Thread: Firefox Hijacked
View Single Post
Old 09-27-2006, 08:41 AM   #6 (permalink)
Willidshome
Registered User
 
Join Date: Sep 2006
Posts: 8
OS: xp


Here is the Combo Log:

Dave - 06-09-27 15:34:38.48 Service Pack 2
ComboFix 06.09.27 - Running from: "C:\Documents and Settings\Dave\desktop"
Command switches used :: /v jkkji winzwr32

((((((((((((((((((((((((((((((( Files Created from 2006-08-27 to 2006-09-27 ))))))))))))))))))))))))))))))))))


2006-09-27 11:03 56 --ahs---- C:\redir.sys
2006-09-26 08:51 970,752 --a------ C:\WINDOWS\system32\VchReg.dll
2006-09-25 16:28 45,525 --a------ C:\WINDOWS\system32\hdgcynuc.dll
2006-09-25 16:28 143,380 --a------ C:\WINDOWS\system32\urutiaxa.exe
2006-09-25 16:05 589,876 ---hs---- C:\WINDOWS\system32\vturq.dll
2006-09-25 15:37 589,876 ---hs---- C:\WINDOWS\system32\ddccc.dll
2006-09-25 15:23 589,876 ---hs---- C:\WINDOWS\system32\ddcyw.dll
2006-09-25 15:15 69 --a------ C:\jswudopx.bat
2006-09-25 15:15 589,876 ---hs---- C:\WINDOWS\system32\jkhhe.dll
2006-09-25 15:15 20,480 --a------ C:\jswudopx.exe
2006-09-25 15:15 0 --a------ C:\oorwopjo.exe
2006-09-25 15:09 0 --a------ C:\dlkvnr.exe
2006-09-25 14:56 16,384 --a------ C:\WINDOWS\system32\FileOps.exe
2006-09-24 16:49 65,536 --------- C:\WINDOWS\system32\adistres.dll
2006-09-24 16:49 20,584 --------- C:\WINDOWS\system32\PdfPorts.dll
2006-09-24 16:49 101,200 --------- C:\WINDOWS\system32\pdfshell.dll
2006-09-24 14:39 210,944 --------- C:\WINDOWS\system32\Msvcrt10.dll
2006-09-23 14:24 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2006-09-23 14:23 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2006-09-22 13:43 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2006-09-22 13:43 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2006-09-22 13:43 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2006-09-19 16:18 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-09-19 16:18 44,544 --a------ C:\WINDOWS\system32\OVUI2.dll
2006-09-19 16:18 41,984 --a------ C:\WINDOWS\system32\OVUI2RC.dll
2006-09-19 16:18 39,424 --a------ C:\WINDOWS\system32\OVComS.exe
2006-09-19 16:18 20,480 --a------ C:\WINDOWS\system32\OVComC.dll
2006-09-19 16:18 116,736 --a------ C:\WINDOWS\system32\OVCodec2.dll
2006-09-15 11:23 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2006-09-09 17:46 973,312 --a------ C:\WINDOWS\system32\Redemption.dll
2006-09-09 17:46 962,560 --a------ C:\WINDOWS\system32\MagicCtl.dll
2006-09-09 17:46 90,112 --a------ C:\WINDOWS\system32\gmnamfld.dll
2006-09-09 17:46 81,920 --a------ C:\WINDOWS\system32\ANSSLPLUS.dll
2006-09-09 17:46 73,728 --a------ C:\WINDOWS\system32\GMSigMan.dll
2006-09-09 17:46 65,536 --a------ C:\WINDOWS\system32\GMMesCom.dll
2006-09-09 17:46 512,000 --a------ C:\WINDOWS\system32\gmgrpman.dll
2006-09-09 17:46 487,424 --a------ C:\WINDOWS\system32\infCB.dll
2006-09-09 17:46 45,056 --a------ C:\WINDOWS\system32\GMPaths.dll
2006-09-09 17:46 385,592 --a------ C:\WINDOWS\system32\XceedBkp.dll
2006-09-09 17:46 348,160 --a------ C:\WINDOWS\system32\ANPOP.dll
2006-09-09 17:46 299,008 --a------ C:\WINDOWS\system32\GMAccMan.dll
2006-09-09 17:46 282,624 --a------ C:\WINDOWS\system32\AOSMTPEX.dll
2006-09-09 17:46 282,624 --a------ C:\WINDOWS\system32\AOSMTP.dll
2006-09-09 17:46 258,048 --a------ C:\WINDOWS\system32\GMMailer.dll
2006-09-09 17:46 24,576 --a------ C:\WINDOWS\system32\snEUps.dll
2006-09-09 17:46 167,936 --a------ C:\WINDOWS\system32\infgdbcb.dll
2006-09-09 17:46 159,823 --a------ C:\WINDOWS\system32\emmsg.dll
2006-09-09 17:46 159,744 --a------ C:\WINDOWS\system32\dwStg.dll
2006-09-09 17:46 151,638 --a------ C:\WINDOWS\system32\empop3.dll
2006-09-09 17:46 151,552 --a------ C:\WINDOWS\system32\HexValidEmail.dll
2006-09-09 17:46 122,880 --a------ C:\WINDOWS\system32\snEU.exe
2006-09-09 17:46 102,400 --a------ C:\WINDOWS\system32\HexDns.dll
2006-09-09 17:46 1,011,712 --a------ C:\WINDOWS\system32\chilkatxml.dll
