Ok found it, here you go. Thanks.
ComboFix 10-06-27.03 - Buckaroo 06/27/2010 19:07:18.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3574.2858 [GMT -7:00]
Running from: c:\documents and settings\Buckaroo\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Buckaroo\Desktop\CFScript.txt
FILE ::
"c:\documents and settings\Buckaroo\My Documents\My Progies\BitDefender Antivirus 2010\bitdefender_antivirus_2010_32b.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Buckaroo\My Documents\My Progies\BitDefender Antivirus 2010\bitdefender_antivirus_2010_32b.exe
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\crude.nfo
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\cxx2263a\crude.nfo
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\cxx2263a\cxx2263a\crd.exe
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\cxx2263a\cxx2263a\crd_losa.jpg
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\cxx2263a\cxx2263a\crude.jpg
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\cxx2263a\cxx2263a\setup\RegistryWinner_Setup.exe
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\cxx2263a\cxx2263a\Thumbs.db
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\cxx2263a\file_id.diz
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\file_id.diz
c:\documents and settings\Buckaroo\My Documents\My Videos\ALikeT.Software.Registry.Winner.v5.7.3.10.Multilingual.WinAll.Incl.Keygen.and.Patch-CRD\
www.TorrentDay.com.txt
c:\program files\Registry Winner
c:\program files\Registry Winner\AutoBackup\AutoBackup20100322114907.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100328172408.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100501205616.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100515200326.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100522200052.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100523114530.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100523122006.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100523122820.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100605205837.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100612201954.zip
c:\program files\Registry Winner\AutoBackup\AutoBackup20100617171820.zip
c:\program files\Registry Winner\Language\Arabic.ini
c:\program files\Registry Winner\Language\Bulgarian.ini
c:\program files\Registry Winner\Language\Chinese(Simplified).ini
c:\program files\Registry Winner\Language\Chinese(Traditional).ini
c:\program files\Registry Winner\Language\Czech.ini
c:\program files\Registry Winner\Language\Dutch.ini
c:\program files\Registry Winner\Language\English.ini
c:\program files\Registry Winner\Language\French.ini
c:\program files\Registry Winner\Language\German.ini
c:\program files\Registry Winner\Language\Hungarian.ini
c:\program files\Registry Winner\Language\Italian.ini
c:\program files\Registry Winner\Language\Japanese.ini
c:\program files\Registry Winner\Language\Korean.ini
c:\program files\Registry Winner\Language\Nederlands.ini
c:\program files\Registry Winner\Language\Norwegian.ini
c:\program files\Registry Winner\Language\Norwegian2.ini
c:\program files\Registry Winner\Language\Polish.ini
c:\program files\Registry Winner\Language\Portuguese(pt).ini
c:\program files\Registry Winner\Language\Romanian.ini
c:\program files\Registry Winner\Language\Russian.ini
c:\program files\Registry Winner\Language\Slovak.ini
c:\program files\Registry Winner\Language\Spanish.ini
c:\program files\Registry Winner\Language\Swedish.ini
c:\program files\Registry Winner\Language\Turkish.ini
c:\program files\Registry Winner\Language\Ukrainian.ini
c:\program files\Registry Winner\License.txt
c:\program files\Registry Winner\manual.chm
c:\program files\Registry Winner\reg.ini
c:\program files\Registry Winner\RegistryWinner.exe
c:\program files\Registry Winner\RegistryWinner.exe.bak
c:\program files\Registry Winner\RegistryWinner.url
