Thankyou for your continued support - I really appreciate it. Here is the ComboFix log:
ComboFix 07-08-30.3 - "-" 2007-09-06 10:30:02.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1570 [GMT 1:00]
* Created a new restore point
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\-\APPLIC~1\install.dat
C:\Program Files\s2f.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\dobe~1
C:\WINDOWS\system32\awtqo.dll
C:\WINDOWS\system32\awtsp.dll
C:\WINDOWS\system32\awtss.dll
C:\WINDOWS\system32\awvvs.dll
C:\WINDOWS\system32\awvvu.dll
C:\WINDOWS\system32\awvvv.dll
C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddcyw.dll
C:\WINDOWS\system32\ddcyx.dll
C:\WINDOWS\system32\gebcc.dll
C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\gebyw.dll
C:\WINDOWS\system32\gebyy.dll
C:\WINDOWS\system32\geebx.dll
C:\WINDOWS\system32\geeda.dll
C:\WINDOWS\system32\jkhfc.dll
C:\WINDOWS\system32\jkkjg.dll
C:\WINDOWS\system32\jkkjh.dll
C:\WINDOWS\system32\jkklj.dll
C:\WINDOWS\system32\mljjg.dll
C:\WINDOWS\system32\mljjk.dll
C:\WINDOWS\system32\mlljk.dll
C:\WINDOWS\system32\mllmk.dll
C:\WINDOWS\system32\mllmn.dll
C:\WINDOWS\system32\pmkhe.dll
C:\WINDOWS\system32\pmkjg.dll
C:\WINDOWS\system32\pmkjh.dll
C:\WINDOWS\system32\pmnno.dll
C:\WINDOWS\system32\ssqpq.dll
C:\WINDOWS\system32\ssqrq.dll
C:\WINDOWS\system32\ssttq.dll
C:\WINDOWS\system32\vtsqq.dll
C:\WINDOWS\system32\vtstu.dll
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-08-06 to 2007-09-06 )))))))))))))))))))))))))))))))
2007-09-06 10:32 298,016 --a------ C:\WINDOWS\system32\vtutu.dll.vir
2007-09-06 10:32 298,016 --a------ C:\WINDOWS\system32\vtstu.dll.vir
2007-09-06 10:32 298,016 --a------ C:\WINDOWS\system32\vtstt.dll.vir
2007-09-06 10:32 298,016 --a------ C:\WINDOWS\system32\vtsqq.dll.vir
2007-09-06 10:29 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-09-04 21:29 244,768 --a------ C:\WINDOWS\system32\ssqrp.dll
2007-09-03 18:16 244,768 --a------ C:\WINDOWS\system32\awtqr.dll
2007-09-03 17:15 244,768 --a------ C:\WINDOWS\system32\mljgg.dll
2007-09-03 13:15 244,768 --a------ C:\WINDOWS\system32\mlljg.dll
2007-09-03 12:15 298,016 --a------ C:\WINDOWS\system32\mlljj.dll
2007-09-03 11:15 298,016 --a------ C:\WINDOWS\system32\pmkhg.dll
2007-09-02 20:16 298,016 --a------ C:\WINDOWS\system32\jkhfg.dll
2007-09-02 17:39 298,016 --a------ C:\WINDOWS\system32\ssqro.dll
2007-09-01 22:00 298,016 --a------ C:\WINDOWS\system32\awvvt.dll
2007-09-01 19:00 298,016 --a------ C:\WINDOWS\system32\awtsr.dll
2007-09-01 13:00 244,768 --a------ C:\WINDOWS\system32\pmkhf.dll
2007-09-01 11:00 298,016 --a------ C:\WINDOWS\system32\vtutu.dll
2007-09-01 09:00 298,016 --a------ C:\WINDOWS\system32\ddcyy.dll
2007-09-01 08:00 298,016 --a------ C:\WINDOWS\system32\pmnnl.dll
2007-09-01 04:00 298,016 --a------ C:\WINDOWS\system32\ddccb.dll
2007-08-31 21:05 298,016 --a------ C:\WINDOWS\system32\ssqpp.dll
2007-08-31 19:05 298,016 --a------ C:\WINDOWS\system32\vtsqn.dll
2007-08-31 17:05 298,016 --a------ C:\WINDOWS\system32\geedd.dll
2007-08-31 16:14 <DIR> d-------- C:\Program Files\Mobius
2007-08-31 16:05 244,768 --a------ C:\WINDOWS\system32\geedc.dll
2007-08-31 15:05 298,016 --a------ C:\WINDOWS\system32\awtqp.dll
2007-08-31 13:05 298,016 --a------ C:\WINDOWS\system32\jkkjk.dll
2007-08-31 11:03 298,016 --a------ C:\WINDOWS\system32\geeba.dll
2007-08-31 10:03 298,016 --a------ C:\WINDOWS\system32\ddcca.dll
2007-08-31 09:03 298,016 --a------ C:\WINDOWS\system32\ssqpm.dll
2007-08-31 08:03 298,016 --a------ C:\WINDOWS\system32\vtstt.dll
2007-08-30 21:31 298,016 --a------ C:\WINDOWS\system32\geebb.dll
2007-08-30 20:31 298,016 --a------ C:\WINDOWS\system32\jkhhg.dll
2007-08-30 19:31 298,016 --a------ C:\WINDOWS\system32\gebca.dll
2007-08-30 18:31 244,768 --a------ C:\WINDOWS\system32\vtsqo.dll
2007-08-30 17:31 244,768 --a------ C:\WINDOWS\system32\ddabc.dll
2007-08-30 15:08 <DIR> d--h----- C:\WINDOWS\PIF
2007-08-30 11:28 <DIR> d-------- C:\Program Files\XoftSpySE
2007-08-30 10:49 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ParetoLogic Anti-Spyware
2007-08-30 10:33 <DIR> d-------- C:\{0000464D-0000-0000-22BF-2D35761CBBA6}
2007-08-30 08:38 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-08-30 08:10 <DIR> d-------- C:\VundoFix Backups
2007-08-29 09:43 913,408 --a------ C:\WINDOWS\system32\xreglib.dll
2007-08-29 08:58 <DIR> d-------- C:\DOCUME~1\-\APPLIC~1\Bitdefender
2007-08-29 08:44 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2007-08-29 08:40 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
2007-08-28 13:02 <DIR> d-------- C:\Program Files\Lavasoft
2007-08-28 13:02 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-28 13:02 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-08-27 11:29 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-08-26 11:00 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-08-26 09:48 <DIR> d-------- C:\WINDOWS\pss
2007-08-25 21:22 <DIR> d-------- C:\Program Files\GameSpy Arcade
2007-08-25 21:16 <DIR> d-------- C:\Program Files\EA GAMES
2007-08-25 20:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-25 20:14 <DIR> d-------- C:\DOCUME~1\-\.housecall6.6
2007-08-25 20:08 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-08-25 19:41 43,542 --a------ C:\WINDOWS\system32\ssqpoop.dll
2007-08-25 19:35 <DIR> d-------- C:\NVIDIA
2007-08-21 15:31 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
2007-08-21 15:31 <DIR> d-------- C:\DOCUME~1\-\APPLIC~1\MSN6
2007-08-17 16:41 88,520 --a------ C:\WINDOWS\system32\Stompdll.dll
2007-08-17 16:41 398,416 --a------ C:\WINDOWS\system32\VBRUN300.DLL
2007-08-16 21:32 <DIR> d-------- C:\Program Files\Ares
2007-08-15 20:56 8,192 --------- C:\WINDOWS\system32\CoachWrp.dll
2007-08-15 20:56 5,632 --------- C:\WINDOWS\system32\CoachSti.dll
2007-08-15 20:56 46,944 --------- C:\WINDOWS\system32\drivers\CoachUsb.sys
2007-08-15 20:56 44,256 --------- C:\WINDOWS\system32\drivers\CoachVc.sys
2007-08-15 20:56 41,984 --------- C:\WINDOWS\system32\CoachWia.dll
2007-08-15 20:56 32,768 --a------ C:\WINDOWS\system32\infcpy.dll
2007-08-15 20:56 2,560 --------- C:\WINDOWS\system32\CoachTW.dll
2007-08-15 20:56 16,896 --------- C:\WINDOWS\system32\CoachDlg.dll
2007-08-15 20:56 114,688 --------- C:\WINDOWS\system32\JpegCode.dll
2007-08-15 20:56 <DIR> d-------- C:\Program Files\Common Files\Digi338
2007-08-11 21:50 1,415,680 --a------ C:\WINDOWS\system32\wmv9vcm.dll
2007-08-11 21:45 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-08-11 18:53 81,408 -ra------ C:\WINDOWS\system32\drivers\Rtnicxp.sys
2007-08-11 18:53 <DIR> d-------- C:\WINDOWS\OPTIONS
2007-08-11 18:53 <DIR> d-------- C:\Program Files\Realtek
2007-08-10 22:50 <DIR> d-------- C:\Program Files\Exact Audio Copy
2007-08-10 22:43 <DIR> d-------- C:\WINDOWS\vbSkinner
2007-08-10 22:38 <DIR> d-------- C:\Program Files\PFConfig
2007-08-08 11:23 86,016 --a------ C:\WINDOWS\unvise32.exe
2007-08-07 21:28 <DIR> d-------- C:\Program Files\Quick Screen Recorder
2007-08-07 13:58 8,320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-08-07 13:56 9,344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-09-06 10:31 43542 --a------ C:\WINDOWS\system32\ssqpoop.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\vtsqn.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ssttq.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ssqro.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ssqpq.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ssqpp.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ssqpm.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\pmnno.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\pmnnl.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\pmkjg.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\pmkhg.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\mllmn.