Ok the combfix log.... This isn't sounding very good....
"Rob" - 2007-06-07 20:20:55 Service Pack 2 NTFS
ComboFix 07-06-3B - Running from: "C:\Documents and Settings\Rob\Desktop\"
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Rob\APPLIC~1.\macromedia\Flash Player\#SharedObjects\ZK6LT5RB\
www.broadcaster.com
C:\DOCUME~1\Rob\APPLIC~1.\macromedia\Flash Player\#SharedObjects\ZK6LT5RB\
www.broadcaster.com\played_list.sol
C:\DOCUME~1\Rob\APPLIC~1.\macromedia\Flash Player\#SharedObjects\ZK6LT5RB\
www.broadcaster.com\video_queue.sol
C:\DOCUME~1\Rob\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#
www.broadcaster.com
C:\DOCUME~1\Rob\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#
www.broadcaster.com\settings.sol
C:\WINDOWS\system32\drivers\fad.sys
((((((((((((((((((((((((( Files Created from 2007-05-08 to 2007-06-08 )))))))))))))))))))))))))))))))
2007-06-05 21:15 <DIR> d-------- C:\Program Files\Spb Software House
2007-06-05 07:00 <DIR> d-------- C:\WINDOWS\Prefetch
2007-06-04 21:11 4,569 --------- C:\WINDOWS\SYSTEM32\secupd.dat
2007-06-04 20:06 614,912 --a------ C:\WINDOWS\SYSTEM32\h323msp.dll
2007-06-04 20:06 331,264 --a------ C:\WINDOWS\SYSTEM32\ipnathlp.dll
2007-06-04 19:15 1,082,368 --a------ C:\WINDOWS\SYSTEM32\esent.dll
2007-06-04 18:47 351,232 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll
2007-06-04 18:47 18,944 --a------ C:\WINDOWS\SYSTEM32\qmgrprxy.dll
2007-06-02 21:48 3,968 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys
2007-06-02 21:19 <DIR> d-------- C:\VundoFix Backups
2007-06-02 19:11 24,661 --a------ C:\WINDOWS\SYSTEM32\spxcoins.dll
2007-06-02 19:11 13,312 --a------ C:\WINDOWS\SYSTEM32\irclass.dll
2007-06-02 17:21 81,920 --a------ C:\WINDOWS\SYSTEM32\isign32.dll
2007-06-02 17:21 73,728 --a------ C:\WINDOWS\SYSTEM32\icwdial.dll
2007-06-02 17:21 65,536 --a------ C:\WINDOWS\SYSTEM32\icwphbk.dll
2007-06-02 17:21 48,128 --a------ C:\WINDOWS\SYSTEM32\inetres.dll
2007-06-02 17:21 45,568 --a------ C:\WINDOWS\SYSTEM32\safrslv.dll
2007-06-02 17:21 43,520 --a------ C:\WINDOWS\SYSTEM32\safrcdlg.dll
2007-06-02 17:21 43,520 --a------ C:\WINDOWS\SYSTEM32\racpldlg.dll
2007-06-02 17:21 32,768 --a------ C:\WINDOWS\SYSTEM32\mnmsrvc.exe
2007-06-02 17:21 32,768 --a------ C:\WINDOWS\SYSTEM32\isrdbg32.dll
2007-06-02 17:21 29,696 --a------ C:\WINDOWS\SYSTEM32\safrdm.dll
2007-06-02 17:21 274,432 --a------ C:\WINDOWS\SYSTEM32\inetcfg.dll
2007-06-02 17:20 81,920 --a------ C:\WINDOWS\SYSTEM32\ils.dll
2007-06-02 17:20 73,472 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sr.sys
2007-06-02 17:20 69,632 --a------ C:\WINDOWS\SYSTEM32\msconf.dll
2007-06-02 17:20 679,424 --a------ C:\WINDOWS\SYSTEM32\inetcomm.dll
2007-06-02 17:20 67,584 --a------ C:\WINDOWS\SYSTEM32\srclient.dll
2007-06-02 17:20 382,464 --a------ C:\WINDOWS\SYSTEM32\qmgr.dll
2007-06-02 17:20 34,560 --a------ C:\WINDOWS\SYSTEM32\mnmdd.dll