c:\program files\Registry Winner\RWCleaner.dll
c:\program files\Registry Winner\RWOptimizer.dll
c:\program files\Registry Winner\RWOptimizer.ini
c:\program files\Registry Winner\Settings.ini
c:\program files\Registry Winner\unins000.dat
c:\program files\Registry Winner\unins000.exe
c:\program files\Registry Winner\Update.exe
c:\program files\Registry Winner\Utilities\Favorites\Andkon Arcade 1000+ Free Flash Games.url
c:\program files\Registry Winner\Utilities\Favorites\Bloons Tower Defense 3 - NinjaKiwi.url
c:\program files\Registry Winner\Utilities\Favorites\Cartoon Network Free Games and Online Video from Ben 10, Star Wars and Total Drama Action!.url
c:\program files\Registry Winner\Utilities\Favorites\Christmas Specials RevolutionTT To Open Signups THE source for BitTorrent & P2P Tips, Tricks and Info. FileShareFreak.url
c:\program files\Registry Winner\Utilities\Favorites\Cooperation 1000+ Free Flash Games Andkon Arcade.url
c:\program files\Registry Winner\Utilities\Favorites\Count Dracula Cartoon - Cartooning For Kids - Activity TV.url
c:\program files\Registry Winner\Utilities\Favorites\Desktop.ini
c:\program files\Registry Winner\Utilities\Favorites\Equivalent fractions -- A complete course in arithmetic.url
c:\program files\Registry Winner\Utilities\Favorites\Favorites 2\QuickSilverScreen - Watch Movies Online Free.url
c:\program files\Registry Winner\Utilities\Favorites\Favorites 2\Real Estate Listings, Homes for Sale and Rental Property Listings – REALTOR.com®.url
c:\program files\Registry Winner\Utilities\Favorites\Favorites 2\T. Rowe Price Retirement Plan Services ~ My Retirement Plan.url
c:\program files\Registry Winner\Utilities\Favorites\Favorites 2\Watch Free Movies Online.url
c:\program files\Registry Winner\Utilities\Favorites\Favorites 2\Yello All - BTRealm.net - BitTorrent Discussion Forum.url
c:\program files\Registry Winner\Utilities\Favorites\FETCH! . Germinator PBS KIDS GO!.url
c:\program files\Registry Winner\Utilities\Favorites\General Discussion - Forum Powered by Social Strata.url
c:\program files\Registry Winner\Utilities\Favorites\General Discussion - SEGA Forum.url
c:\program files\Registry Winner\Utilities\Favorites\Grow Cube 1000+ Free Flash Games Andkon Arcade.url
c:\program files\Registry Winner\Utilities\Favorites\Links\Cooperation 1000+ Free Flash Games Andkon Arcade.url
c:\program files\Registry Winner\Utilities\Favorites\Links\desktop.ini
c:\program files\Registry Winner\Utilities\Favorites\Links\Free Hotmail.url
c:\program files\Registry Winner\Utilities\Favorites\Links\headspin Storybook - New Puzzle game on Ninja Kiwi.url
c:\program files\Registry Winner\Utilities\Favorites\Links\Suggested Sites.url
c:\program files\Registry Winner\Utilities\Favorites\Links\Web Slice Gallery.url
c:\program files\Registry Winner\Utilities\Favorites\Mario Adventure 2 1000+ Free Flash Games Andkon Arcade.url
c:\program files\Registry Winner\Utilities\Favorites\Microsoft ISA Server 2006.url
c:\program files\Registry Winner\Utilities\Favorites\Microsoft Websites\IE Add-on site.url
c:\program files\Registry Winner\Utilities\Favorites\Microsoft Websites\IE site on Microsoft.com.url
c:\program files\Registry Winner\Utilities\Favorites\Microsoft Websites\Microsoft At Home.url
c:\program files\Registry Winner\Utilities\Favorites\Microsoft Websites\Microsoft At Work.url
c:\program files\Registry Winner\Utilities\Favorites\Microsoft Websites\Microsoft Store.url
c:\program files\Registry Winner\Utilities\Favorites\mission san carlos borromeo de carmelo - Google Search.url
c:\program files\Registry Winner\Utilities\Favorites\Mortgage Calculator Payment Calculators by Bankrate.com.url
c:\program files\Registry Winner\Utilities\Favorites\MSN.com.url
c:\program files\Registry Winner\Utilities\Favorites\NeighborWorks® America Strengthening Communities and Transforming Lives.url