2006-09-09 16:12 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2006-09-09 16:12 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2006-09-09 16:12 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2006-09-09 16:12 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2006-09-09 08:53 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2006-09-09 08:41 99,576 --a------ C:\WINDOWS\system32\MabryObj.dll
2006-09-09 08:41 57,856 --a------ C:\WINDOWS\system32\azip32.dll
2006-09-09 08:41 32,768 --a------ C:\WINDOWS\system32\Base64.dll
2006-09-09 08:41 279,800 --a------ C:\WINDOWS\system32\FTPx.dll
2006-09-09 08:41 241,664 --a------ C:\WINDOWS\system32\dzgtactx.dll
2006-09-09 02:00 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2006-09-09 02:00 0 -rahs---- C:\MSDOS.SYS
2006-09-09 02:00 0 -rahs---- C:\IO.SYS
2006-09-09 02:00 0 --a------ C:\CONFIG.SYS
2006-09-09 02:00 0 --a------ C:\AUTOEXEC.BAT
2006-09-09 01:58 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2006-09-09 01:58 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2006-09-09 01:58 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2006-09-09 01:58 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2006-09-09 01:58 465,176 --a------ C:\WINDOWS\system32\wuapi.dll
2006-09-09 01:58 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2006-09-09 01:58 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2006-09-09 01:58 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2006-09-09 01:58 41,240 --a------ C:\WINDOWS\system32\wups.dll
2006-09-09 01:58 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2006-09-09 01:58 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2006-09-09 01:58 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2006-09-09 01:58 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2006-09-09 01:58 173,536 --a------ C:\WINDOWS\system32\wuweb.dll
2006-09-09 01:58 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2006-09-09 01:58 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2006-09-09 01:58 127,256 --a------ C:\WINDOWS\system32\wucltui.dll
2006-09-09 01:58 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe
2006-09-09 01:58 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2006-09-09 01:58 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2006-09-09 01:58 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2006-09-09 01:57 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2006-09-09 01:57 81,920 --a------ C:\WINDOWS\system32\ils.dll
2006-09-09 01:57 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2006-09-09 01:57 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2006-09-09 01:57 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-09-09 01:57 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2006-09-09 01:57 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2006-09-09 01:57 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2006-09-09 01:57 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2006-09-09 01:57 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2006-09-09 01:57 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2006-09-09 01:57 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2006-09-09 01:57 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2006-09-09 01:57 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2006-09-09 01:57 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2006-09-09 01:57 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2006-09-09 01:57 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-09-09 01:57 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2006-09-09 01:57 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2006-09-09 01:57 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-09-09 01:57 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2006-09-09 01:57 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2006-09-09 01:56 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2006-09-09 01:56 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll
2006-09-09 01:56 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2006-09-09 01:56 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll
2006-09-09 01:56 9,728 --a------ C:\WINDOWS\system32\reset.exe
2006-09-09 01:56 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2006-09-09 01:56 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2006-09-09 01:56 80,384 --a------ C:\WINDOWS\system32\charmap.exe
2006-09-09 01:56 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2006-09-09 01:56 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2006-09-09 01:56 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2006-09-09 01:56 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2006-09-09 01:56 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2006-09-09 01:56 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2006-09-09 01:56 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2006-09-09 01:56 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2006-09-09 01:56 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2006-09-09 01:56 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2006-09-09 01:56 56,832 --a------ C:\WINDOWS\system32\sol.exe
2006-09-09 01:56 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2006-09-09 01:56 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2006-09-09 01:56 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2006-09-09 01:56 538,624 --a------ C:\WINDOWS\system32\spider.exe
2006-09-09 01:56 5,632 --a------ C:\WINDOWS\system32\write.exe
2006-09-09 01:56 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2006-09-09 01:56 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll
2006-09-09 01:56 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2006-09-09 01:56 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2006-09-09 01:56 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2006-09-09 01:56 407,552 --a------ C:\WINDOWS\system32\mstsc.exe
2006-09-09 01:56 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2006-09-09 01:56 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2006-09-09 01:56 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2006-09-09 01:56 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2006-09-09 01:56 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll
2006-09-09 01:56 343,040 --a------ C:\WINDOWS\system32\mspaint.exe
2006-09-09 01:56 33,792 --a------ C:\WINDOWS\system32\regini.exe
2006-09-09 01:56 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2006-09-09 01:56 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2006-09-09 01:56 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2006-09-09 01:56 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2006-09-09 01:56 225,792 --a------ C:\WINDOWS\system32\catsrv.dll
2006-09-09 01:56 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2006-09-09 01:56 20,992 --a------ C:\WINDOWS\system32\msg.exe
2006-09-09 01:56 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2006-09-09 01:56 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2006-09-09 01:56 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2006-09-09 01:56 183,808 --a------ C:\WINDOWS\system32\accwiz.exe
2006-09-09 01:56 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2006-09-09 01:56 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2006-09-09 01:56 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2006-09-09 01:56 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2006-09-09 01:56 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2006-09-09 01:56 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2006-09-09 01:56 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2006-09-09 01:56 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2006-09-09 01:56 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2006-09-09 01:56 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2006-09-09 01:56 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2006-09-09 01:56 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2006-09-09 01:56 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2006-09-09 01:56 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2006-09-09 01:56 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2006-09-09 01:56 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2006-09-09 01:56 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2006-09-09 01:56 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2006-09-09 01:56 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2006-09-09 01:56 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2006-09-09 01:56 114,688 --a------ C:\WINDOWS\system32\calc.exe
2006-09-09 01:56 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2006-09-09 01:56 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2006-09-09 01:56 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2006-09-09 01:56 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2006-09-09 01:56 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll
2006-09-09 01:56 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2006-09-09 01:55 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2006-09-09 01:55 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2006-09-09 01:55 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2006-09-09 01:55 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2006-09-08 21:24 90,112 --------- C:\WINDOWS\Updreg.EXE
2006-09-08 21:24 84,992 --------- C:\WINDOWS\system32\SFCVRT32.DLL
2006-09-08 21:24 82,432 --------- C:\WINDOWS\system32\CTWFLT32.DLL
2006-09-08 21:24 53,552 --------- C:\WINDOWS\CTCCW.DLL
2006-09-08 21:24 26,768 --------- C:\WINDOWS\system32\CTL3D.DLL
2006-09-08 21:24 24,976 --------- C:\WINDOWS\CTRES.DLL
2006-09-08 21:24 149,504 --------- C:\WINDOWS\system32\MFCANS32.DLL
2006-09-08 21:24 108,032 --------- C:\WINDOWS\system32\MFCUIA32.DLL
2006-09-08 21:23 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-09-08 21:23 20,480 --a------ C:\WINDOWS\INRES.DLL
2006-09-08 21:22 94,208 --a------ C:\WINDOWS\DEVREG.DLL
2006-09-08 21:22 77,824 --a------ C:\WINDOWS\system32\EAXAC3.DLL
2006-09-08 21:22 65,536 --a------ C:\WINDOWS\system32\a3d.dll
2006-09-08 21:22 643,072 --a------ C:\WINDOWS\system32\CTSBLFX.DLL
2006-09-08 21:22 61,440 --a------ C:\WINDOWS\MIDIDEF.EXE
2006-09-08 21:22 57,344 --a------ C:\WINDOWS\system32\CTAGENT.DLL
2006-09-08 21:22 53,248 --a------ C:\WINDOWS\system32\AC3API.DLL
2006-09-08 21:22 49,152 --a------ C:\WINDOWS\system32\KILLAPPS.EXE
2006-09-08 21:22 49,152 --a------ C:\WINDOWS\CTDCRES.DLL
2006-09-08 21:22 36,864 --a------ C:\WINDOWS\system32\sfman32.dll
2006-09-08 21:22 36,864 --a------ C:\WINDOWS\system32\REGPLIB.EXE
2006-09-08 21:22 36,864 --a------ C:\WINDOWS\system32\CTEMUPIA.DLL
2006-09-08 21:22 319,488 --a------ C:\WINDOWS\system32\CTDEVCON.DLL
2006-09-08 21:22 28,672 --a------ C:\WINDOWS\system32\CTSPKHLP.DLL
2006-09-08 21:22 270,336 --a------ C:\WINDOWS\system32\SFMS32.DLL
2006-09-08 21:22 24,576 --a------ C:\WINDOWS\system32\CTHELPER.EXE
2006-09-08 21:22 184,320 --a------ C:\WINDOWS\PSCONV.EXE
2006-09-08 21:22 176,128 --a------ C:\WINDOWS\READREG.EXE
2006-09-08 21:22 155,648 --a------ C:\WINDOWS\system32\CTOSUSER.DLL
2006-09-08 21:22 135,168 --a------ C:\WINDOWS\system32\OPENAL32.DLL
2006-09-08 21:22 110,592 --a------ C:\WINDOWS\system32\PIAPROXY.DLL
2006-09-08 21:22 110,592 --a------ C:\WINDOWS\system32\COMMONFX.DLL
2006-09-08 21:22 106,496 --a------ C:\WINDOWS\system32\CTDPROXY.DLL
2006-09-08 21:22 106,496 --a------ C:\WINDOWS\system32\CTASIO.DLL
2006-09-08 21:20 73,728 --------- C:\WINDOWS\system32\CTDrmRes.dll
2006-09-08 21:20 62,976 --------- C:\WINDOWS\system32\CTDetres.dll
2006-09-08 21:20 54,784 --------- C:\WINDOWS\system32\Inetwh32.dll
2006-09-08 21:20 44,032 --a------ C:\WINDOWS\system32\CTSVCCDA.EXE
2006-09-08 21:20 331,776 --a------ C:\WINDOWS\system32\CTMedEng.DLL
2006-09-08 21:20 28,672 --------- C:\WINDOWS\system32\CTIntRes.dll
2006-09-08 21:20 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2006-09-08 21:20 24,576 --------- C:\WINDOWS\system32\CTMERes.DLL