2007-06-02 17:20 28,672 --a------ C:\WINDOWS\SYSTEM32\nmmkcert.dll
2007-06-02 17:20 274,944 --a------ C:\WINDOWS\SYSTEM32\mstask.dll
2007-06-02 17:20 252,928 --a------ C:\WINDOWS\SYSTEM32\msoeacct.dll
2007-06-02 17:20 239,104 --a------ C:\WINDOWS\SYSTEM32\srrstr.dll
2007-06-02 17:20 190,976 --a------ C:\WINDOWS\SYSTEM32\schedsvc.dll
2007-06-02 17:20 170,496 --a------ C:\WINDOWS\SYSTEM32\srsvc.dll
2007-06-02 17:20 12,288 --a------ C:\WINDOWS\SYSTEM32\mstinit.exe
2007-06-02 17:20 105,984 --a------ C:\WINDOWS\SYSTEM32\msoert2.dll
2007-06-02 17:19 183,808 --a------ C:\WINDOWS\SYSTEM32\accwiz.exe
2007-06-02 17:18 97,792 --a------ C:\WINDOWS\SYSTEM32\comrepl.dll
2007-06-02 17:18 956,416 --a------ C:\WINDOWS\SYSTEM32\msdtctm.dll
2007-06-02 17:18 93,696 --a------ C:\WINDOWS\SYSTEM32\tscfgwmi.dll
2007-06-02 17:18 87,176 --a------ C:\WINDOWS\SYSTEM32\rdpwsx.dll
2007-06-02 17:18 85,504 --a------ C:\WINDOWS\SYSTEM32\catsrvps.dll
2007-06-02 17:18 8,704 --a------ C:\WINDOWS\SYSTEM32\fxsperf.dll
2007-06-02 17:18 72,192 --a------ C:\WINDOWS\SYSTEM32\fxscom.dll
2007-06-02 17:18 67,072 --a------ C:\WINDOWS\SYSTEM32\rdshost.exe
2007-06-02 17:18 655,360 --a------ C:\WINDOWS\SYSTEM32\mstscax.dll
2007-06-02 17:18 625,152 --a------ C:\WINDOWS\SYSTEM32\catsrvut.dll
2007-06-02 17:18 62,464 --a------ C:\WINDOWS\SYSTEM32\rdpclip.exe
2007-06-02 17:18 60,416 --a------ C:\WINDOWS\SYSTEM32\remotepg.dll
2007-06-02 17:18 6,656 --a------ C:\WINDOWS\SYSTEM32\wuauserv.dll
2007-06-02 17:18 6,656 --a------ C:\WINDOWS\SYSTEM32\fxsres.dll
2007-06-02 17:18 6,144 --a------ C:\WINDOWS\SYSTEM32\msdtc.exe
2007-06-02 17:18 58,880 --a------ C:\WINDOWS\SYSTEM32\msdtclog.dll
2007-06-02 17:18 58,880 --a------ C:\WINDOWS\SYSTEM32\licwmi.dll
2007-06-02 17:18 562,176 --a------ C:\WINDOWS\SYSTEM32\fxsst.dll
2007-06-02 17:18 56,320 --a------ C:\WINDOWS\SYSTEM32\servdeps.dll
2007-06-02 17:18 55,296 --a------ C:\WINDOWS\SYSTEM32\fxsevent.dll
2007-06-02 17:18 540,160 --a------ C:\WINDOWS\SYSTEM32\comuid.dll
2007-06-02 17:18 538,624 --a------ C:\WINDOWS\SYSTEM32\spider.exe
2007-06-02 17:18 452,096 --a------ C:\WINDOWS\SYSTEM32\fxsapi.dll
2007-06-02 17:18 44,544 --a------ C:\WINDOWS\SYSTEM32\tscupgrd.exe
2007-06-02 17:18 426,496 --a------ C:\WINDOWS\SYSTEM32\msdtcprx.dll
2007-06-02 17:18 407,552 --a------ C:\WINDOWS\SYSTEM32\mstsc.exe
2007-06-02 17:18 400,384 --a------ C:\WINDOWS\SYSTEM32\fxsxp32.dll
2007-06-02 17:18 397,312 --a------ C:\WINDOWS\SYSTEM32\fxstiff.dll
2007-06-02 17:18 38,912 --a------ C:\WINDOWS\SYSTEM32\cfgbkend.dll
2007-06-02 17:18 343,040 --a------ C:\WINDOWS\SYSTEM32\mspaint.exe
2007-06-02 17:18 295,424 --a------ C:\WINDOWS\SYSTEM32\termsrv.dll
2007-06-02 17:18 285,184 --a------ C:\WINDOWS\SYSTEM32\fxscomex.dll
2007-06-02 17:18 27,136 --a------ C:\WINDOWS\SYSTEM32\fxsdrv.dll
2007-06-02 17:18 267,776 --a------ C:\WINDOWS\SYSTEM32\fxssvc.exe
2007-06-02 17:18 246,272 --a------ C:\WINDOWS\SYSTEM32\fxst30.dll