c:\program files\Registry Winner\Utilities\Favorites\NickJr.com--Play to Learn with Dora the Explorer, Blue's Clues, Little Bill and More!.url
c:\program files\Registry Winner\Utilities\Favorites\Playhouse Disney Disney.url
c:\program files\Registry Winner\Utilities\Favorites\Preschool Games Kids Games for Preschoolers Online Nick Jr Games.url
c:\program files\Registry Winner\Utilities\Favorites\PSI Online - One stop Solution for Test Takers.url
c:\program files\Registry Winner\Utilities\Favorites\Purdue OWL.url
c:\program files\Registry Winner\Utilities\Favorites\Radio Station Guide.url
c:\program files\Registry Winner\Utilities\Favorites\Real Estate, Homes for Sale & Real Estate Values - Zillow.url
c:\program files\Registry Winner\Utilities\Favorites\Sonic Speed Spotter 1000+ Free Flash Games Andkon Arcade.url
c:\program files\Registry Winner\Utilities\Favorites\Speedtest.net - The Global Broadband Speed Test.url
c:\program files\Registry Winner\Utilities\Favorites\THE BUNKER - Welcome to our gaming discussion site, veteran Chromehounds players welcome..url
c:\program files\Registry Winner\Utilities\Favorites\This is the Only Level TOO 1000+ Free Flash Games Andkon Arcade.url
c:\program files\Registry Winner\Utilities\Favorites\This is the Only Level.url
c:\program files\Registry Winner\Utilities\Favorites\Toss the Turtle 1000+ Free Flash Games Andkon Arcade.url
c:\program files\Registry Winner\Utilities\Favorites\Ubisoft to make Chrome Hounds 2 - Topic Powered by Social Strata.url
c:\program files\Registry Winner\Utilities\Favorites\Welcome to Petpet Park - What's New.url
c:\program files\Registry Winner\Utilities\Startup.dat
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((( Files Created from 2010-05-28 to 2010-06-28 )))))))))))))))))))))))))))))))
.
2010-06-28 01:46 . 2010-06-28 01:46 53632 ----a-w- c:\documents and settings\Buckaroo\Application Data\Macromedia\Flash Player\
www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-06-28 01:45 . 2010-06-28 01:45 71680 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2010-06-27 11:03 . 2010-06-27 11:03 3248280 ----a-w- c:\documents and settings\All Users\Application Data\ParetoLogic\UUS2\DriverCure\Temp\Update.exe
2010-06-26 23:30 . 2008-04-14 12:42 13824 ----a-w- c:\windows\system32\wscntfy.exe
2010-06-26 23:30 . 2008-04-14 12:42 59904 ----a-w- c:\windows\system32\regsvc.dll
2010-06-26 23:30 . 2001-08-17 20:47 4224 ----a-w- c:\windows\system32\drivers\beep.sys
2010-06-26 18:49 . 2010-06-26 18:49 -------- d-----w- c:\windows\SysWOW64
2010-06-26 18:48 . 2010-06-26 18:48 -------- d-----w- c:\program files\Wondershare
2010-06-26 18:22 . 2010-06-26 18:22 -------- d-----w- c:\documents and settings\Buckaroo\Application Data\TotalRecorder
2010-06-26 18:21 . 2010-04-13 00:13 91728 ----a-w- c:\windows\system32\drivers\TotRec8.sys
2010-06-26 18:21 . 2010-04-13 00:12 131664 ----a-w- c:\windows\system32\drivers\TotRec7.sys
2010-06-26 18:21 . 2010-06-26 18:21 -------- d-----w- c:\program files\HighCriteria
2010-06-26 18:21 . 2010-03-04 00:07 106496 ----a-w- c:\windows\system32\DrvTrNTl.dll
2010-06-26 18:21 . 2010-04-13 00:12 61520 ----a-w- c:\windows\system32\DrvTrNTm.dll
2010-06-23 23:08 . 2010-06-23 23:08 -------- d-----w- c:\program files\ESET
2010-06-23 17:03 . 2010-06-23 17:03 -------- d--h--w- c:\windows\msdownld.tmp
2010-06-23 15:05 . 2010-06-23 15:05 -------- d-----w- c:\windows\system32\wbem\snmp
2010-06-23 15:05 . 2010-06-23 15:05 -------- d-----w- c:\windows\system32\xircom
2010-06-23 15:05 . 2010-06-23 15:05 -------- d-----w- c:\windows\srchasst
2010-06-23 15:05 . 2010-06-23 15:05 -------- d-----w- c:\program files\microsoft frontpage
2010-06-13 05:03 . 2010-06-13 06:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-13 05:03 . 2010-06-13 05:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-12 02:45 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-12 02:45 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-12 01:56 . 2010-06-12 01:56 -------- d-----w- c:\documents and settings\Buckaroo\Application Data\Malwarebytes
