[_The_Nothing_]

I think I fixed it all but I'm not 100% sure I removed everything.

thanks in advance for any help you may provide me


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:59 PM, on 8/30/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\sdclt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssvagent.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onec...s/wlscctrl2.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12887 bytes

[Advertisements]

2008-07-14 17:30 . 2008-01-19 02:35 3,072,000 --a------ C:\Windows\System32\networkmap.dll
2008-07-14 17:29 . 2008-01-19 02:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-07-14 17:28 . 2008-01-19 01:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
2008-07-14 17:27 . 2008-01-19 02:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
2008-07-14 17:27 . 2008-01-19 02:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
2008-07-14 17:27 . 2008-01-19 02:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll
2008-07-14 17:26 . 2008-01-19 02:34 305,152 --a------ C:\Windows\System32\msdelta.dll
2008-07-14 17:26 . 2008-01-19 02:34 258,560 --a------ C:\Windows\System32\dpx.dll
2008-07-14 17:26 . 2008-01-19 02:34 246,784 --a------ C:\Windows\System32\drvstore.dll
2008-07-14 17:26 . 2008-01-19 02:36 218,624 --a------ C:\Windows\System32\wdscore.dll
2008-07-14 17:26 . 2008-01-19 02:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe
2008-07-14 17:26 . 2008-01-19 02:35 35,328 --a------ C:\Windows\System32\mspatcha.dll
2008-07-13 20:57 . 2008-07-19 13:22 <DIR> d-------- C:\Program Files\GameSpy Arcade
2008-07-13 20:01 . 2008-07-19 21:29 <DIR> d-------- C:\Program Files\PeerGuardian2
2008-07-13 16:18 . 2008-07-13 16:18 <DIR> d-------- C:\Windows\System32\Adobe
2008-07-13 02:04 . 2008-07-19 21:31 <DIR> d-------- C:\Users\Me and my angels 2\AppData\Roaming\Free Download Manager
2008-07-13 02:04 . 2008-07-19 12:40 <DIR> d-------- C:\Program Files\Free Download Manager
2008-06-30 10:59 . 2008-06-30 10:59 885,248 --a------ C:\Windows\System32\RacEngn.dll
2008-06-30 10:59 . 2008-06-30 10:59 9,127 --a------ C:\Windows\System32\RacUR.xml
2008-06-30 10:59 . 2008-06-30 10:59 153 --a------ C:\Windows\System32\RacUREx.xml
2008-06-30 10:54 . 2008-06-30 10:54 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-06-30 10:54 . 2008-06-30 10:54 14,848 --a------ C:\Windows\System32\wshrm.dll
2008-06-30 10:53 . 2008-06-30 10:53 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-06-30 10:53 . 2008-06-30 10:53 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-06-30 10:53 . 2008-06-30 10:53 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-06-30 10:53 . 2008-06-30 10:53 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-30 10:53 . 2008-06-30 10:53 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-06-30 10:53 . 2008-06-30 10:53 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax
2008-06-30 10:53 . 2008-06-30 10:53 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-06-30 10:49 . 2008-06-30 10:49 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-06-30 10:49 . 2008-06-30 10:49 826,880 --a------ C:\Windows\System32\wininet.dll
2008-06-29 22:12 . 2008-06-29 22:12 18 --a------ C:\Windows\gfact.ini
2008-06-29 22:11 . 2008-06-29 22:12 <DIR> d-------- C:\Program Files\bruce2
2008-06-29 19:16 . 2008-06-29 19:17 <DIR> d-------- C:\Users\Me and my angels 2\AppData\Roaming\Software Informer
2008-06-29 19:15 . 2008-06-29 20:30 <DIR> d-------- C:\Program Files\Software Informer
2008-06-29 18:59 . 2008-07-13 22:32 <DIR> d-------- C:\Program Files\Battlefield Browser