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\mllmk.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\mlljk.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\mlljj.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\jkkjk.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\jkkjh.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\jkkjg.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\jkhhg.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\jkhfg.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\jkhfc.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\geedd.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\geebx.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\geebb.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\geeba.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\gebyw.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\gebcy.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\gebcc.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\gebca.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ddcyy.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ddcyw.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ddccb.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ddcca.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\ddabb.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\awvvv.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\awvvu.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\awvvt.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\awvvs.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\awtss.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\awtsr.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\awtsp.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\awtqp.dll.vir
2007-09-06 10:31 298016 --a------ C:\WINDOWS\system32\awtqo.dll.vir
2007-09-05 23:31 --------- d-------- C:\DOCUME~1\-\APPLIC~1\uTorrent
2007-08-31 13:37 --------- d-------- C:\DOCUME~1\-\APPLIC~1\foobar2000
2007-08-29 09:41 77824 --a------ C:\WINDOWS\system32\xcomm.dll
2007-08-29 08:58 --------- d-------- C:\DOCUME~1\-\APPLIC~1\Bitdefender
2007-08-27 19:03 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-21 15:31 --------- d-------- C:\DOCUME~1\-\APPLIC~1\MSN6
2007-08-09 23:06 --------- d-------- C:\DOCUME~1\-\APPLIC~1\Apple Computer
2007-08-07 18:58 --------- d-------- C:\Program Files\MSN Messenger
2007-08-03 15:20 --------- d-------- C:\Program Files\Synth1
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 17:14 708608 --a------ C:\WINDOWS\system32\CDDBUIRoxio.dll
2007-07-30 17:14 62288 --a------ C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-07-30 17:14 57344 --a------ C:\WINDOWS\uneng.exe
2007-07-30 17:14 569344 --a------ C:\WINDOWS\system32\CDDBControlRoxio.dll
2007-07-30 17:14 49152 --a------ C:\WINDOWS\system32\INETWH32.dll
2007-07-30 17:14 49152 --a------ C:\WINDOWS\system32\cdrtc.dll
2007-07-30 17:14 45056 --a------ C:\WINDOWS\system32\cdral.dll
2007-07-30 17:14 23436 --a------ C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-07-30 17:14 1044480 --a------ C:\WINDOWS\system32\Roboex32.dll
2007-07-30 17:14 --------- d-------- C:\Program Files\Common Files\Adaptec Shared
2007-07-30 17:14 --------- d-------- C:\Program Files\Adaptec
2007-07-28 11:13 --------- d-------- C:\Program Files\Motorola Phone Tools
2007-07-28 11:13 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
2007-07-28 11:12 24192 --a------ C:\DOCUME~1\-\usbsermptxp.sys
2007-07-28 11:12 22768 --a------ C:\DOCUME~1\-\usbsermpt.sys
2007-07-27 19:46 --------- d-------- C:\Program Files\Plogue
2007-07-18 20:07 --------- d-------- C:\Program Files\QuickTime
2007-07-18 20:07 --------- d-------- C:\Program Files\iTunes
2007-07-18 20:07 --------- d-------- C:\Program Files\iPod
2007-07-18 20:07 --------- d-------- C:\Program Files\Apple Software Update