2010-06-12 01:56 . 2010-06-12 02:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-12 01:56 . 2010-06-12 01:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-08 07:39 . 2010-06-08 07:39 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-06-05 05:01 . 2010-06-05 05:01 -------- d-----w- c:\documents and settings\Buckaroo\LocalLow
2010-06-05 05:01 . 2010-06-05 05:01 -------- d-----w- c:\documents and settings\Buckaroo\Local Settings\Application Data\TVU Networks
2010-06-05 05:01 . 2010-06-05 05:01 -------- d-----w- c:\documents and settings\All Users\Application Data\TVU Networks
2010-06-05 04:25 . 2010-06-05 04:25 -------- d-----w- c:\program files\P2PFilter
2010-06-05 01:00 . 2010-06-06 04:54 -------- d-----w- c:\documents and settings\Buckaroo\Application Data\PPStream
2010-06-05 01:00 . 2010-06-06 05:47 -------- d-----w- c:\program files\PPStream
2010-06-05 00:58 . 2010-06-05 00:58 -------- d-----w- c:\windows\system32\TVUAx
2010-06-05 00:39 . 2010-06-05 00:55 -------- d-----w- c:\documents and settings\Buckaroo\Local Settings\Application Data\Readon_Technology
2010-06-05 00:38 . 2010-06-05 00:38 5430 ----a-r- c:\documents and settings\Buckaroo\Application Data\Microsoft\Installer\{3EE385C4-78B0-4952-9620-BBB8ABB7F9F7}\_C168C5BBFF7E50CC658672.exe
2010-06-05 00:38 . 2010-06-05 00:38 5430 ----a-r- c:\documents and settings\Buckaroo\Application Data\Microsoft\Installer\{3EE385C4-78B0-4952-9620-BBB8ABB7F9F7}\_91CAA3E5EC9D896D4FFA61.exe
2010-06-05 00:38 . 2010-06-05 00:38 5430 ----a-r- c:\documents and settings\Buckaroo\Application Data\Microsoft\Installer\{3EE385C4-78B0-4952-9620-BBB8ABB7F9F7}\_6FEFF9B68218417F98F549.exe
2010-06-05 00:38 . 2010-06-05 00:38 -------- d-----w- c:\program files\Readon Technology
2010-06-02 20:35 . 2010-06-02 20:35 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-28 02:28 . 2009-12-25 19:13 -------- d-----w- c:\program files\PeerBlock
2010-06-28 02:01 . 2010-01-31 03:31 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-06-28 01:56 . 2010-01-31 03:34 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-28 01:46 . 2010-01-31 03:33 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-06-28 01:46 . 2010-01-31 03:33 53632 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\
www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-06-27 11:03 . 2010-04-18 00:28 -------- d-----w- c:\program files\Common Files\ParetoLogic
2010-06-27 11:03 . 2010-04-17 23:55 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2010-06-23 15:11 . 2010-05-25 14:44 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtb3.tmp.exe
2010-06-22 23:36 . 2010-03-29 03:57 -------- d-----w- c:\program files\Sonne DVD Burner
2010-06-13 00:01 . 2010-01-10 00:44 -------- d-----w- c:\documents and settings\Buckaroo\Application Data\vlc
2010-06-04 08:08 . 2010-04-17 23:55 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure
2010-06-02 19:44 . 2010-04-18 01:12 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2010-05-26 03:39 . 2010-05-26 03:39 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJEGV
2010-05-16 11:28 . 2009-12-21 22:09 -------- d-----w- c:\program files\Google
2010-05-15 20:48 . 2009-12-21 21:56 -------- d-----w- c:\program files\Common Files\InstallShield
2010-05-15 20:48 . 2009-12-21 21:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-03 16:00 . 2010-05-03 16:00 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonIJScan
2010-05-03 16:00 . 2010-05-03 16:00 -------- d-----w- c:\documents and settings\Buckaroo\Application Data\Canon
2010-04-18 07:33 . 2010-04-18 07:33 125952 ----a-w- c:\documents and settings\All Users\Application Data\ParetoLogic\UUS2\Temp\Update.exe
.