2006-09-08 21:20 163,840 --a------ C:\WINDOWS\system32\CTDRMUI.dll
2006-09-08 21:20 12,288 --a------ C:\WINDOWS\system32\AHQCpURes.dll
2006-09-08 21:19 41,984 --------- C:\WINDOWS\CTRegRun.exe
2006-09-08 21:18 6,752 --------- C:\WINDOWS\system32\PFMODNT.SYS
2006-09-08 21:02 306,688 --a------ C:\WINDOWS\IsUninst.exe
2006-09-08 20:52 983,107 --a------ C:\WINDOWS\system32\lxbxgf.dll
2006-09-08 20:52 94,208 --a------ C:\WINDOWS\system32\lxbxinsr.dll
2006-09-08 20:52 87,040 --a------ C:\WINDOWS\system32\wiafbdrv.dll
2006-09-08 20:52 86,016 --a------ C:\WINDOWS\system32\lxbxcub.dll
2006-09-08 20:52 741,376 --a------ C:\WINDOWS\system32\lxbxhbn3.dll
2006-09-08 20:52 69,632 --a------ C:\WINDOWS\system32\lxbxcu.dll
2006-09-08 20:52 667,648 --a------ C:\WINDOWS\system32\lxbxcomc.dll
2006-09-08 20:52 634,880 --a------ C:\WINDOWS\system32\lxbxpmui.dll
2006-09-08 20:52 512,000 --a------ C:\WINDOWS\system32\lxbxhbn1.dll
2006-09-08 20:52 483,328 --a------ C:\WINDOWS\system32\lxbxlmpm.dll
2006-09-08 20:52 462,848 --a------ C:\WINDOWS\system32\lxbxcoms.exe
2006-09-08 20:52 401,408 --a------ C:\WINDOWS\system32\lxbxcomm.dll
2006-09-08 20:52 40,960 --a------ C:\WINDOWS\system32\lxbxvs.dll
2006-09-08 20:52 372,736 --a------ C:\WINDOWS\system32\lxbxutil.dll
2006-09-08 20:52 372,736 --a------ C:\WINDOWS\system32\lxbxcfg.exe
2006-09-08 20:52 356,352 --a------ C:\WINDOWS\system32\lxbxih.exe
2006-09-08 20:52 32,768 --a------ C:\WINDOWS\system32\lxbxcur.dll
2006-09-08 20:52 172,032 --a------ C:\WINDOWS\system32\lxbxinsb.dll
2006-09-08 20:52 139,264 --a------ C:\WINDOWS\system32\lxbxprox.dll
2006-09-08 20:52 131,072 --a------ C:\WINDOWS\system32\lxbxjswr.dll
2006-09-08 20:52 131,072 --a------ C:\WINDOWS\system32\lxbxins.dll
2006-09-08 20:52 114,688 --a------ C:\WINDOWS\system32\lxbxpplc.dll
2006-09-08 20:52 1,146,880 --a------ C:\WINDOWS\system32\lxbxserv.dll
2006-09-08 20:52 1,089,536 --a------ C:\WINDOWS\system32\lxbxusb1.dll
2006-09-08 20:51 65,536 --a------ C:\WINDOWS\system32\lxbxcfg.dll
2006-09-08 19:29 90,112 --a------ C:\WINDOWS\system32\mcrtl32.dll
2006-09-08 19:29 32,768 --a------ C:\WINDOWS\system32\instlsp.exe
2006-09-08 19:29 131,072 --a------ C:\WINDOWS\system32\mclsp.dll
2006-09-08 19:29 11,264 --a------ C:\WINDOWS\system32\sporder.dll
2006-09-08 19:28 9,216 --a------ C:\WINDOWS\system32\MpfApi.dll
2006-09-08 19:27 349,760 --a------ C:\WINDOWS\system32\mcinsctl.dll
2006-09-08 19:27 288,320 --a------ C:\WINDOWS\system32\mcgdmgr.dll
2006-09-08 19:22 9,728 --a------ C:\WINDOWS\system32\rwnh.dll
2006-09-08 19:22 8,704 --a------ C:\WINDOWS\system32\infoctrs.dll
2006-09-08 19:22 8,192 --a------ C:\WINDOWS\system32\staxmem.dll
2006-09-08 19:22 7,168 --a------ C:\WINDOWS\system32\wamregps.dll
2006-09-08 19:22 7,168 --a------ C:\WINDOWS\system32\snprfdll.dll
2006-09-08 19:22 68,608 --a------ C:\WINDOWS\system32\iisext.dll
2006-09-08 19:22 64,512 --a------ C:\WINDOWS\system32\iismap.dll
2006-09-08 19:22 6,144 --a------ C:\WINDOWS\system32\ftpsapi2.dll
2006-09-08 19:22 6,144 --a------ C:\WINDOWS\system32\admxprox.dll
2006-09-08 19:22 56,320 --a------ C:\WINDOWS\system32\convlog.exe
2006-09-08 19:22 5,632 --a------ C:\WINDOWS\system32\w3svapi.dll
2006-09-08 19:22 5,632 --a------ C:\WINDOWS\system32\iisrstap.dll
2006-09-08 19:22 5,632 --a------ C:\WINDOWS\system32\adsiisex.dll
2006-09-08 19:22 43,520 --a------ C:\WINDOWS\system32\fcachdll.dll
2006-09-08 19:22 43,520 --a------ C:\WINDOWS\system32\admwprox.dll
2006-09-08 19:22 4,608 --a------ C:\WINDOWS\system32\w3ctrs.dll
2006-09-08 19:22 3,584 --a------ C:\WINDOWS\system32\iismui.dll
2006-09-08 19:22 290,816 --a------ C:\WINDOWS\system32\adsiis.dll
2006-09-08 19:22 23,040 --a------ C:\WINDOWS\system32\regtrace.exe
2006-09-08 19:22 19,968 --a------ C:\WINDOWS\system32\inetsloc.dll
2006-09-08 19:22 14,336 --a------ C:\WINDOWS\system32\iisreset.exe
2006-09-08 19:22 14,336 --a------ C:\WINDOWS\system32\exstrace.dll
2006-09-08 19:22 133,632 --a------ C:\WINDOWS\system32\iisRtl.dll
2006-09-08 19:22 13,312 --a------ C:\WINDOWS\system32\infoadmn.dll