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-20 03:26 13,636 ----a-w C:\Users\Me and my angels 2\AppData\Roaming\nvModes.dat
2008-07-19 23:55 --------- d-----w C:\Program Files\Yahoo!
2008-07-19 23:55 --------- d-----w C:\Program Files\FLV Player
2008-07-19 23:41 --------- d-----w C:\ProgramData\Google Updater
2008-07-19 23:35 --------- d-----w C:\Program Files\Google
2008-07-19 23:32 --------- d-----w C:\Program Files\Java
2008-07-19 23:09 --------- d-----w C:\Program Files\Picasa2
2008-07-19 16:44 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\uTorrent
2008-07-18 05:57 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-07-17 06:24 --------- d-----w C:\ProgramData\Roxio
2008-07-17 01:49 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\Yahoo!
2008-07-17 01:49 --------- d-----w C:\ProgramData\Yahoo!
2008-07-15 13:40 174 --sha-w C:\Program Files\desktop.ini
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Mail
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Journal
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Defender
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Collaboration
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Calendar
2008-07-15 01:16 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-07-14 18:46 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\dvdcss
2008-07-14 01:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-12 19:23 --------- d-----w C:\Program Files\Hewlett-Packard
2008-07-11 20:15 --------- d-----w C:\ProgramData\Microsoft Help
2008-06-29 04:19 --------- d-----w C:\ProgramData\DVD Shrink
2008-06-23 05:02 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\Roxio
2008-06-22 20:51 --------- d---a-w C:\ProgramData\TEMP
2008-06-22 18:53 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-15 03:45 --------- d-----w C:\Program Files\DAEMON Tools Pro
2008-06-11 03:04 --------- d-----w C:\ProgramData\Kaspersky Lab Setup Files
2008-06-10 21:13 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\InstallShield
2008-06-10 17:59 --------- d-----w C:\ProgramData\CyberLink
2008-06-10 17:12 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-06-10 17:09 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-06-10 17:09 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-06-10 17:09 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-06-10 17:09 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-06-10 17:09 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-05-30 16:14 --------- d-----w C:\Program Files\RADVideo
2008-05-25 16:16 --------- d-----w C:\ProgramData\River Past G5
2008-05-24 23:49 --------- d-----w C:\Users\Me and my angels 2\AppData\Roaming\River Past G5
2008-05-24 20:39 --------- d-----w C:\Users\Me and my angels 2\AppData\Roaming\iolo
2008-05-24 20:39 --------- d-----w C:\ProgramData\iolo
2008-05-06 19:15 47,360 ----a-w C:\Users\Me and my angels 2\AppData\Roaming\pcouffin.sys
2007-09-14 06:27 24,576 ----a-w C:\Users\Me and my angels 2\AppData\Roaming\PnkBstrK.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 02:33 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 02:33 125952]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 05:29 220544]
"AGEIA PhysX SysTray"="C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe" [2007-01-05 23:23 357928]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-10 22:56 218032]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2008-05-20 17:27 2474031]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2007-06-02 15:59 1457152]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-29 01:57 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 02:05 1045800]
"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 13:42 70912]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 16:24 54840]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 08:21 94208]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 03:29 102400]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 21:16 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 10:14 270648]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-11-24 15:33 167936]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2006-10-18 09:56 317152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"MSConfig"="C:\Windows\System32\msconfig.exe" [2008-01-19 02:33 227840]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-02-27 11:26 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-02-27 11:26 7770112]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-02-27 11:26 81920]
"ClamWin"="C:\Program Files\ClamWin\bin\ClamTray.exe" [2008-06-14 14:13 77824]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-07-19 18:32 29744]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-07-09 16:33 36352]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-03-23 16:48:32 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_Dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-239065566-3441178637-797170251-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A25AAB0F-BDDE-4825-9006-2C81FA627C66}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{4F3AE1B6-54D9-48FE-931C-4084D9E8A7FE}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{CB61196D-10EC-45E0-9300-02517F61BA83}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{29FE60EB-5341-4B90-973A-440A470ABC7B}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{5B33143C-8170-4085-A1CF-FB72BA0A2CD2}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{646D00DE-092A-4E5E-B686-196F2889CEBA}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{0C7C77B6-3E69-488C-9D2A-FC9231ACE37A}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{B7F8021A-0559-4835-A231-88DEEE195EEC}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"UDP Query User{F190FFC4-0D5F-48A9-A6FD-0FCB7D9642BF}C:\\program files\\ea games\\battlefield vietnam\\bfvietnam.exe"= TCP:C:\program files\ea games\battlefield vietnam\bfvietnam.exe:bfvietnam