------- Sigcheck -------
[-] 2008-05-13 . 68F06FE0021B01E670AF37B8C5964FDF . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-06-23_07.41.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-26 18:49 . 2009-06-15 21:31 53299 c:\windows\SysWOW64\pthreadVC.dll
+ 2010-06-26 18:49 . 2009-06-15 21:31 88704 c:\windows\SysWOW64\Packet.dll
+ 2010-06-28 01:46 . 2010-06-28 01:46 28160 c:\windows\Installer\443c667.msi
+ 2010-06-26 18:49 . 2009-06-15 21:31 240248 c:\windows\SysWOW64\wpcap.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 21:02 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-28 152872]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2009-09-28 1524824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-03-18 2046816]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-12 483422]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-07 1848648]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-12-12 722256]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-4-5 494920]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-12-22 02:56 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=DrvTrNTm.dll
"wave"=DrvTrNTm.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Adobe\\Acrobat_com\\Acrobat_com.exe"=
"c:\\Program Files\\Nero\\Nero ControlCenter 4\\ncc.exe"=
"c:\\Program Files\\ParetoLogic\\DriverCure\\DriverCure.exe"=
"c:\\Program Files\\Readon Technology\\Readon TV Movie Radio Player 7.0.0.0\\internettv.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [12/21/2009 7:19 PM 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12/21/2009 7:19 PM 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12/21/2009 7:19 PM 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [12/21/2009 7:19 PM 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [12/21/2009 7:19 PM 297752]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/11/2010 7:45 PM 304464]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/11/2010 7:45 PM 20952]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [12/25/2009 12:13 PM 14424]
R3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [6/26/2010 11:21 AM 131664]
R3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys [6/26/2010 11:21 AM 91728]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/13/2010 12:12 PM 135664]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 5:49 AM 227232]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - PBFILTER
.
Contents of the 'Scheduled Tasks' folder
2010-06-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 20:34]
2010-06-18 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2010-06-17 21:28]
2010-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-13 19:12]
2010-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-13 19:12]
2010-06-28 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]
2010-06-28 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 21:30]
2010-06-27 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -
AddRemove-Registry Winner_is1 - c:\program files\Registry Winner\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-06-27 19:25
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2872)
c:\windows\system32\ieframe.dll
c:\windows\system32\msls31.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\idt\intelxpv_v103\wdm\STacSV.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\progra~1\AVG\AVG8\avgam.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\windows\system32\wdfmgr.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
.
**************************************************************************
.
Completion time: 2010-06-27 19:32:40 - machine was rebooted
ComboFix-quarantined-files.txt 2010-06-28 02:32
ComboFix2.txt 2010-06-23 22:49
ComboFix3.txt 2010-06-23 07:45
Pre-Run: 43,203,731,456 bytes free
Post-Run: 43,320,963,072 bytes free
- - End Of File - - 1AD448664B167E14878B4D015F0BB0E2