2007-07-18 20:07 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-07-18 20:06 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-07-11 21:25 --------- d-------- C:\Program Files\Common Files\Digidesign
2007-07-11 21:21 --------- d-------- C:\DOCUME~1\-\APPLIC~1\WinRAR
2007-07-11 14:37 6272 --a------ C:\WINDOWS\system32\drivers\AWRTPD.sys
2007-07-08 17:20 --------- d-------- C:\Program Files\foobar2000
2007-06-26 07:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-19 14:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-13 11:23 1033216 --a------ C:\WINDOWS\explorer.exe
2006-11-26 22:27 30589023 --a------ C:\DOCUME~1\-\GuitarRig 2.exe
2006-09-22 16:00 935362 --a------ C:\DOCUME~1\-\Rig Kontrol 2 Driver Setup.exe
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{67253FB7-6F82-485E-9CFF-81F0BE6833F6}]
C:\WINDOWS\system32\jkhhh.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2006-08-30 18:51]
"nwiz"="nwiz.exe" []
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2006-08-30 18:51]
"CTHelper"="CTHELPER.EXE" [2006-05-24 05:20 C:\WINDOWS\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-05-24 05:20 C:\WINDOWS\system32\CTXFIHLP.EXE]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]
"AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-08-29 09:42]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-08-29 09:42]
"SpyHunter"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe" [2007-08-30 14:10]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 15:30]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:56]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-08-07 18:58]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winowl32]
winowl32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=sockspy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemOptimizer]
R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys
R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys
R3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver;C:\WINDOWS\system32\Drivers\tascusb2.sys
R3 TASCAM_US122L_MIDI;TASCAM US-122L WDM MIDI Device;C:\WINDOWS\system32\drivers\tscusb2m.sys
R3 TASCAM_US122L_WDM;TASCAM US-122L WDM;C:\WINDOWS\system32\drivers\tscusb2a.sys
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;\??\C:\PROGRA~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS
S3 DSCVc;Video Capture;C:\WINDOWS\system32\DRIVERS\CoachVc.sys
S3 emusba10;E-MU USB-Audio 1.0 Driver;C:\WINDOWS\system32\DRIVERS\emusba10.sys
S3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys
S3 MA_CMIDI;M-Audio USB Driver;C:\WINDOWS\system32\drivers\ma_cmidi.sys
Contents of the 'Scheduled Tasks' folder
2007-08-31 16:40:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-09-04 17:00:00 C:\WINDOWS\Tasks\Pareto UNS.job - C:\Program Files\Common Files\ParetoLogic\UUS\UUS.dll\Pareto_Update.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-09-06 10:36:23
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-09-06 10:37:32 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-06 10:37
--- E O F ---
---------------------------------------------------------
Next I have the HiJackThis log:
-----------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 10:43:07, on 06/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\Belkinwcui.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67253FB7-6F82-485E-9CFF-81F0BE6833F6} - C:\WINDOWS\system32\jkhhh.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Belkin Wireless Utility.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resour ... se8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupda ... 0349849523
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftup ... 0351403077
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{23DBDD94-C9D5-4C69-A847-AE5849886600}: NameServer = 194.168.4.100
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winowl32 - winowl32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)