Here is the log
ComboFix 10-04-21.01 - Sean 22/04/2010 1:41.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.2.1033.18.1917.1152 [GMT -4:00]
Running from: c:\users\Sean\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100421-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1368 [VPS 100421-1] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1731352543-3892579127-1766459742-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\program files\Cheat Engine\dbk32.sys
c:\program files\mjc
c:\program files\racle~1
c:\program files\Sakora
c:\users\Kimmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\CPV.stt
c:\users\Mommy and Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\CPV.stt
c:\windows\curity~1
c:\windows\UA000106.DLL
.
((((((((((((((((((((((((( Files Created from 2010-03-22 to 2010-04-22 )))))))))))))))))))))))))))))))
.
2010-04-22 05:55 . 2010-04-22 05:57 -------- d-----w- c:\users\Sean\AppData\Local\temp
2010-04-22 05:55 . 2010-04-22 05:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-22 05:55 . 2010-04-22 05:55 -------- d-----w- c:\users\Mommy and Daddy\AppData\Local\temp
2010-04-22 05:55 . 2010-04-22 05:55 -------- d-----w- c:\users\Kimmy\AppData\Local\temp
2010-04-21 23:06 . 2010-04-21 23:06 -------- d-----w- c:\program files\Microsoft ATS
2010-04-21 12:13 . 2010-02-20 23:54 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-04-21 12:13 . 2010-02-20 23:51 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-04-21 12:13 . 2010-02-20 21:30 396800 ----a-w- c:\windows\system32\drivers\http.sys
2010-04-21 04:00 . 2009-10-19 14:42 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-04-21 04:00 . 2009-10-19 14:39 24064 ----a-w- c:\windows\system32\lpk.dll
2010-04-21 04:00 . 2009-10-19 14:37 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-04-21 04:00 . 2009-10-19 14:37 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-04-21 04:00 . 2009-10-19 14:36 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-04-21 04:00 . 2009-10-19 11:45 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-04-21 04:00 . 2009-12-11 12:15 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2010-04-21 04:00 . 2009-12-11 12:15 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-04-21 03:58 . 2009-08-10 13:05 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-04-21 03:57 . 2009-08-31 15:16 428032 ----a-w- c:\windows\system32\EncDec.dll
2010-04-21 03:57 . 2009-08-31 15:21 292352 ----a-w- c:\windows\system32\psisdecd.dll
2010-04-21 03:57 . 2009-08-31 15:17 1244672 ----a-w- c:\windows\system32\mcmde.dll
2010-04-21 03:57 . 2010-01-23 08:05 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-21 03:55 . 2010-02-18 14:22 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2010-04-21 03:55 . 2010-02-18 14:19 179712 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-21 03:55 . 2010-02-18 12:05 815104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-21 03:55 . 2010-02-18 12:04 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-21 03:55 . 2009-08-14 17:16 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2010-04-21 03:55 . 2010-02-18 12:04 22016 ----a-w- c:\windows\system32\netiougc.exe
2010-04-21 03:55 . 2010-02-18 12:04 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2010-04-21 03:55 . 2009-08-14 14:01 2031104 ----a-w- c:\windows\system32\win32k.sys
2010-04-21 03:53 . 2009-12-28 12:36 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2010-04-21 03:53 . 2009-12-28 12:34 22528 ----a-w- c:\windows\system32\msyuv.dll
2010-04-21 03:53 . 2009-12-28 12:34 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-04-21 03:53 . 2009-12-28 12:32 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-04-21 03:53 . 2009-12-28 12:34 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-04-21 03:53 . 2009-12-28 12:33 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-04-21 03:53 . 2009-12-28 12:30 88576 ----a-w- c:\windows\system32\avifil32.dll
2010-04-21 03:53 . 2009-12-28 12:30 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-04-21 03:53 . 2009-04-02 11:50 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-04-21 03:43 . 2009-09-10 15:29 311296 ----a-w- c:\windows\system32\unregmp2.exe
2010-04-21 03:43 . 2009-09-10 17:40 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-04-21 03:43 . 2009-09-10 17:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-04-21 03:43 . 2009-09-10 15:29 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2010-04-21 03:41 . 2009-12-23 12:45 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-04-21 03:41 . 2010-01-13 18:23 97792 ----a-w- c:\windows\system32\cabview.dll
2010-04-20 05:10 . 2010-04-20 05:10 52224 ----a-w- c:\users\Sean\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-20 05:10 . 2010-04-20 05:10 117760 ----a-w- c:\users\Sean\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-20 05:09 . 2010-04-20 05:09 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-04-20 05:08 . 2010-04-20 05:08 5120 ----a-r- c:\users\Sean\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