2006-09-08 19:22 12,288 --a------ C:\WINDOWS\system32\smtpctrs.dll
2006-09-08 19:22 10,752 --a------ C:\WINDOWS\system32\smtpapi.dll
2006-09-08 19:22 10,240 --a------ C:\WINDOWS\system32\aspperf.dll
2006-09-08 19:20 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2006-09-08 18:55 24,576 --a------ C:\WINDOWS\system32\STKIT432.DLL
2006-09-08 18:50 4,529,408 --a------ C:\WINDOWS\system32\nv4_disp.dll
2006-09-08 18:49 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2006-09-08 18:48 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2006-09-08 18:48 8,704 --a------ C:\WINDOWS\system32\batt.dll
2006-09-08 18:48 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2006-09-08 18:48 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2006-09-08 18:48 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2006-09-08 18:48 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2006-09-08 18:48 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2006-09-08 18:48 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdycc.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbduzb.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdur.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdtat.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdru1.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdru.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdkaz.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdbu.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdblr.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2006-09-08 18:48 5,632 -ra------ C:\WINDOWS\system32\kbdaze.dll
2006-09-08 18:48 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-09-08 18:48 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2006-09-08 18:48 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2006-09-08 18:48 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2006-09-08 18:48 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2006-09-08 18:30 57,344 --------- C:\WINDOWS\system32\mfc70enu.dll
2006-09-08 18:29 974,848 --a------ C:\WINDOWS\system32\mfc70.dll
2006-09-08 18:29 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll
2006-09-08 18:29 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll
2006-09-08 18:26 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-09-27 15:34 -------- d-------- C:\Program Files\Mozilla Firefox
2006-09-27 15:29 -------- d-------- C:\Program Files\HijackThis
2006-09-27 15:23 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-09-27 15:18 -------- d-------- C:\Program Files\Common Files
2006-09-27 15:09 -------- d-------- C:\Documents and Settings\Dave\Application Data\MailWasherPro
2006-09-27 14:53 -------- d-------- C:\Documents and Settings\Dave\Application Data\Adobe
2006-09-27 11:04 -------- d-------- C:\Documents and Settings\Dave\Application Data\Sonic
2006-09-27 11:03 -------- d-------- C:\Program Files\Common Files\PACE Anti-Piracy
2006-09-27 10:59 -------- d-------- C:\Program Files\Common Files\SureThing Shared
2006-09-27 10:59 -------- d-------- C:\Program Files\Common Files\Sonic
2006-09-27 10:58 -------- d-------- C:\Program Files\Sonic
2006-09-26 17:19 -------- d-------- C:\Program Files\CleanUp!
2006-09-25 15:03 -------- d-------- C:\Program Files\WinMediaCodec
2006-09-25 14:56 -------- d-------- C:\Program Files\Common Files\Adobe
2006-09-25 14:56 -------- d-------- C:\Program Files\Adobe
2006-09-25 14:41 -------- d-------- C:\Program Files\WebPosition 4
2006-09-24 17:04 -------- d-------- C:\Program Files\Registry Mechanic
2006-09-24 16:48 -------- d-------- C:\Documents and Settings\Dave\Application Data\InterTrust
2006-09-24 16:46 -------- d-------- C:\Documents and Settings\Dave\Application Data\Leadertech
2006-09-24 16:45 -------- d-------- C:\Documents and Settings\Dave\Application Data\AdobeUM
2006-09-24 16:45 -------- d-------- C:\Documents and Settings\Dave\Application Data\AdobeAUM
2006-09-24 16:35 -------- d-------- C:\Program Files\Yahoo!
