dont know why most of that in in my trusted zones but on my internet options it shows i have no trusted sites.
ComboFix 09-08-07.09 - Chris Diaz 08/08/2009 14:58.5.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2047.1710 [GMT -4:00]
Running from: c:\documents and settings\Chris Diaz\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Chris Diaz\Desktop\CFScript.txt
* Created a new restore point
FILE ::
"c:\documents and settings\Chris Diaz\meqsq.exe"
"c:\documents and settings\Chris Diaz\nukqkt.exe"
"c:\documents and settings\Chris Diaz\wafayoh.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Chris Diaz\meqsq.exe
c:\documents and settings\Chris Diaz\nukqkt.exe
c:\documents and settings\Chris Diaz\wafayoh.exe
.
((((((((((((((((((((((((( Files Created from 2009-07-08 to 2009-08-08 )))))))))))))))))))))))))))))))
.
2009-08-06 22:55 . 2009-08-06 22:55 -------- d-----w- C:\Katana
2009-08-05 09:55 . 2009-08-05 09:55 -------- d-----w- C:\_OTM
2009-08-04 23:39 . 2008-06-19 21:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-08-04 23:39 . 2009-08-04 23:39 -------- d-----w- c:\program files\Panda Security
2009-08-04 21:52 . 2006-02-28 12:00 4224 -c--a-w- c:\windows\system32\dllcache\beep.sys
2009-08-04 21:52 . 2006-02-28 12:00 4224 ----a-w- c:\windows\system32\drivers\beep.sys
2009-08-03 23:02 . 2008-04-14 00:12 39424 ----a-w- c:\windows\system32\grpconv.exe
2009-08-03 22:54 . 2009-08-03 22:54 -------- d-----w- c:\windows\Sun
2009-08-03 21:26 . 2009-08-03 21:26 -------- d-----w- C:\rsit
2009-08-03 21:04 . 2009-08-03 21:04 -------- d-----w- c:\documents and settings\Chris Diaz\Application Data\Malwarebytes
2009-08-03 21:03 . 2009-08-03 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 21:03 . 2009-08-03 21:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-03 21:03 . 2009-08-03 21:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-03 21:03 . 2009-08-03 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-02 11:22 . 2009-08-02 11:22 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-08-01 21:52 . 2009-08-01 21:52 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-08-01 12:04 . 2009-08-01 12:04 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-07-29 21:17 . 2009-07-29 21:17 -------- d-----w- c:\documents and settings\Chris Diaz\Application Data\AVG8
2009-07-29 21:01 . 2009-07-03 17:09 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-07-29 21:01 . 2009-07-03 17:09 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-29 00:17 . 2009-07-29 00:17 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-07-29 00:17 . 2009-07-29 00:17 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-07-29 00:17 . 2009-07-29 00:17 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-07-29 00:17 . 2009-07-29 00:18 -------- d-----w- c:\documents and settings\Chris Diaz\Application Data\DAEMON Tools Lite
2009-07-28 21:14 . 2009-07-31 10:02 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-28 21:14 . 2009-07-31 10:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-28 21:11 . 2009-07-28 21:11 -------- d-----w- c:\program files\Trend Micro
2009-07-28 20:50 . 2009-08-03 23:02 578560 -c--a-w- c:\windows\system32\dllcache\user32.dll
2009-07-17 21:14 . 2009-08-08 00:10 139072 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-17 21:13 . 2009-08-08 00:10 189672 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-17 21:13 . 2009-07-17 21:13 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-07-17 21:13 . 2009-07-17 21:13 -------- d-----w- c:\documents and settings\Chris Diaz\Local Settings\Application Data\PunkBuster
2009-07-16 23:15 . 2009-07-29 00:09 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-07-16 23:13 . 2009-07-16 23:13 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-16 23:13 . 2009-07-16 23:20 -------- d-----w- c:\documents and settings\Chris Diaz\Application Data\DAEMON Tools Pro