2010-04-20 05:08 . 2010-04-20 05:08 65024 ----a-r- c:\users\Sean\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
2010-04-20 05:08 . 2010-04-20 05:08 18944 ----a-r- c:\users\Sean\AppData\Roaming\Microsoft\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
2010-04-20 05:07 . 2010-04-20 05:07 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-20 05:07 . 2010-04-20 05:07 -------- d-----w- c:\users\Sean\AppData\Roaming\SUPERAntiSpyware.com
2010-04-20 04:55 . 2010-03-29 19:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-20 04:55 . 2010-04-20 04:55 -------- d-----w- c:\programdata\Malwarebytes
2010-04-20 04:55 . 2010-04-20 04:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-20 04:55 . 2010-03-29 19:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-20 04:24 . 2010-04-20 04:24 60672 ----a-w- c:\users\Sean\AppData\Local\syssvc.exe
2010-04-20 04:22 . 2010-04-20 22:35 -------- d-----w- c:\users\Sean\AppData\Local\wxkagtccy
2010-04-18 22:57 . 2010-04-18 22:57 -------- d-----w- c:\program files\FreeMind
2010-04-17 15:11 . 2010-04-17 15:11 -------- d-----w- c:\users\Sean\AppData\Roaming\XemiComputers
2010-04-17 15:11 . 2010-04-17 15:11 -------- d-----w- c:\program files\XemiComputers
2010-04-04 21:34 . 2010-04-04 21:34 36400 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\ALWIL.dll
2010-04-04 21:34 . 2010-04-04 21:34 33328 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\Microsoft Corporation.dll
2010-04-04 21:34 . 2010-04-04 21:34 32304 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\MicrosoftAV.dll
2010-04-04 21:34 . 2010-04-04 21:34 174592 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\64bitProxy.exe
2010-04-04 21:34 . 2010-04-04 21:34 150064 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\FWManager.dll
2010-04-04 21:34 . 2010-04-04 21:34 24112 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\AVManager.dll
2010-04-04 21:34 . 2010-04-04 21:34 151088 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\OPSWATAVCommon.dll
2010-04-04 21:34 . 2010-04-04 21:34 19120 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\libinspector.dll
2010-04-04 21:33 . 2010-04-04 21:33 14512 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\libdesktop.dll
2010-04-04 21:33 . 2010-04-04 21:33 47280 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco HostScan\bin\hostscan.exe
2010-04-04 21:33 . 2010-04-04 21:33 29872 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco\Cisco Secure Desktop\Cache\Temp8-P00h\CSDWebLaunch.exe
2010-04-04 21:33 . 2010-04-04 21:33 -------- d-----w- c:\users\Mommy and Daddy\AppData\Roaming\Cisco
2010-04-04 03:10 . 2010-04-04 03:10 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb563C.tmp.exe
2010-04-02 05:28 . 2010-04-02 05:28 -------- d-----w- c:\users\Sean\AppData\Roaming\MPEG Streamclip
2010-03-31 06:00 . 2010-03-31 06:00 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-03-25 03:16 . 2010-03-25 03:16 48788 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox\uninstallOctazen.exe
2010-03-25 02:34 . 2010-03-25 02:34 -------- d-----w- c:\users\Mommy and Daddy\AppData\Local\Smilebox
2010-03-25 02:34 . 2010-03-25 03:16 -------- d-----w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox
2010-03-25 02:34 . 2010-03-25 02:34 59313 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox\uninstall.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-22 05:58 . 2009-11-16 03:55 -------- d-----w- c:\program files\Common Files\Akamai
2010-04-22 05:54 . 2009-12-17 22:04 -------- d-----w- c:\program files\Cheat Engine
2010-04-22 04:55 . 2009-04-29 02:29 -------- d-----w- c:\programdata\Google Updater
2010-04-22 03:48 . 2008-12-06 22:13 -------- d-----w- c:\users\Sean\AppData\Roaming\gtk-2.0
2010-04-21 22:58 . 2008-03-21 21:56 -------- d-----w- c:\program files\OGPlanet
2010-04-21 21:50 . 2008-03-22 09:21 114936 ----a-w- c:\users\Sean\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-21 21:44 . 2009-11-15 22:43 -------- d-----w- c:\program files\Microsoft Silverlight
2010-04-21 13:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-21 12:58 . 2007-09-02 11:39 -------- d-----w- c:\programdata\Microsoft Help
2010-04-21 12:29 . 2007-09-02 11:41 -------- d-----w- c:\program files\Microsoft Works
2010-04-21 12:18 . 2007-09-02 11:46 -------- d-----w- c:\program files\Microsoft SQL Server
2010-04-20 05:06 . 2008-11-28 02:17 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-18 21:28 . 2008-04-12 21:33 -------- d-----w- c:\users\Sean\AppData\Roaming\LimeWire
2010-04-17 15:07 . 2008-04-28 00:13 -------- d-----w- c:\program files\Google
2010-04-16 21:54 . 2009-09-20 23:51 -------- d-----w- c:\users\Sean\AppData\Roaming\IObit
2010-04-09 22:57 . 2008-10-04 15:51 -------- d-----w- c:\users\Kimmy\AppData\Roaming\LimeWire
2010-04-05 18:10 . 2009-08-22 23:43 -------- d-----w- c:\program files\Counter-Strike Source
2010-04-05 15:14 . 2009-09-06 20:29 -------- d-----w- c:\program files\IObit
2010-04-02 18:35 . 2008-10-01 01:53 -------- d-----w- c:\users\Sean\AppData\Roaming\Publish Providers
2010-03-09 19:15 . 2010-02-17 21:05 287368 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox\SmileboxTray.exe
2010-03-09 16:50 . 2010-04-21 03:55 52736 ----a-w- c:\windows\AppPatch\iebrshim.dll
2010-02-24 14:16 . 2009-10-03 06:29 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 06:48 . 2008-06-13 01:10 -------- d-----w- c:\users\Mommy and Daddy\AppData\Roaming\LimeWire
2010-02-24 03:00 . 2010-02-24 03:00 20480 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\LimeWire\browser\xulrunner\components\autoconfig.dll
2010-02-24 03:00 . 2010-02-24 03:00 18944 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell_modal.dll
2010-02-24 03:00 . 2010-02-24 03:00 17408 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\LimeWire\browser\xulrunner\components\auth.dll
2010-02-24 03:00 . 2010-02-24 03:00 8192 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\LimeWire\browser\xulrunner\AccessibleMarshal.dll
2010-02-24 03:00 . 2010-02-24 03:00 20480 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\LimeWire\browser\xulrunner\IA2Marshal.dll
2010-02-23 20:46 . 2010-03-11 14:37 419040 ----a-w- c:\windows\system32\WMInstallMgrUninst.exe
2010-02-23 20:46 . 2010-03-11 14:37 62688 ----a-w- c:\windows\system32\WMWebLauncherUninst.exe
2010-02-23 20:46 . 2010-03-11 14:37 255200 ----a-w- c:\windows\system32\SystemObserver.dll
2010-02-23 20:46 . 2010-03-11 14:37 54496 ----a-w- c:\windows\system32\GetInfoLauncher.exe
2010-02-23 13:14 . 2010-04-21 03:58 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-23 13:14 . 2010-04-21 03:58 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-02-23 13:14 . 2010-04-21 03:58 102400 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
2010-02-18 14:54 . 2010-04-21 03:58 3502480 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-18 14:54 . 2010-04-21 03:58 3468168 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-17 21:05 . 2010-02-18 00:50 397960 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox\SmileboxStarter.exe
2010-02-17 21:05 . 2010-02-18 00:10 168584 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox\SmileboxBrowserEngine.dll
2010-02-17 21:05 . 2010-02-17 21:05 217736 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox\SmileboxDvd.exe
2010-02-17 20:50 . 2010-02-17 20:50 1602184 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox\SmileboxClient.exe
2010-02-17 20:10 . 2010-02-17 20:10 344712 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox\SmileboxDvdEngine.dll
2010-02-17 20:10 . 2010-02-17 20:10 135816 ----a-w- c:\users\Mommy and Daddy\AppData\Roaming\Smilebox\SmileboxUpdater.exe
2010-02-11 03:16 . 2010-02-11 03:16 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-01-30 17:41 . 2010-01-30 17:41 282624 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\websrvcs.dll
2010-01-30 17:41 . 2010-01-30 17:41 200704 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\transformiix.dll
2010-01-30 17:41 . 2010-01-30 17:41 15872 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\xmlextras.dll
2010-01-30 17:41 . 2010-01-30 17:41 110592 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\universalchardet.dll
2010-01-30 17:41 . 2010-01-30 17:41 19968 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\pippki.dll
2010-01-30 17:41 . 2010-01-30 17:41 225280 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\pipnss.dll
2010-01-30 17:41 . 2010-01-30 17:41 20992 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\pipboot.dll
2010-01-30 17:41 . 2010-01-30 17:41 20480 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\autoconfig.dll
2010-01-30 17:41 . 2010-01-30 17:41 18944 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\appshell_modal.dll
2010-01-30 17:41 . 2010-01-30 17:41 17408 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\components\auth.dll
2010-01-30 17:41 . 2010-01-30 17:41 8192 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\AccessibleMarshal.dll
2010-01-30 17:41 . 2010-01-30 17:41 20480 ----a-w- c:\users\Sean\AppData\Roaming\LimeWire\browser\xulrunner\IA2Marshal.dll
2010-01-25 12:58 . 2010-04-21 03:54 473088 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:58 . 2010-04-21 03:54 154624 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:58 . 2010-04-21 03:54 154112 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:58 . 2010-04-21 03:54 472576 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 12:56 . 2010-04-21 03:54 312320 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:36 . 2010-04-21 03:54 435712 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:36 . 2010-04-21 03:54 515584 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-25 08:36 . 2010-04-21 03:54 431104 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:35 . 2010-04-21 03:54 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
.
------- Sigcheck -------
[-] 2009-03-30 . 74B6336C7ACC815483C2399BDD53EFCC . 245248 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2008-01-19 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6001.18000] . . c:\windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-29 21:24 325000 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-08-29 133104]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-10-17 2920632]
"cdloader"="c:\users\Sean\AppData\Roaming\mjusbsp\cdloader2.exe" [2009-08-01 50520]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-10 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-08-23 1006264]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-17 149280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
c:\users\Kimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2009-12-16 503808]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Mises … jour planifi‚es.lnk - c:\program files\Quicken\bagent.exe [2003-4-18 53248]
M‚mento Quicken.lnk - c:\program files\Quicken\billmind.exe [2003-4-18 36864]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
R2 gupdate1c9c8726becfc2b;Google Update Service (gupdate1c9c8726becfc2b);c:\program files\Google\Update\GoogleUpdate.exe [2009-04-29 133104]
R2 mrtRate;mrtRate;
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-03-15 2804788]
R3 XDva189;XDva189;c:\windows\system32\XDva189.sys
R3 XDva193;XDva193;c:\windows\system32\XDva193.sys
R3 XDva202;XDva202;c:\windows\system32\XDva202.sys
R3 XDva309;XDva309;c:\windows\system32\XDva309.sys
S1 aswSP;avast! Self Protection;
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-02-17 66632]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2007-06-01 252416]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-04-06 23064]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
2010-04-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-10 02:29]
2010-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-29 02:30]
2010-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-29 02:30]
2010-04-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3988202556-4294345629-2372359041-1003Core.job
- c:\users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2008-07-11 23:46]
2010-04-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3988202556-4294345629-2372359041-1003UA.job
- c:\users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe [2008-07-11 23:46]
2010-04-22 c:\windows\Tasks\User_Feed_Synchronization-{D3E6FF0B-1889-4DA0-85D0-4DB5C614576B}.job
- c:\windows\system32\msfeedssync.exe [2010-04-21 11:31]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.shoptoshiba.ca/welcome
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5555
DPF: {87A638DE-396F-40FD-A2F8-01B56072F553} - hxxp://download.gemfighter.com/launcher/gemx2.cab
DPF: {BD68328E-1222-4A62-BA16-E6F42CA49A64} - hxxp://gf.wemade.com/comsso/active/WMInstallMgr.cab
FF - ProfilePath - c:\users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\yq7b81t9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1265259818&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101757&gct=&gc=1&q=
FF - component: c:\users\Sean\AppData\Roaming\Mozilla\Firefox\Profiles\yq7b81t9.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\FFExternalAlert.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Sean\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\Sean\Program Files\DNA\plugins\npbtdna.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
AddRemove-Fraps - c:\users\Sean\Desktop\Fraps\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-04-22 01:57
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
c:\windows\TEMP\TMP0000006CE42FA671EAFB0412 524288 bytes executable
scan completed successfully
hidden files: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-04-22 02:02:22
ComboFix-quarantined-files.txt 2010-04-22 06:02
Pre-Run: 45,322,604,544 bytes free
Post-Run: 47,394,820,096 bytes free
- - End Of File - - 73F15F2102F69EBC06AE56A8CCC8FBE8