2006-09-24 13:01 -------- d-------- C:\Program Files\Windows Media Player
2006-09-24 11:27 1557 --a------ C:\Documents and Settings\Dave\Application Data\AdobeDLM.log
2006-09-24 11:27 0 --a------ C:\Documents and Settings\Dave\Application Data\dm.ini
2006-09-22 12:03 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-09-22 12:03 -------- d-------- C:\Program Files\DeepSilver
2006-09-20 14:58 -------- d-------- C:\Program Files\Common Files\Adobe Systems Shared
2006-09-20 13:31 -------- d-------- C:\Program Files\WinRAR
2006-09-19 16:16 -------- d---s---- C:\Documents and Settings\Dave\Application Data\Microsoft
2006-09-19 16:16 -------- d-------- C:\Program Files\MSN Messenger
2006-09-19 16:16 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-09-19 13:54 -------- d-------- C:\Documents and Settings\Dave\Application Data\Sun
2006-09-19 13:53 -------- d-------- C:\Program Files\Java
2006-09-19 13:51 -------- d-------- C:\Program Files\Common Files\Java
2006-09-16 13:49 -------- d-------- C:\Program Files\Teamspeak2_RC2
2006-09-16 13:49 -------- d-------- C:\Documents and Settings\Dave\Application Data\teamspeak2
2006-09-15 11:23 -------- d-------- C:\Program Files\QuickTime
2006-09-10 14:47 -------- d-------- C:\Documents and Settings\Dave\Application Data\Macromedia
2006-09-09 17:46 673546 --a------ C:\Documents and Settings\Dave\Application Data\unins000.exe
2006-09-09 17:46 18546 --a------ C:\Documents and Settings\Dave\Application Data\unins000.dat
2006-09-09 17:46 -------- d-------- C:\Program Files\GroupMail 5
2006-09-09 16:12 -------- d-------- C:\Program Files\Ipswitch
2006-09-09 16:12 -------- d-------- C:\Documents and Settings\Dave\Application Data\Ipswitch
2006-09-09 16:11 -------- d-------- C:\Program Files\Common Files\InstallShield
2006-09-09 09:39 -------- d-------- C:\Documents and Settings\Dave\Application Data\McAfee
2006-09-09 02:00 -------- d-------- C:\Program Files\xerox
2006-09-09 02:00 -------- d-------- C:\Program Files\microsoft frontpage
2006-09-09 01:59 -------- d--h----- C:\Program Files\WindowsUpdate
2006-09-09 01:58 -------- d-------- C:\Program Files\NetMeeting
2006-09-09 01:58 -------- d-------- C:\Program Files\Movie Maker
2006-09-09 01:58 -------- d-------- C:\Program Files\Common Files\Services
2006-09-09 01:58 -------- d-------- C:\Program Files\Common Files\MSSoap
2006-09-09 01:57 -------- d-------- C:\Program Files\ComPlus Applications
2006-09-09 01:56 -------- d-------- C:\Program Files\Windows NT
2006-09-09 01:56 -------- d-------- C:\Program Files\MSN Gaming Zone
2006-09-09 01:56 -------- d-------- C:\Program Files\MSN
2006-09-08 21:59 -------- d-------- C:\Program Files\Internet Explorer
2006-09-08 21:43 -------- d-------- C:\Program Files\Creative
2006-09-08 21:42 -------- d-------- C:\Documents and Settings\Dave\Application Data\Creative
2006-09-08 21:31 -------- d-------- C:\Program Files\OfficeUpdate11
2006-09-08 21:16 -------- d-------- C:\Program Files\Common Files\System
2006-09-08 21:09 -------- d-------- C:\Program Files\Messenger
2006-09-08 21:03 -------- d-------- C:\Program Files\Hewlett-Packard
2006-09-08 21:02 -------- d-------- C:\Program Files\Outlook Express
2006-09-08 20:58 -------- d-------- C:\Program Files\Lexmark_7100 Series
2006-09-08 20:58 -------- d-------- C:\Program Files\Lexmark 7100 Series
2006-09-08 20:55 -------- d-------- C:\Documents and Settings\Dave\Application Data\McAfee.com Personal Firewall
2006-09-08 20:14 -------- d-------- C:\Program Files\CCP
2006-09-08 19:29 -------- d-------- C:\Program Files\McAfee.com
2006-09-08 19:29 -------- d-------- C:\Program Files\McAfee
2006-09-08 19:22 -------- d-------- C:\Program Files\Online Services
2006-09-08 19:20 -------- d-------- C:\Program Files\Microsoft.NET
2006-09-08 19:20 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-09-08 19:19 -------- d-------- C:\Program Files\Microsoft Office
2006-09-08 19:19 -------- d-------- C:\Program Files\Common Files\DESIGNER
2006-09-08 19:00 -------- d-------- C:\Program Files\FireTrust