2009-07-16 22:33 . 2009-07-16 22:33 -------- d-----w- c:\program files\EA GAMES
2009-07-16 22:27 . 2009-07-16 23:27 -------- d-----w- c:\program files\Steam
2009-07-16 20:38 . 2009-07-16 20:38 -------- d-----w- c:\documents and settings\Chris Diaz\Application Data\dvdcss
2009-07-16 01:30 . 2009-07-16 01:30 -------- d-----w- c:\program files\VideoLAN
2009-07-13 07:01 . 2009-07-22 12:07 -------- d-----w- c:\documents and settings\Chris Diaz\Application Data\LimeWire
2009-07-12 19:36 . 2009-07-16 01:22 -------- d-----w- c:\documents and settings\Chris Diaz\Application Data\DivX
2009-07-12 17:50 . 2009-07-16 22:43 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-12 17:50 . 2009-07-12 17:50 -------- d-----w- c:\program files\MC2
2009-07-12 17:50 . 2009-07-16 22:23 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-12 17:44 . 2009-07-12 17:44 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-07-12 14:03 . 2009-08-03 01:23 -------- d-----w- c:\documents and settings\Chris Diaz\Application Data\BitTorrent
2009-07-12 14:00 . 2009-07-12 14:00 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-12 14:00 . 2009-07-12 14:00 -------- d-----w- c:\program files\Java
2009-07-12 14:00 . 2009-07-12 14:00 152576 ----a-w- c:\documents and settings\Chris Diaz\Application Data\Sun\Java\jre1.6.0_11\lzma.dll
2009-07-12 02:12 . 2009-06-10 10:03 457248 ----a-w- c:\windows\system32\nvudisp.exe
2009-07-12 02:12 . 2009-06-21 12:46 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-07-12 02:12 . 2009-07-12 02:12 -------- d-----w- C:\NVIDIA
2009-07-11 20:39 . 2006-12-06 01:17 240 ----a-w- c:\windows\myClean.bat
2009-07-11 20:39 . 2009-07-11 20:39 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-07-10 03:43 . 2009-07-10 03:43 -------- d-sh--w- c:\documents and settings\Chris Diaz\IECompatCache
2009-07-09 21:36 . 2009-07-09 21:36 -------- d-----w- c:\documents and settings\Chris Diaz\Local Settings\Application Data\Identities
2009-07-09 20:57 . 2009-07-09 20:57 0 ----a-w- c:\windows\nsreg.dat
2009-07-09 20:57 . 2009-07-09 20:57 -------- d-----w- c:\documents and settings\Chris Diaz\Local Settings\Application Data\Mozilla
2009-07-09 20:49 . 2009-08-08 18:57 -------- d-----w- c:\documents and settings\Chris Diaz\Application Data\mIRC
2009-07-09 20:49 . 2009-08-08 18:34 -------- d-----w- c:\program files\mIRC
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-03 23:02 . 2006-02-28 12:00 578560 ----a-w- c:\windows\system32\user32.dll
2009-07-16 00:15 . 2009-07-09 16:17 -------- d-----w- c:\program files\SystemRequirementsLab
2009-07-12 17:45 . 2009-07-12 17:44 -------- d-----w- c:\program files\DivX
2009-07-11 21:00 . 2009-07-09 16:17 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-07-09 17:16 . 2009-07-09 17:16 -------- d-----w- c:\program files\microsoft frontpage
2009-07-09 17:14 . 2009-07-09 17:14 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-07-09 16:17 . 2009-07-09 16:17 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-07-09 16:10 . 2009-07-09 16:10 13104 ----a-w- c:\documents and settings\Chris Diaz\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-09 16:06 . 2009-07-09 16:06 -------- d-----w- c:\program files\Windows Media Connect 2
2009-07-09 15:51 . 2009-07-09 15:40 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-07-09 15:51 . 2009-07-09 15:40 -------- d-----w- c:\program files\NOS
2009-07-09 15:48 . 2009-07-09 17:15 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-09 15:45 . 2009-07-09 15:45 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-09 15:43 . 2009-07-09 15:43 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-07-09 15:41 . 2009-07-09 15:41 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-07-09 14:30 . 2009-07-09 14:30 -------- d-----w- c:\program files\McAfee
2009-07-03 17:09 . 2006-02-28 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-16 14:36 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2006-02-28 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-10 12:28 . 2009-06-10 12:28 3510272 ----a-w- c:\windows\system32\nvgames.dll
2009-06-10 12:28 . 2009-06-10 12:28 4022272 ----a-w- c:\windows\system32\nvdisps.dll
2009-06-10 12:28 . 2009-06-10 12:28 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-06-10 12:28 . 2009-06-10 12:28 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-06-10 12:28 . 2009-06-10 12:28 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-06-10 12:28 . 2009-06-10 12:28 13758464 ----a-w- c:\windows\system32\nvcpl.dll
2009-06-10 12:28 . 2009-06-10 12:28 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-06-10 10:03 . 2009-07-09 15:33 8087712 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-06-10 10:03 . 2009-06-10 10:03 9998336 ----a-w- c:\windows\system32\nvoglnt.dll
2009-06-10 10:03 . 2009-06-10 10:03 815104 ----a-w- c:\windows\system32\nvapi.dll
2009-06-10 10:03 . 2009-06-10 10:03 671744 ----a-w- c:\windows\system32\nvcuvid.dll
2009-06-10 10:03 . 2009-06-10 10:03 1720320 ----a-w- c:\windows\system32\nvcuda.dll
2009-06-10 10:03 . 2009-06-10 10:03 1580550 ----a-w- c:\windows\system32\nvdata.bin
2009-06-10 10:03 . 2009-06-10 10:03 151552 ----a-w- c:\windows\system32\nvcodins.dll
2009-06-10 10:03 . 2009-06-10 10:03 151552 ----a-w- c:\windows\system32\nvcod.dll
2009-06-10 10:03 . 2009-06-10 10:03 1310720 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-06-10 10:03 . 2008-04-14 00:12 5908608 ----a-w- c:\windows\system32\nv4_disp.dll
2009-06-03 19:09 . 2006-02-28 12:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-05-13 21:56 . 2009-07-12 17:45 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-05-13 21:56 . 2009-07-12 17:45 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-05-13 21:56 . 2009-07-12 17:45 43528 ------w- c:\windows\system32\drivers\PxHelp20.sys
2009-05-13 21:56 . 2009-07-12 17:45 129784 ------w- c:\windows\system32\pxafs.dll
2009-05-13 21:56 . 2009-07-12 17:45 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-05-13 21:56 . 2009-07-12 17:45 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-05-13 21:54 . 2009-05-13 21:54 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-13 21:54 . 2009-05-13 21:54 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-13 21:54 . 2009-05-13 21:54 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-13 21:54 . 2009-05-13 21:54 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-13 21:54 . 2009-05-13 21:54 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-13 21:54 . 2009-05-13 21:54 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-13 21:54 . 2009-05-13 21:54 685056 ----a-w- c:\windows\system32\DivX.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-08-03_23.04.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-08 18:32 . 2009-08-08 18:32 16384 c:\windows\Temp\Perflib_Perfdata_118.dat
+ 2006-02-28 12:00 . 2008-04-14 00:12 507904 c:\windows\system32\winlogon.exe
+ 2006-02-28 12:00 . 2008-04-14 00:12 507904 c:\windows\system32\dllcache\winlogon.exe
+ 2009-04-17 12:59 . 2009-04-17 12:59 128256 c:\windows\Downloaded Program Files\as2stubie.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"AlcxMonitor"="ALCXMNTR.EXE" - c:\windows\ALCXMNTR.EXE [2004-09-07 57344]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\beep.sys]
@="beep"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [8/4/2009 7:39 PM 28544]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
Trusted Zone: //about.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Update.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-08-08 15:00
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-08-08 15:01
ComboFix-quarantined-files.txt 2009-08-08 19:01
ComboFix2.txt 2009-08-04 23:35
ComboFix3.txt 2009-08-04 21:55
ComboFix4.txt 2009-08-04 10:05
ComboFix5.txt 2009-08-08 18:36
Pre-Run: 699,420,491,776 bytes free
Post-Run: 699,373,404,160 bytes free
200 --- E O F --- 2009-07-29 21:08