\limewire.props
c:\documents and settings\Administrator\Application Data\LimeWire\mojito.props
c:\documents and settings\Administrator\Application Data\LimeWire\promotion\promodb.backup
c:\documents and settings\Administrator\Application Data\LimeWire\promotion\promodb.data
c:\documents and settings\Administrator\Application Data\LimeWire\promotion\promodb.properties
c:\documents and settings\Administrator\Application Data\LimeWire\promotion\promodb.script
c:\documents and settings\Administrator\Application Data\LimeWire\questions.props
c:\documents and settings\Administrator\Application Data\LimeWire\responses.cache
c:\documents and settings\Administrator\Application Data\LimeWire\simpp.xml
c:\documents and settings\Administrator\Application Data\LimeWire\spam.dat
c:\documents and settings\Administrator\Application Data\LimeWire\tables.props
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme.lwtp
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\
01_star.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\
02_star.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\
03_star.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\
04_star.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\
05_star.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\chat.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\forward_dn.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\forward_up.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\kill.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\kill_on.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\pause_dn.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\pause_up.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\play_dn.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\play_up.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\question.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\rewind_dn.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\rewind_up.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\stop_dn.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\stop_up.gif
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\theme.txt
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\version.txt
c:\documents and settings\Administrator\Application Data\LimeWire\themes\windows_theme\warning.gif
c:\documents and settings\Administrator\Application Data\LimeWire\ttrees.cache
c:\documents and settings\Administrator\Application Data\LimeWire\ttroot.cache
c:\documents and settings\Administrator\Application Data\LimeWire\version.xml
c:\documents and settings\Administrator\Application Data\LimeWire\versions.props
c:\documents and settings\Administrator\Application Data\LimeWire\xml\data\audio.sxml2
c:\documents and settings\Administrator\Application Data\LimeWire\xml\data\video.sxml2
c:\windows\
002555_.tmp
c:\windows\system32\fiber.exe
c:\windows\system32\imapde.dll
c:\windows\system32\kinza.exe
c:\windows\system32\winrkp32.dll
.
((((((((((((((((((((((((( Files Created from 2008-10-10 to 2008-11-10 )))))))))))))))))))))))))))))))
.
2008-11-08 18:40 . 2008-11-08 18:42 <DIR> d-------- C:\rsit
2008-11-08 18:40 . 2008-11-08 18:40 <DIR> d-------- c:\program files\trend micro
2008-11-08 18:30 . 2008-11-08 18:31 250 --a------ c:\windows\gmer.ini
2008-11-07 10:40 . 2007-04-12 14:19 129,024 --a------ c:\windows\system32\AVERM.dll
2008-11-07 10:40 . 2006-09-26 13:57 28,672 --a------ c:\windows\system32\AVEQT.dll
2008-11-06 09:25 . 2008-10-24 11:16 23,096 --a------ c:\windows\system32\drivers\MusCAudio.sys
2008-11-06 09:25 . 2008-10-24 11:16 3,768 --a------ c:\windows\system32\drivers\MusCVideo.sys
2008-10-29 19:51 . 2008-10-29 19:51 <DIR> d-------- C:\PROTOOLS LOOPS
2008-10-28 19:23 . 2008-10-28 19:23 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Propellerhead Software
2008-10-28 19:23 . 2008-10-28 19:30 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Propellerhead Software
2008-10-28 19:23 . 2008-10-28 19:23 225,280 --a------ c:\windows\system32\ReWire.dll
2008-10-28 19:22 . 2008-10-28 19:22 <DIR> d-------- c:\program files\Propellerhead
2008-10-28 19:02 . 2008-10-28 19:02 <DIR> d-------- c:\windows\Downloaded Installations
2008-10-28 19:02 . 2008-10-28 19:02 <DIR> d-------- c:\program files\InterLok
2008-10-28 19:02 . 2006-12-08 21:50 16,384 --a------ c:\windows\system32\drivers\DigiFilt.sys
2008-10-28 18:59 . 2008-10-28 19:12 <DIR> d-------- c:\program files\Digidesign
2008-10-28 18:59 . 2007-10-31 02:16 3,683,014 --a------ c:\windows\system32\DirectIO.dll
2008-10-28 18:59 . 2007-10-30 23:03 659,456 --a------ c:\windows\system32\DSI.dll
2008-10-28 18:59 . 2007-10-30 22:03 270,336 --a------ c:\windows\system32\DigiPlatformSupport.dll
2008-10-28 18:59 . 2007-10-30 23:35 172,032 --a------ c:\windows\system32\Diomidi.DLL
2008-10-28 18:59 . 2007-10-31 01:15 97,808 --a------ c:\windows\system32\drivers\Dalwdm.sys
2008-10-28 18:59 . 2006-12-08 22:21 90,112 --a------ c:\windows\system32\WinMMFix.dll
2008-10-28 18:59 . 2007-10-31 01:16 16,400 --a------ c:\windows\system32\drivers\diginet.sys
2008-10-28 18:59 . 2007-10-30 23:36 15,872 --a------ c:\windows\system32\digicoin.dll
2008-10-28 10:48 . 2008-10-28 19:11 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Structure