2007-06-02 17:18 23,552 --a------ C:\WINDOWS\SYSTEM32\fxsmon.dll
2007-06-02 17:18 23,552 --a------ C:\WINDOWS\SYSTEM32\fxsext32.dll
2007-06-02 17:18 229,376 --a------ C:\WINDOWS\SYSTEM32\fxscover.exe
2007-06-02 17:18 225,792 --a------ C:\WINDOWS\SYSTEM32\catsrv.dll
2007-06-02 17:18 21,896 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\tdtcp.sys
2007-06-02 17:18 20,480 --a------ C:\WINDOWS\SYSTEM32\qprocess.exe
2007-06-02 17:18 196,864 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\rdpdr.sys
2007-06-02 17:18 192,512 --a------ C:\WINDOWS\SYSTEM32\fxswzrd.dll
2007-06-02 17:18 19,968 --a------ C:\WINDOWS\SYSTEM32\rdpsnd.dll
2007-06-02 17:18 185,344 --a------ C:\WINDOWS\SYSTEM32\cmprops.dll
2007-06-02 17:18 17,408 --a------ C:\WINDOWS\SYSTEM32\mmfutil.dll
2007-06-02 17:18 161,280 --a------ C:\WINDOWS\SYSTEM32\msdtcuiu.dll
2007-06-02 17:18 154,112 --a------ C:\WINDOWS\SYSTEM32\fxsui.dll
2007-06-02 17:18 147,968 --a------ C:\WINDOWS\SYSTEM32\rdchost.dll
2007-06-02 17:18 143,360 --a------ C:\WINDOWS\SYSTEM32\fxsclnt.exe
2007-06-02 17:18 140,800 --a------ C:\WINDOWS\SYSTEM32\sessmgr.exe
2007-06-02 17:18 139,528 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\rdpwd.sys
2007-06-02 17:18 131,584 --a------ C:\WINDOWS\SYSTEM32\sndrec32.exe
2007-06-02 17:18 13,824 --a------ C:\WINDOWS\SYSTEM32\rdsaddin.exe
2007-06-02 17:18 124,184 --a------ C:\WINDOWS\SYSTEM32\wuauclt.exe
2007-06-02 17:18 123,392 --a------ C:\WINDOWS\SYSTEM32\mplay32.exe
2007-06-02 17:18 12,040 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\tdpipe.sys
2007-06-02 17:18 110,080 --a------ C:\WINDOWS\SYSTEM32\clbcatex.dll
2007-06-02 17:18 11,776 --a------ C:\WINDOWS\SYSTEM32\xolehlp.dll
2007-06-02 17:18 11,264 --a------ C:\WINDOWS\SYSTEM32\icaapi.dll
2007-06-02 17:18 102,912 --a------ C:\WINDOWS\SYSTEM32\clipbrd.exe
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-05 03:40:03 -------- d-----w C:\Program Files\Movie Maker
2007-06-05 03:39:31 -------- d-----w C:\Program Files\Windows NT
2007-06-05 00:31:18 -------- d--h--w C:\Program Files\WindowsUpdate
2007-06-03 01:17:52 23,372 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2007-06-01 00:08:17 -------- d-----w C:\Program Files\SpywareBlaster
2007-05-29 04:26:25 -------- d-----w C:\Program Files\Microsoft Works
2007-05-29 01:20:00 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-19 00:58:04 -------- d-----w C:\Program Files\Microsoft ActiveSync
2007-04-21 19:32:38 -------- d-----w C:\Program Files\PTLens
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:36:28 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys
2005-10-21 22:39:27 56 --sh--r C:\WINDOWS\SYSTEM32\60B234665C.sys
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 01:56]
{756B6B9D-2682-457C-9E2F-D3541C57577D}=C:\WINDOWS\system32\efcbc.dll []
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [2007-01-20 00:55]