"TCP Query User{2E98FD3D-7F29-4F99-8F51-2D9AEA97D397}C:\\program files\\ea games\\battlefield vietnam\\bfvietnam.exe"= UDP:C:\program files\ea games\battlefield vietnam\bfvietnam.exe:bfvietnam
"{95ECDD01-AB84-4195-A36C-29147C571235}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{9E02C4F2-DF48-4ADA-B6DF-757714F01315}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{847B4D9A-56A3-49A5-9521-2D7585715908}"= UDP:C:\Program Files\HP\QuickPlay\QP.exe:QP
"{90528E1E-A1FE-4A81-B793-12DCFBBD3662}"= TCP:C:\Program Files\HP\QuickPlay\QP.exe:QP
"{090CF6CF-EE2B-41E5-8C78-4E27BDD9A0C7}"= UDP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{6B57F522-FAAD-41A8-B1C1-953062BF9446}"= C:\Program Files\HP Connections\6811507\Program\HP Connections:HP Connections
"{AB06BDE8-59B8-48EC-BE3A-F47C57907ABE}"= UDP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{81A65DC1-77E6-4167-8E14-4B7FCA87FA72}"= TCP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{EC58DC15-F7C5-434D-85D3-CDAD99FD9AC4}"= UDP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{60DEC888-F219-4253-B879-9DCB9F49D1E6}"= TCP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{69766FF7-C030-44B6-941A-342BD87A0965}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{6B858232-CDA8-4787-BC69-95686C88817A}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{964A17A2-B864-49C4-AE05-C970AF48F245}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{D0E33B3D-1A5D-4264-A998-9D761F9F2B0E}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{E4F8C58C-172C-4E9F-87BD-9C7CCBAA8251}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{0CA0798A-3E2C-4FD7-BEAB-7513E7519FE5}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{E93F0325-7515-4077-B660-9EE7BCB2A972}"= UDP:C:\Program Files\Google\Google Talk\googletalk.exe:Google Talk
"{67C4A776-378F-4425-83E9-A1EB7B41A638}"= TCP:C:\Program Files\Google\Google Talk\googletalk.exe:Google Talk
"{51E7B6F4-55CA-4777-A7D7-E38AFD3FD8DE}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{A388478B-6806-4365-ABDC-7F0B1B3C3663}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{00EF6E7F-E560-4770-862E-AD465E485EC7}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{08918F9A-BEAC-4B64-8C0D-47F08A965A43}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{5E298237-770A-4E31-8D9F-273ABC055F34}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\pb\PnkBstrB.exe:PnkBstrB
"{40A29172-F0DE-4101-95A4-CEA1E9046CC4}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\pb\PnkBstrB.exe:PnkBstrB
"{2443FB9C-0C3E-411C-B4A8-CA2474869633}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\pb\PunkBuster services,service installer.exe:PunkBuster services,service installer
"{97A0E64C-946F-4B98-A6FF-940323D822AD}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\pb\PunkBuster services,service installer.exe:PunkBuster services,service installer
"{BB3E4C49-CA8A-4B70-96B9-821FCD7DC28E}"= UDP:C:\Users\Me and my angels 2\Downloads\programs\utorrent.exe:µTorrent
"{44D71720-AE6C-414D-9B3D-6D18C12EA338}"= TCP:C:\Users\Me and my angels 2\Downloads\programs\utorrent.exe:µTorrent
"{A873608A-C131-4458-AD97-0E50FF1D2D5A}"= UDP:C:\Program Files\PeerGuardian2\pg2.exe:PeerGuardian
"{DEDF92E4-A432-4923-85C6-0A9A8C96B774}"= TCP:C:\Program Files\PeerGuardian2\pg2.exe:PeerGuardian
"{75587C85-D95F-4A86-BD41-5F431C150F4D}"= UDP:C:\Program Files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{141BDFE0-A0C3-4E9E-8FE7-2FF6146767E9}"= TCP:C:\Program Files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{BBB29F7F-E486-40BB-A7D2-2F890EF11DF2}"= UDP:C:\Users\Me and my angels 2\Documents\Downloads\programs\utorrent.exe:µTorrent
"{3AB68C21-BF85-4736-B72E-31C3767180B6}"= TCP:C:\Users\Me and my angels 2\Documents\Downloads\programs\utorrent.exe:µTorrent
"{BA84386F-D8FC-4B88-A84E-F4FCA3C04B8A}"= UDP:C:\Users\Me and my angels 2\Downloads\programs\utorrent.exe:µTorrent
"{1C4C5EBB-A46F-437F-8B90-ED32B4847E3C}"= TCP:C:\Users\Me and my angels 2\Downloads\programs\utorrent.exe:µTorrent
"{8D4E3FE1-D5E6-4942-BA45-31DB1670F355}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{20C424E2-6871-470B-901E-2D0E036B8402}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{6793AAE9-560F-4AC2-A921-B7142C91E4BA}C:\\users\\me and my angels 2\\desktop\\utorrent.exe"= UDP:C:\users\me and my angels 2\desktop\utorrent.exe:utorrent.exe
"UDP Query User{EDAE37B9-BA9B-4CAB-A944-20EC3450D428}C:\\users\\me and my angels 2\\desktop\\utorrent.exe"= TCP:C:\users\me and my angels 2\desktop\utorrent.exe:utorrent.exe
"{9A29261D-687F-4668-A973-F6FB2495BA1D}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{729C1ED6-0E10-405D-9778-836B1A82F9E3}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"TCP Query User{A0C17AEA-87F1-41F3-AFB8-C1D02D0DD637}C:\\users\\me and my angels 2\\appdata\\local\\temp\\mrt852b.tmp\\stdrt.exe"= UDP:C:\users\me and my angels 2\appdata\local\temp\mrt852b.tmp\stdrt.exe:stdrt.exe
"UDP Query User{2374F97D-CD47-407D-BB80-9D88F6C47707}C:\\users\\me and my angels 2\\appdata\\local\\temp\\mrt852b.tmp\\stdrt.exe"= TCP:C:\users\me and my angels 2\appdata\local\temp\mrt852b.tmp\stdrt.exe:stdrt.exe
"{964FA9DD-191C-43ED-9260-BD03A6DF1555}"= UDP:C:\Program Files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"{DCA6DE48-B669-48A4-8E64-633AFF53B1F8}"= TCP:C:\Program Files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"TCP Query User{B814A61C-C96D-4AEE-8E3A-56DDBB653491}C:\\users\\me and my angels 2\\appdata\\local\\temp\\wzse0.tmp\\symnrt.exe"= UDP:C:\users\me and my angels 2\appdata\local\temp\wzse0.tmp\symnrt.exe:symnrt.exe
"UDP Query User{17A11D2A-3FED-40B0-886E-DFE46EE92895}C:\\users\\me and my angels 2\\appdata\\local\\temp\\wzse0.tmp\\symnrt.exe"= TCP:C:\users\me and my angels 2\appdata\local\temp\wzse0.tmp\symnrt.exe:symnrt.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DefaultOutboundAction"= 0 (0x0)
"DefaultInboundAction"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"<NO NAME>"= :*:Enabled:Yahoo! Music Jukebox
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink

R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service;C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 05:10]
S3 GameConsoleService;GameConsoleService;C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-10-01 11:34]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-19 18:32]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2008-07-18 19:15]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 02:30]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2006-10-18 19:09]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2006-10-18 19:09]
S3 SSDefrag;SSDefrag;C:\Windows\system32\drivers\SSDefrag.sys [2008-02-18 12:27]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2008-07-19 22:57:40 C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Me and my angels 2.job"
- c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK:
"2008-07-20 04:29:29 C:\Windows\Tasks\User_Feed_Synchronization-{9F1A3FA5-4B9D-479B-95FE-7AF5F899F293}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-19 23:18:21
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-07-19 23:40:38
ComboFix-quarantined-files.txt 2008-07-20 04:40:20

Pre-Run: 18,618,028,032 bytes free
Post-Run: 16,811,032,576 bytes free

278 --- E O F --- 2008-07-19 22:48:17

[_The_Nothing_]

2008-07-14 17:30 . 2008-01-19 02:35 3,072,000 --a------ C:\Windows\System32\networkmap.dll
2008-07-14 17:29 . 2008-01-19 02:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-07-14 17:28 . 2008-01-19 01:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
2008-07-14 17:27 . 2008-01-19 02:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
2008-07-14 17:27 . 2008-01-19 02:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
2008-07-14 17:27 . 2008-01-19 02:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll
2008-07-14 17:26 . 2008-01-19 02:34 305,152 --a------ C:\Windows\System32\msdelta.dll
2008-07-14 17:26 . 2008-01-19 02:34 258,560 --a------ C:\Windows\System32\dpx.dll
2008-07-14 17:26 . 2008-01-19 02:34 246,784 --a------ C:\Windows\System32\drvstore.dll
2008-07-14 17:26 . 2008-01-19 02:36 218,624 --a------ C:\Windows\System32\wdscore.dll
2008-07-14 17:26 . 2008-01-19 02:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe
2008-07-14 17:26 . 2008-01-19 02:35 35,328 --a------ C:\Windows\System32\mspatcha.dll
2008-07-13 20:57 . 2008-07-19 13:22 <DIR> d-------- C:\Program Files\GameSpy Arcade
2008-07-13 20:01 . 2008-07-19 21:29 <DIR> d-------- C:\Program Files\PeerGuardian2
2008-07-13 16:18 . 2008-07-13 16:18 <DIR> d-------- C:\Windows\System32\Adobe
2008-07-13 02:04 . 2008-07-19 21:31 <DIR> d-------- C:\Users\Me and my angels 2\AppData\Roaming\Free Download Manager
2008-07-13 02:04 . 2008-07-19 12:40 <DIR> d-------- C:\Program Files\Free Download Manager
2008-06-30 10:59 . 2008-06-30 10:59 885,248 --a------ C:\Windows\System32\RacEngn.dll
2008-06-30 10:59 . 2008-06-30 10:59 9,127 --a------ C:\Windows\System32\RacUR.xml
2008-06-30 10:59 . 2008-06-30 10:59 153 --a------ C:\Windows\System32\RacUREx.xml
2008-06-30 10:54 . 2008-06-30 10:54 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-06-30 10:54 . 2008-06-30 10:54 14,848 --a------ C:\Windows\System32\wshrm.dll
2008-06-30 10:53 . 2008-06-30 10:53 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-06-30 10:53 . 2008-06-30 10:53 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-06-30 10:53 . 2008-06-30 10:53 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-06-30 10:53 . 2008-06-30 10:53 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-30 10:53 . 2008-06-30 10:53 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-06-30 10:53 . 2008-06-30 10:53 69,632 --a------ C:\Windows\System32\Mpeg2Data.ax
2008-06-30 10:53 . 2008-06-30 10:53 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-06-30 10:49 . 2008-06-30 10:49 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-06-30 10:49 . 2008-06-30 10:49 826,880 --a------ C:\Windows\System32\wininet.dll
2008-06-29 22:12 . 2008-06-29 22:12 18 --a------ C:\Windows\gfact.ini
2008-06-29 22:11 . 2008-06-29 22:12 <DIR> d-------- C:\Program Files\bruce2
2008-06-29 19:16 . 2008-06-29 19:17 <DIR> d-------- C:\Users\Me and my angels 2\AppData\Roaming\Software Informer
2008-06-29 19:15 . 2008-06-29 20:30 <DIR> d-------- C:\Program Files\Software Informer
2008-06-29 18:59 . 2008-07-13 22:32 <DIR> d-------- C:\Program Files\Battlefield Browser

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-20 03:26 13,636 ----a-w C:\Users\Me and my angels 2\AppData\Roaming\nvModes.dat
2008-07-19 23:55 --------- d-----w C:\Program Files\Yahoo!
2008-07-19 23:55 --------- d-----w C:\Program Files\FLV Player
2008-07-19 23:41 --------- d-----w C:\ProgramData\Google Updater
2008-07-19 23:35 --------- d-----w C:\Program Files\Google
2008-07-19 23:32 --------- d-----w C:\Program Files\Java
2008-07-19 23:09 --------- d-----w C:\Program Files\Picasa2
2008-07-19 16:44 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\uTorrent
2008-07-18 05:57 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-07-17 06:24 --------- d-----w C:\ProgramData\Roxio
2008-07-17 01:49 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\Yahoo!
2008-07-17 01:49 --------- d-----w C:\ProgramData\Yahoo!
2008-07-15 13:40 174 --sha-w C:\Program Files\desktop.ini
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Mail
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Journal
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Defender
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Collaboration
2008-07-15 13:23 --------- d-----w C:\Program Files\Windows Calendar
2008-07-15 01:16 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-07-14 18:46 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\dvdcss
2008-07-14 01:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-12 19:23 --------- d-----w C:\Program Files\Hewlett-Packard
2008-07-11 20:15 --------- d-----w C:\ProgramData\Microsoft Help
2008-06-29 04:19 --------- d-----w C:\ProgramData\DVD Shrink
2008-06-23 05:02 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\Roxio
2008-06-22 20:51 --------- d---a-w C:\ProgramData\TEMP
2008-06-22 18:53 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-15 03:45 --------- d-----w C:\Program Files\DAEMON Tools Pro
2008-06-11 03:04 --------- d-----w C:\ProgramData\Kaspersky Lab Setup Files
2008-06-10 21:13 --------- d---a-w C:\Users\Me and my angels 2\AppData\Roaming\InstallShield
2008-06-10 17:59 --------- d-----w C:\ProgramData\CyberLink
2008-06-10 17:12 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-06-10 17:09 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-06-10 17:09 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-06-10 17:09 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-06-10 17:09 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-06-10 17:09 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-05-30 16:14 --------- d-----w C:\Program Files\RADVideo
2008-05-25 16:16 --------- d-----w C:\ProgramData\River Past G5
2008-05-24 23:49 --------- d-----w C:\Users\Me and my angels 2\AppData\Roaming\River Past G5
2008-05-24 20:39 --------- d-----w C:\Users\Me and my angels 2\AppData\Roaming\iolo
2008-05-24 20:39 --------- d-----w C:\ProgramData\iolo
2008-05-06 19:15 47,360 ----a-w C:\Users\Me and my angels 2\AppData\Roaming\pcouffin.sys
2007-09-14 06:27 24,576 ----a-w C:\Users\Me and my angels 2\AppData\Roaming\PnkBstrK.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 02:33 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 02:33 125952]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 05:29 220544]
"AGEIA PhysX SysTray"="C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe" [2007-01-05 23:23 357928]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-10 22:56 218032]
"Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2008-05-20 17:27 2474031]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2007-06-02 15:59 1457152]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-29 01:57 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 02:05 1045800]
"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 13:42 70912]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 16:24 54840]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 08:21 94208]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 03:29 102400]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 21:16 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 10:14 270648]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-11-24 15:33 167936]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2006-10-18 09:56 317152]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"MSConfig"="C:\Windows\System32\msconfig.exe" [2008-01-19 02:33 227840]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-02-27 11:26 90191]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-02-27 11:26 7770112]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-02-27 11:26 81920]
"ClamWin"="C:\Program Files\ClamWin\bin\ClamTray.exe" [2008-06-14 14:13 77824]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-07-19 18:32 29744]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-07-09 16:33 36352]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-03-23 16:48:32 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_Dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-239065566-3441178637-797170251-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A25AAB0F-BDDE-4825-9006-2C81FA627C66}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{4F3AE1B6-54D9-48FE-931C-4084D9E8A7FE}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{CB61196D-10EC-45E0-9300-02517F61BA83}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{29FE60EB-5341-4B90-973A-440A470ABC7B}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{5B33143C-8170-4085-A1CF-FB72BA0A2CD2}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{646D00DE-092A-4E5E-B686-196F2889CEBA}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{0C7C77B6-3E69-488C-9D2A-FC9231ACE37A}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{B7F8021A-0559-4835-A231-88DEEE195EEC}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"UDP Query User{F190FFC4-0D5F-48A9-A6FD-0FCB7D9642BF}C:\\program files\\ea games\\battlefield vietnam\\bfvietnam.exe"= TCP:C:\program files\ea games\battlefield vietnam\bfvietnam.exe:bfvietnam
"TCP Query User{2E98FD3D-7F29-4F99-8F51-2D9AEA97D397}C:\\program files\\ea games\\battlefield vietnam\\bfvietnam.exe"= UDP:C:\program files\ea games\battlefield vietnam\bfvietnam.exe:bfvietnam
"{95ECDD01-AB84-4195-A36C-29147C571235}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{9E02C4F2-DF48-4ADA-B6DF-757714F01315}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{847B4D9A-56A3-49A5-9521-2D7585715908}"= UDP:C:\Program Files\HP\QuickPlay\QP.exe:QP
"{90528E1E-A1FE-4A81-B793-12DCFBBD3662}"= TCP:C:\Program Files\HP\QuickPlay\QP.exe:QP
"{090CF6CF-EE2B-41E5-8C78-4E27BDD9A0C7}"= UDP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{6B57F522-FAAD-41A8-B1C1-953062BF9446}"= C:\Program Files\HP Connections\6811507\Program\HP Connections:HP Connections
"{AB06BDE8-59B8-48EC-BE3A-F47C57907ABE}"= UDP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{81A65DC1-77E6-4167-8E14-4B7FCA87FA72}"= TCP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{EC58DC15-F7C5-434D-85D3-CDAD99FD9AC4}"= UDP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{60DEC888-F219-4253-B879-9DCB9F49D1E6}"= TCP:C:\Program Files\HP Connections\6811507\Program\HP Connections.exe:HP Connections
"{69766FF7-C030-44B6-941A-342BD87A0965}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{6B858232-CDA8-4787-BC69-95686C88817A}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{964A17A2-B864-49C4-AE05-C970AF48F245}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{D0E33B3D-1A5D-4264-A998-9D761F9F2B0E}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{E4F8C58C-172C-4E9F-87BD-9C7CCBAA8251}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{0CA0798A-3E2C-4FD7-BEAB-7513E7519FE5}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{E93F0325-7515-4077-B660-9EE7BCB2A972}"= UDP:C:\Program Files\Google\Google Talk\googletalk.exe:Google Talk
"{67C4A776-378F-4425-83E9-A1EB7B41A638}"= TCP:C:\Program Files\Google\Google Talk\googletalk.exe:Google Talk
"{51E7B6F4-55CA-4777-A7D7-E38AFD3FD8DE}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{A388478B-6806-4365-ABDC-7F0B1B3C3663}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{00EF6E7F-E560-4770-862E-AD465E485EC7}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{08918F9A-BEAC-4B64-8C0D-47F08A965A43}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{5E298237-770A-4E31-8D9F-273ABC055F34}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\pb\PnkBstrB.exe:PnkBstrB
"{40A29172-F0DE-4101-95A4-CEA1E9046CC4}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\pb\PnkBstrB.exe:PnkBstrB
"{2443FB9C-0C3E-411C-B4A8-CA2474869633}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\pb\PunkBuster services,service installer.exe:PunkBuster services,service installer
"{97A0E64C-946F-4B98-A6FF-940323D822AD}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\pb\PunkBuster services,service installer.exe:PunkBuster services,service installer
"{BB3E4C49-CA8A-4B70-96B9-821FCD7DC28E}"= UDP:C:\Users\Me and my angels 2\Downloads\programs\utorrent.exe:µTorrent
"{44D71720-AE6C-414D-9B3D-6D18C12EA338}"= TCP:C:\Users\Me and my angels 2\Downloads\programs\utorrent.exe:µTorrent
"{A873608A-C131-4458-AD97-0E50FF1D2D5A}"= UDP:C:\Program Files\PeerGuardian2\pg2.exe:PeerGuardian
"{DEDF92E4-A432-4923-85C6-0A9A8C96B774}"= TCP:C:\Program Files\PeerGuardian2\pg2.exe:PeerGuardian
"{75587C85-D95F-4A86-BD41-5F431C150F4D}"= UDP:C:\Program Files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{141BDFE0-A0C3-4E9E-8FE7-2FF6146767E9}"= TCP:C:\Program Files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{BBB29F7F-E486-40BB-A7D2-2F890EF11DF2}"= UDP:C:\Users\Me and my angels 2\Documents\Downloads\programs\utorrent.exe:µTorrent
"{3AB68C21-BF85-4736-B72E-31C3767180B6}"= TCP:C:\Users\Me and my angels 2\Documents\Downloads\programs\utorrent.exe:µTorrent
"{BA84386F-D8FC-4B88-A84E-F4FCA3C04B8A}"= UDP:C:\Users\Me and my angels 2\Downloads\programs\utorrent.exe:µTorrent
"{1C4C5EBB-A46F-437F-8B90-ED32B4847E3C}"= TCP:C:\Users\Me and my angels 2\Downloads\programs\utorrent.exe:µTorrent
"{8D4E3FE1-D5E6-4942-BA45-31DB1670F355}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{20C424E2-6871-470B-901E-2D0E036B8402}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{6793AAE9-560F-4AC2-A921-B7142C91E4BA}C:\\users\\me and my angels 2\\desktop\\utorrent.exe"= UDP:C:\users\me and my angels 2\desktop\utorrent.exe:utorrent.exe
"UDP Query User{EDAE37B9-BA9B-4CAB-A944-20EC3450D428}C:\\users\\me and my angels 2\\desktop\\utorrent.exe"= TCP:C:\users\me and my angels 2\desktop\utorrent.exe:utorrent.exe
"{9A29261D-687F-4668-A973-F6FB2495BA1D}"= UDP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{729C1ED6-0E10-405D-9778-836B1A82F9E3}"= TCP:C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"TCP Query User{A0C17AEA-87F1-41F3-AFB8-C1D02D0DD637}C:\\users\\me and my angels 2\\appdata\\local\\temp\\mrt852b.tmp\\stdrt.exe"= UDP:C:\users\me and my angels 2\appdata\local\temp\mrt852b.tmp\stdrt.exe:stdrt.exe
"UDP Query User{2374F97D-CD47-407D-BB80-9D88F6C47707}C:\\users\\me and my angels 2\\appdata\\local\\temp\\mrt852b.tmp\\stdrt.exe"= TCP:C:\users\me and my angels 2\appdata\local\temp\mrt852b.tmp\stdrt.exe:stdrt.exe
"{964FA9DD-191C-43ED-9260-BD03A6DF1555}"= UDP:C:\Program Files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"{DCA6DE48-B669-48A4-8E64-633AFF53B1F8}"= TCP:C:\Program Files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"TCP Query User{B814A61C-C96D-4AEE-8E3A-56DDBB653491}C:\\users\\me and my angels 2\\appdata\\local\\temp\\wzse0.tmp\\symnrt.exe"= UDP:C:\users\me and my angels 2\appdata\local\temp\wzse0.tmp\symnrt.exe:symnrt.exe
"UDP Query User{17A11D2A-3FED-40B0-886E-DFE46EE92895}C:\\users\\me and my angels 2\\appdata\\local\\temp\\wzse0.tmp\\symnrt.exe"= TCP:C:\users\me and my angels 2\appdata\local\temp\wzse0.tmp\symnrt.exe:symnrt.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DefaultOutboundAction"= 0 (0x0)
"DefaultInboundAction"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"<NO NAME>"= :*:Enabled:Yahoo! Music Jukebox
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink

R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service;C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 05:10]
S3 GameConsoleService;GameConsoleService;C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-10-01 11:34]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-19 18:32]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2008-07-18 19:15]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 02:30]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2006-10-18 19:09]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2006-10-18 19:09]
S3 SSDefrag;SSDefrag;C:\Windows\system32\drivers\SSDefrag.sys [2008-02-18 12:27]

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2008-07-19 22:57:40 C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Me and my angels 2.job"
- c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK:
"2008-07-20 04:29:29 C:\Windows\Tasks\User_Feed_Synchronization-{9F1A3FA5-4B9D-479B-95FE-7AF5F899F293}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-19 23:18:21
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-07-19 23:40:38
ComboFix-quarantined-files.txt 2008-07-20 04:40:20

Pre-Run: 18,618,028,032 bytes free
Post-Run: 16,811,032,576 bytes free

278 --- E O F --- 2008-07-19 22:48:17

[Essexboy]

Hi there and sorry for the delay I will need a fresh look at your system plus an update on your problems

Download OTScanit to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

• Close ALL OTHER PROGRAMS.
• Open the OTScanit folder and double-click on OTScanit.exe to start the program.
• Check the box that says Scan All User Accounts
• Check the Radio buttons for Files/Folders Created Within 90 Days and Files/Folders Modified Within 90 Days
• Under Additional Scans check the following:
  • Reg - BotCheck
  • File - Additional Folder Scans
  • File - Purity Scan
• Now click the Run Scan button on the toolbar.
• Let it run unhindered until it finishes.
• When the scan is complete Notepad will open with the report file loaded in it.
• Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Please attach the log in your next post.

To attach a file, do the following:

• Click Add Reply
• Under the reply panel is the Attachments Panel
• Browse for the attachment file you want to upload, then click the green Upload button
• Once it has uploaded, click the Manage Current Attachments drop down box
• Click on to insert the attachment into your post

[_The_Nothing_]

it's to large should I split up the log ? 781 KB , or just past it ?

Edited by _The_Nothing_, 06 September 2008 - 11:00 AM.

[Essexboy]

Upload it to Mediafire and post the sharing link

[_The_Nothing_]

OTScanIt

[Essexboy]

That did not look too bad - are you experiencing any problems ?

[_The_Nothing_]

whenever I open a folder now I have to change the view otherwise they look blank as seen in the snip.
I don't get it, isn't that like a sign of corruption or something ?

Attached Thumbnails

• 

[Essexboy]

Try this little registry fix from Kellys Korner

Download the .exe file and run - let me know if that cures it

[_The_Nothing_]

stupid question it's ok to use on vista right ?

[Essexboy]

Can you follow the instructions on this page whilst I test it on my Vista system

[_The_Nothing_]

I have to change the view in order to see them that fixed somethings but it appeasers alot of it is still broke

Attached Thumbnails

• 

[_The_Nothing_]

Vista Icon Cache - Rebuild Vista Forums

ok this one helped thanks alot deleting the IconCache.db but... I'll still sometime have to open all the folders and change the veiw to see the icons.
I went out of the folders and back in they stayed showing their icons.
the desktop still seems to be a problem it's still black and won't display my desktop picture .

Attached Thumbnails

• 

[Essexboy]

In the drop down box on your screenshot select another folder that you know has pictures and see if that shows some to use as a background

[_The_Nothing_]

I'm afraid it's not working at all, it's totally broke.