2008-10-27 22:52 . 2008-10-27 22:52 <DIR> d-------- c:\program files\Common Files\PACE Anti-Piracy
2008-10-27 22:52 . 2008-10-28 19:04 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\PACE Anti-Piracy
2008-10-27 22:52 . 2008-10-28 11:10 <DIR> d-------- c:\documents and settings\Administrator\Application Data\PACE Anti-Piracy
2008-10-27 22:52 . 2008-11-10 10:09 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Digidesign
2008-10-27 22:52 . 2008-10-27 22:52 <DIR> d-------- C:\Digidesign Databases
2008-10-27 22:35 . 2008-10-27 22:35 <DIR> d-------- c:\program files\Common Files\Digidesign
2008-10-27 22:35 . 2007-10-31 00:03 1,362,460 --a------ c:\windows\system32\ExpansionHD_Firmware.bin
2008-10-27 21:58 . 2007-07-30 19:19 271,224 --a------ c:\windows\system32\mucltui.dll
2008-10-27 21:58 . 2007-07-30 19:19 30,072 --a------ c:\windows\system32\mucltui.dll.mui
2008-10-27 21:57 . 2008-10-27 21:57 <DIR> d-------- c:\windows\system32\xircom
2008-10-27 21:57 . 2008-10-27 21:57 <DIR> d-------- c:\program files\microsoft frontpage
2008-10-27 21:57 . 2008-04-14 05:42 221,184 --a------ c:\windows\system32\wmpns.dll
2008-10-27 21:50 . 2008-10-27 21:50 <DIR> d-------- c:\windows\system32\scripting
2008-10-27 21:48 . 2008-10-27 21:48 <DIR> d-------- c:\windows\ServicePackFiles
2008-10-25 08:48 . 2008-10-25 08:48 <DIR> d-------- c:\documents and settings\Administrator\Application Data\InstallShield
2008-10-25 08:46 . 2008-04-14 00:15 60,032 --a------ c:\windows\system32\drivers\usbaudio.sys
2008-10-25 08:46 . 2008-04-14 00:15 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2008-10-24 23:34 . 2008-09-17 23:55 201,050 --a------ c:\windows\system32\nvapps.nvb
2008-10-15 23:53 . 2008-10-15 23:53 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Apple Computer
2008-10-15 23:42 . 2008-10-15 23:43 <DIR> d-------- c:\program files\QuickTime
2008-10-15 23:42 . 2008-10-15 23:42 <DIR> d-------- c:\program files\Common Files\Apple
2008-10-15 23:42 . 2008-10-15 23:42 <DIR> d-------- c:\program files\Apple Software Update
2008-10-15 23:42 . 2008-10-15 23:42 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple Computer
2008-10-15 23:42 . 2008-10-15 23:42 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Apple
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-10 04:27 --------- d-----w c:\program files\Steam
2008-11-10 04:21 --------- d-----w c:\program files\SUPERAntiSpyware
2008-11-08 02:55 --------- d-----w c:\documents and settings\Administrator\Application Data\Any Video Converter
2008-11-07 00:00 --------- d-----w c:\documents and settings\All Users.WINDOWS\Application Data\SiteAdvisor
2008-11-06 08:28 --------- d-----w c:\program files\McAfee
2008-11-02 05:15 32,032 ----a-w c:\documents and settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
2008-10-28 08:18 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-22 23:06 --------- d-----w c:\documents and settings\Administrator\Application Data\SiteAdvisor
2008-09-20 07:25 --------- d-----w c:\documents and settings\Administrator\Application Data\Audacity
2008-05-24 09:03 604 ---ha-w c:\program files\STLL Notifier
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SiteAdvisor"="c:\program files\SiteAdvisor\6261\SiteAdv.exe" [2008-05-17 36640]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-06-26 921600]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"DigidesignMMERefresh"="c:\program files\Digidesign\Drivers\MMERefresh.exe" [2007-10-30 77824]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-22 c:\windows\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2008-05-02 c:\windows\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-03 44544]
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave2"= Digi32.dll
"midi1"= mbx2midu.dll
"MIDI2"= diomidi.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\steamapps\\hoplite1000\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\spectrum_domain\\counter-strike source\\hl2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
R0 DigiFilter;DigiFilter;c:\windows\system32\drivers\DigiFilt.sys [2006-12-08 16384]
R0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys [2007-05-25 137728]
R2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys [2007-10-31 16400]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l151x86.sys [2007-11-01 36864]
S3 dalwdmservice;dal service;c:\windows\system32\drivers\dalwdm.sys [2007-10-31 97808]
S3 MBX2DFU;MBX2DFU;c:\windows\system32\DRIVERS\MBX2DFU.sys [2007-10-31 21648]
S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;c:\windows\system32\drivers\mbx2midk.sys [2007-10-31 21904]
S3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2008-10-24 23096]
S3 MusCVideo;MusCVideo;c:\windows\system32\DRIVERS\MusCVideo.sys [2008-10-24 3768]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-11-10 19:11:14
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\ESET\nod32krn.exe
c:\windows\system32\nvsvc32.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\SiteAdvisor\6261\SAService.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2008-11-10 19:15:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-10 09:15:31
Pre-Run: 122,991,222,784 bytes free
Post-Run: 122,982,993,920 bytes free
213
I await your next instructions. Thankyou.