2006-09-08 18:48 -------- d-------- C:\Program Files\Common Files\SpeechEngines
2006-09-08 18:48 -------- d-------- C:\Program Files\Common Files\ODBC
2006-09-08 18:47 62 --ahs---- C:\Documents and Settings\Dave\Application Data\desktop.ini
2006-09-08 18:30 -------- d-------- C:\Program Files\Macromedia
2006-09-08 18:30 -------- d-------- C:\Program Files\Common Files\Macromedia
2006-09-08 18:29 -------- d-------- C:\Program Files\Common Files\Macromedia Shared
2006-09-08 18:12 -------- d-------- C:\Documents and Settings\Dave\Application Data\Mozilla
2006-09-08 18:06 -------- d--h----- C:\Program Files\Uninstall Information
2006-09-08 18:06 -------- d-------- C:\Documents and Settings\Dave\Application Data\Identities
2006-08-21 10:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-07-21 09:24 72704 --a------ C:\WINDOWS\system32\hlink.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce\CTStartup]
"CTStartup"="\"C:\\Program Files\\Creative\\Splash Screen\\CTEaxSpl.EXE\" /play"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RegistryMechanic"=""
"VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe"
"OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\mcafee.com\\agent\\McUpdate.exe"
"MPFExe"="C:\\PROGRA~1\\McAfee.com\\PERSON~1\\MpfTray.exe"
"MPSExe"="c:\\PROGRA~1\\mcafee.com\\mps\\mscifapp.exe /embedding"
"MSKAGENTEXE"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MskAgent.exe"
"MSKDetectorExe"="C:\\PROGRA~1\\McAfee\\SPAMKI~1\\MSKDetct.exe /startup"
"LXBXCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\LXBXtime.dll,_RunDLLEntry@16"
"lxbxmon.exe"="\"C:\\Program Files\\Lexmark 7100 Series\\lxbxmon.exe\""
"EzPrint"="\"C:\\Program Files\\Lexmark 7100 Series\\ezprint.exe\""
"WINDVDPatch"="CTHELPER.EXE"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"Jet Detection"="\"C:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"CTStartup"="C:\\Program Files\\Creative\\Splash Screen\\CTEaxSpl.EXE /run"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"Disc Detector"="C:\\Program Files\\Creative\\ShareDLL\\CtNotify.exe"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"UpdateManager"="\"C:\\Program Files\\Common Files\\Sonic\\Update Manager\\sgtray.exe\" /r"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=hex:5f,00,00,00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
@=""
"NoDriveTypeAutoRun"=hex:5f,00,00,00
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Completion time: 27/09/2006 15:35:27.07
ComboFix.txt
ComboFix2.txt
ComboFix3.txt


HERE IS THE HJT LOG :

Logfile of HijackThis v1.99.1
Scan saved at 15:39:14, on 27/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Lexmark 7100 Series\ezprint.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\lxbxcoms.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\ShareDLL\MediaDet.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\HijackThis\ElvisLives.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0D93E5DB-660E-46D9-8C32-16A54007E21E} - (no file)
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: (no name) - {313E76EF-4AC1-4174-9F5A-6210B32AD8DF} - (no file)
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {79EEA737-C949-415D-89A2-29ECF9118851} - (no file)
O2 - BHO: (no name) - {810280A0-A5AA-487F-842F-D3EBDC258236} - (no file)
O2 - BHO: (no name) - {85B75BBE-C184-47FA-BE59-E7D85B3E96DF} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A9F75427-139B-4A82-B143-62A57ABC897E} - (no file)
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - (no file)
O2 - BHO: (no name) - {D8784CA3-8CE8-4134-B478-152630B57F82} - (no file)
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [LXBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxbxmon.exe] "C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7100 Series\ezprint.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: lxbx_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbxcoms.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


GLAD YOU KNOW WHAT YOU ARE LOOKING FOR BECAUSE IT ALL LOOKS TO COMPLICATED TO ME.

Cheers
Willidshome is offline