{AC41D38F-B56D-40AD-94E0-B493D130C959}=C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll [2005-11-18 11:06]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-05-21 14:51]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCTVOICE"="pctspk.exe" [2002-07-18 15:58 C:\WINDOWS\SYSTEM32\pctspk.exe]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2003-06-10 22:07]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-05 21:05]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-06-08 13:31 C:\WINDOWS\KHALMNPR.Exe]
"F-Secure Manager"="C:\Program Files\Shaw Secure\Common\FSM32.exe" [2005-10-25 19:51]
"F-Secure TNB"="C:\Program Files\Shaw Secure\TNB\TNBUtil.exe" [2005-07-18 08:51]
"F-Secure Startup Wizard"="C:\Program Files\Shaw Secure\FSGUI\FSSW.exe" [2005-10-18 02:29]
"MaxBackSchedule"="C:\Program Files\Maxtor\Maxtor Quick Start\maxbackservice.exe" [2005-10-06 10:22]
"BCWipeTM Startup"="C:\Program Files\Jetico\BCWipe\BCWipeTM.exe" [2006-02-21 04:42]
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [2005-10-06 09:22]
"mssSort"="C:\Program Files\Maxtor\Maxtor Quick Start\msssort.exe" [2005-07-15 14:29]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56]
"pdfSaver3"="C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe" [2004-09-05 18:20]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-21 14:51]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-06-12 15:32]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 13:39]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"tscuninstall"=%systemroot%\system32\tscupgrd.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2006-09-28 08:13]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=hplun.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Sonic RecordNow!"=C:\WINDOWS\system32\ctfmon.exe
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" /startup
"i-Handbook"=C:\Program Files\Schlumberger\i-Handbook\i-Handbook.exe /i
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MimBoot"=C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mimboot.exe
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"dvd43"=C:\Program Files\dvd43\dvd43_tray.exe
"MMReminderService"=C:\Program Files\Mindjet\MindManager 6\MMReminderService.exe
"News Service"="C:\Program Files\Shaw Secure\FSGUI\ispnews.exe"
"pdfSaver3"=
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe
"mssSort"=C:\Program Files\Maxtor\Maxtor Quick Start\msssort.exe
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8d0166ec-c9d8-11db-b235-00904b687ad9}]
AutoRun\command- I:\ONSPCLCK.exe
Contents of the 'Scheduled Tasks' folder
2005-05-22 22:56:49 C:\WINDOWS\tasks\XoftSpy.job
**************************************************************************
catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-06-07 20:24:53
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-07 20:25:47
C:\ComboFix-quarantined-files.txt ... 2007-06-07 20:25
--- E O F ---
: