MBGraphics

It wont let me follow the link

__________________
Mike Pics of my rig HERE
Case:Lian Li with Swiftek apogee watercooling
CPU: Intel Q6600 (2.4 GHz)
Video: NVIDIA GeForce 8800GTX BFG OC Edition. LG 23" 1080HD and Sharp 19"
RAM/Storage:4GB Kingston Hyper X DDR2/320GB(7,200RPM) an 160GB(10,000 RPM) internals, and 320GB External
Sound Card: Creative X-Fi XtremeGamer Fatality
OS: Windows Vista Home Premium (64-bit)
M-B-Photos
Winner of Photo Tournaments: Automobiles and Birds

cohen

Can you download it on another computer and then put it onto a USB and install it and then go like that???

__________________
Cohen

MBGraphics

I will try that. be back soon with an update.

__________________
Mike Pics of my rig HERE
Case:Lian Li with Swiftek apogee watercooling
CPU: Intel Q6600 (2.4 GHz)
Video: NVIDIA GeForce 8800GTX BFG OC Edition. LG 23" 1080HD and Sharp 19"
RAM/Storage:4GB Kingston Hyper X DDR2/320GB(7,200RPM) an 160GB(10,000 RPM) internals, and 320GB External
Sound Card: Creative X-Fi XtremeGamer Fatality
OS: Windows Vista Home Premium (64-bit)
M-B-Photos
Winner of Photo Tournaments: Automobiles and Birds

MBGraphics

Ok,here is the ComboFix log:

ComboFix 08-09-20.05 - chevy 2008-09-20 18:00:08.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2385 [GMT -7:00]
Running from: G:\ComboFix.exe
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DOCUME~1\chevy\LOCALS~1\Temp\spwA.tmp
C:\Documents and Settings\chevy\Cookies\chevy@ad.yieldmanager[1].txt
C:\Documents and Settings\chevy\Cookies\chevy@trafficmp[1].txt
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\temp\tn3
C:\WINDOWS\BMc3f18164.txt
C:\WINDOWS\BMc3f18164.xml
C:\WINDOWS\Fonts\'
C:\WINDOWS\Fonts\a.zip
C:\WINDOWS\Fonts\Crack.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\_003284_.tmp.dll
C:\WINDOWS\system32\_003285_.tmp.dll
C:\WINDOWS\system32\_003286_.tmp.dll
C:\WINDOWS\system32\_003287_.tmp.dll
C:\WINDOWS\system32\_003292_.tmp.dll
C:\WINDOWS\system32\_003293_.tmp.dll
C:\WINDOWS\system32\_003294_.tmp.dll
C:\WINDOWS\system32\_003295_.tmp.dll
C:\WINDOWS\system32\_003296_.tmp.dll
C:\WINDOWS\system32\_003297_.tmp.dll
C:\WINDOWS\system32\_003298_.tmp.dll
C:\WINDOWS\system32\_003299_.tmp.dll
C:\WINDOWS\system32\_003300_.tmp.dll
C:\WINDOWS\system32\_003301_.tmp.dll
C:\WINDOWS\system32\_003303_.tmp.dll
C:\WINDOWS\system32\_003304_.tmp.dll
C:\WINDOWS\system32\_003306_.tmp.dll
C:\WINDOWS\system32\_003307_.tmp.dll
C:\WINDOWS\system32\_003308_.tmp.dll
C:\WINDOWS\system32\_003310_.tmp.dll
C:\WINDOWS\system32\_003313_.tmp.dll
C:\WINDOWS\system32\_003314_.tmp.dll
C:\WINDOWS\system32\_003316_.tmp.dll
C:\WINDOWS\system32\_003317_.tmp.dll
C:\WINDOWS\system32\_003318_.tmp.dll
C:\WINDOWS\system32\_003319_.tmp.dll
C:\WINDOWS\system32\_003320_.tmp.dll
C:\WINDOWS\system32\_003321_.tmp.dll
C:\WINDOWS\system32\_003323_.tmp.dll
C:\WINDOWS\system32\_003324_.tmp.dll
C:\WINDOWS\system32\_003325_.tmp.dll
C:\WINDOWS\system32\_003326_.tmp.dll
C:\WINDOWS\system32\_003327_.tmp.dll
C:\WINDOWS\system32\_003328_.tmp.dll
C:\WINDOWS\system32\_003329_.tmp.dll
C:\WINDOWS\system32\_003330_.tmp.dll
C:\WINDOWS\system32\_003333_.tmp.dll
C:\WINDOWS\system32\_003334_.tmp.dll
C:\WINDOWS\system32\_003335_.tmp.dll
C:\WINDOWS\system32\_003336_.tmp.dll
C:\WINDOWS\system32\_003337_.tmp.dll
C:\WINDOWS\system32\_003338_.tmp.dll
C:\WINDOWS\system32\_003339_.tmp.dll
C:\WINDOWS\system32\_003341_.tmp.dll
C:\WINDOWS\system32\_003342_.tmp.dll
C:\WINDOWS\system32\_003343_.tmp.dll
C:\WINDOWS\system32\_003344_.tmp.dll
C:\WINDOWS\system32\_003345_.tmp.dll
C:\WINDOWS\system32\_003346_.tmp.dll
C:\WINDOWS\system32\_003348_.tmp.dll
C:\WINDOWS\system32\_003351_.tmp.dll
C:\WINDOWS\system32\_003352_.tmp.dll
C:\WINDOWS\system32\_003356_.tmp.dll
C:\WINDOWS\system32\_003357_.tmp.dll
C:\WINDOWS\system32\_003359_.tmp.dll
C:\WINDOWS\system32\_003362_.tmp.dll
C:\WINDOWS\system32\_003364_.tmp.dll
C:\WINDOWS\system32\_003365_.tmp.dll
C:\WINDOWS\system32\_003366_.tmp.dll
C:\WINDOWS\system32\_003367_.tmp.dll
C:\WINDOWS\system32\_003370_.tmp.dll
C:\WINDOWS\system32\_003371_.tmp.dll
C:\WINDOWS\system32\_003372_.tmp.dll
C:\WINDOWS\system32\_003373_.tmp.dll
C:\WINDOWS\system32\_003374_.tmp.dll
C:\WINDOWS\system32\_003379_.tmp.dll
C:\WINDOWS\system32\_003381_.tmp.dll
C:\WINDOWS\system32\_003382_.tmp.dll
C:\WINDOWS\system32\bhlhbjde.dll
C:\WINDOWS\SYSTEM32\BIRsAJlm.ini
C:\WINDOWS\system32\bmimlplj.dll
C:\WINDOWS\system32\bvtivuaf.dll
C:\WINDOWS\system32\byXnKcBu.dll
C:\WINDOWS\system32\byXPHaWp.dll
C:\WINDOWS\system32\cbXQheEv.dll
C:\WINDOWS\system32\cbXQhGvw.dll
C:\WINDOWS\system32\cgvadhej.dll
C:\WINDOWS\system32\dfhnhc.dll
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\efcBtSkI.dll
C:\WINDOWS\system32\efcYOifF.dll
C:\WINDOWS\system32\fcccyVlL.dll
C:\WINDOWS\system32\fccdaaBU.dll
C:\WINDOWS\system32\fogximhf.dll
C:\WINDOWS\system32\frjjdake.dll
C:\WINDOWS\system32\guknksmh.dll
C:\WINDOWS\system32\gxnotq.dll
C:\WINDOWS\system32\haemdi.dll
C:\WINDOWS\system32\IkStBcfe.ini
C:\WINDOWS\system32\jkkklKDS.dll
C:\WINDOWS\system32\jkkLETNf.dll
C:\WINDOWS\system32\khfFXooN.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mlJYPhee.dll
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\SYSTEM32\MSrrqtwa.ini
C:\WINDOWS\system32\nnnmnLfd.dll
C:\WINDOWS\system32\otsdyhpk.dll
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pmnmlkiG.dll
C:\WINDOWS\system32\qaugjc.dll
C:\WINDOWS\system32\rqRJArPh.dll
C:\WINDOWS\system32\rqRKCvTJ.dll
C:\WINDOWS\system32\SDKlkkkj.ini
C:\WINDOWS\SYSTEM32\SDKlkkkj.ini2
C:\WINDOWS\system32\tdssadw.dll
C:\WINDOWS\system32\tdssinit.dll
C:\WINDOWS\system32\tdssl.dll
C:\WINDOWS\system32\tdsslog.dll
C:\WINDOWS\system32\tdssmain.dll
C:\WINDOWS\system32\tdssserf.dll
C:\WINDOWS\system32\tdssservers.dat
C:\WINDOWS\system32\ttgbjl(2).dll
C:\WINDOWS\system32\twddnsre.dll
C:\WINDOWS\SYSTEM32\uBcKnXyb.ini
C:\WINDOWS\SYSTEM32\uBcKnXyb.ini2
C:\WINDOWS\system32\vtUoPgda.dll
C:\WINDOWS\SYSTEM32\WEKTCJlm.ini
C:\WINDOWS\system32\xwvexa.dll
C:\WINDOWS\system32\yayvTmmL.dll

.
((((((((((((((((((((((((( Files Created from 2008-08-21 to 2008-09-21 )))))))))))))))))))))))))))))))
.

2008-09-20 16:44 . 2008-09-20 16:44 <DIR> d-------- C:\Program Files\Antivirus Protection
2008-09-20 15:03 . 2008-09-20 15:03 65 --a------ C:\WINDOWS\SYSTEM32\c0c2a076
2008-09-20 14:43 . 2008-09-20 14:43 355 --a------ C:\955.bat
2008-09-20 13:13 . 2008-09-20 13:13 71 --a------ C:\Documents and Settings\chevy\1359.bat
2008-09-20 12:35 . 2008-09-20 12:35 71 --a------ C:\Documents and Settings\chevy\4742.bat
2008-09-20 12:26 . 2008-09-20 12:26 355 --a------ C:\421.bat
2008-09-19 16:57 . 2008-09-19 16:57 71 --a------ C:\Documents and Settings\chevy\3480.bat
2008-09-19 16:01 . 2008-09-19 16:01 34,816 --a------ C:\WINDOWS\SYSTEM32\tuvWmJdb.dll
2008-09-19 16:01 . 2008-09-19 16:01 355 --a------ C:\356.bat
2008-09-17 19:49 . 2008-09-17 19:49 1,001,023 --ahs---- C:\WINDOWS\SYSTEM32\WEKTCJlm.tmp
2008-09-17 19:02 . 2008-09-17 19:02 (2) -rahs-ot- C:\WINDOWS\winstart.bat
2008-09-17 19:00 . 2008-09-17 19:49 <DIR> d-------- C:\Program Files\UnHackMe
2008-09-17 16:37 . 2008-09-17 16:37 121 --ahs---- C:\WINDOWS\SYSTEM32\BIRsAJlm.tmp
2008-09-17 16:02 . 2008-09-17 16:02 147,456 --a------ C:\WINDOWS\SYSTEM32\vbzip10.dll
2008-09-17 15:59 . 2008-09-17 18:23 <DIR> d--hs---- C:\WINDOWS\Y2hldnk
2008-09-17 15:59 . 2008-09-17 15:59 71,711 --a------ C:\WINDOWS\SYSTEM32\eiytiugwtrfxaxske.exe
2008-09-17 15:58 . 2008-09-17 18:20 <DIR> d-------- C:\WINDOWS\SYSTEM32\wp
2008-09-17 15:58 . 2008-09-17 15:58 <DIR> d-------- C:\WINDOWS\SYSTEM32\RES
2008-09-17 15:58 . 2008-09-17 18:21 <DIR> d-------- C:\WINDOWS\SYSTEM32\np5
2008-09-17 15:58 . 2008-09-17 15:58 <DIR> d-------- C:\WINDOWS\SYSTEM32\mC02
2008-09-17 15:58 . 2008-09-17 15:58 <DIR> d-------- C:\Temp\mtc2
2008-09-17 15:58 . 2008-09-20 18:02 <DIR> d-------- C:\Temp
2008-09-05 17:28 . 2008-09-05 17:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-08-29 05:11 . 2008-08-29 05:11 166,400 --a------ C:\WINDOWS\SYSTEM32\dcftwsccwjivny.dll
2008-08-27 14:03 . 2008-08-27 14:03 42,320 --a------ C:\WINDOWS\SYSTEM32\xfcodec.dll
2008-08-27 13:35 . 2007-02-28 02:08 2,147,840 --a------ C:\WINDOWS\SYSTEM32\ntoskrnl.exe
2008-08-26 23:08 . 2008-08-26 23:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Fugazo
2008-08-26 23:07 . 2008-08-26 23:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-08-26 19:50 . 2008-08-27 13:48 <DIR> d-------- C:\WINDOWS\SYSTEM32\scripting
2008-08-26 19:50 . 2008-08-27 13:48 <DIR> d-------- C:\WINDOWS\SYSTEM32\en
2008-08-26 19:50 . 2008-08-27 13:48 <DIR> d-------- C:\WINDOWS\SYSTEM32\bits
2008-08-26 19:50 . 2008-08-27 13:48 <DIR> d-------- C:\WINDOWS\l2schemas
2008-08-26 19:45 . 2004-08-10 03:00 71,040 --------- C:\WINDOWS\SYSTEM32\DRIVERS\_003269_.tmp.dll
2008-08-26 19:07 . 2008-04-13 17:11 2,843,136 --a------ C:\WINDOWS\SYSTEM32\SET961.tmp
2008-08-26 18:46 . 2008-08-28 09:43 <DIR> d-------- C:\WINDOWS\SYSTEM32\CatRoot_bak
2008-08-23 19:59 . 2008-08-23 19:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Winferno

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-09-20 23:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-20 05:43 --------- d-----w C:\Documents and Settings\chevy\Application Data\Xfire
2008-09-19 03:41 --------- d-s---w C:\Program Files\Xfire
2008-09-19 01:02 --------- d-----w C:\Documents and Settings\chevy\Application Data\ZoomBrowser EX
2008-09-18 03:00 --------- d-----w C:\Program Files\LimeWire
2008-09-17 22:57 --------- d-----w C:\Documents and Settings\chevy\Application Data\Azureus
2008-09-16 03:35 139,128 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-09-06 00:54 --------- d-----w C:\Program Files\Canon
2008-09-06 00:26 --------- d-----w C:\Program Files\Common Files\Canon
2008-08-27 21:12 --------- d-----w C:\Program Files\Ascentive
2008-08-27 05:59 --------- d-----w C:\Documents and Settings\chevy\Application Data\gtk-2.0
2008-08-27 03:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-27 03:08 --------- d-----w C:\Program Files\Freeze.com Toolbar
2008-08-24 03:07 --------- d-----w C:\Program Files\Bonjour
2008-08-24 03:03 --------- d-----w C:\Program Files\Speeditup Free
2008-08-24 03:02 --------- d-----w C:\Program Files\MySpace
2008-08-21 05:06 --------- d-----w C:\Program Files\Free Offers from Freeze.com
2008-08-21 05:06 --------- d-----w C:\Program Files\AWS
2008-08-21 05:06 --------- d-----w C:\Documents and Settings\chevy\Application Data\WeatherBug
2008-08-20 07:49 --------- d-----w C:\Program Files\Flickr Uploadr
2008-08-20 01:02 --------- d-----w C:\Program Files\HD Tune
2008-08-13 21:58 --------- d-----w C:\Documents and Settings\chevy\Application Data\BearShare
2008-08-12 05:50 --------- d-----w C:\Program Files\BearShare Applications
2008-08-12 02:23 32,778 ----a-w C:\WINDOWS\Fonts\thematrix.zip
2008-08-12 02:07 81,312 ----a-w C:\WINDOWS\Fonts\fontz_1120_miltownmatrix.zip
2008-08-11 05:03 --------- d-----w C:\Documents and Settings\chevy\Application Data\Flickr
2008-08-09 23:09 --------- d-----w C:\Program Files\GIMP-2.0
2008-08-04 22:27 --------- d-----w C:\Program Files\UltraMon
2008-08-04 22:27 --------- d-----w C:\Program Files\Common Files\Realtime Soft
2008-08-04 22:27 --------- d-----w C:\Documents and Settings\chevy\Application Data\Realtime Soft
2008-08-04 22:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Realtime Soft
2008-08-04 22:15 --------- d-----w C:\Program Files\Common Files\Stardock
2008-07-23 08:17 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-12-25 17:58 22,328 ----a-w C:\Documents and Settings\chevy\Application Data\PnkBstrK.sys
2007-10-06 21:22 1,066,496 -csha-w C:\Program Files\ehthumbs.db
2005-08-06 06:54 211,952 ----a-w C:\Program Files\new.sc3
2005-08-06 03:55 164,538 -c--a-w C:\Program Files\new city.sc3
2005-07-29 22:52 56,192 ----a-w C:\Program Files\New City69.sc3
2005-07-07 23:07 251 ----a-w C:\Program Files\wt3d.ini
2003-05-27 03:08 8,964,958 ----a-w C:\Documents and Settings\chevy\SCXE26Setup.exe
2003-05-05 22:59 436,224 ----a-w C:\Documents and Settings\chevy\SCXEDirectoryFix.exe
2003-04-19 22:34 467,968 ----a-w C:\Documents and Settings\chevy\SCXEUpd.exe
.

------- Sigcheck -------

2005-03-01 17:36 2056832 d8aba3eab509627e707a3b14f00fbb6b C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
2006-12-19 09:12 2059392 ba4b97c00a437c1cc3da365d93ee1e9d C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe
2007-02-28 02:15 2059392 4d3dbdccbf97f5ba1e74f322b155c3ba C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
2004-08-03 20:59 2015232 fb142b7007ca2eea76966c6c5cc12150 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
2005-03-01 17:34 2015232 3cd941e472ddf3534e53038535719771 C:\WINDOWS\$NtUninstallKB929338$\ntkrnlpa.exe
2006-12-19 05:55 2015744 bbb2322eb14ad9ad55b1024ffd4d88bf C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
2007-02-28 01:38 2057600 515d30e2c90a3665a2739309334c9283 C:\WINDOWS\Driver Cache\I386\ntkrnlpa.exe
2008-04-13 11:31 2065792 109f8e3e3c82e337bb71b6bc9b895d61 C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\ntkrnlpa.exe
2007-02-28 01:38 2027520 54a8b9806027049f8b19f1274a63c7b4 C:\WINDOWS\SYSTEM32\ntkrnlpa.exe
2007-02-28 01:38 2015744 a58ac1c6199ef34228abee7fc057ae09 C:\WINDOWS\SYSTEM32\VITrans\ntkrnlpa.exe

2005-03-01 18:04 2179456 28187802b7c368c0d3aef7d4c382aabb C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
2006-12-19 09:51 2182016 cef243f6defd20be4adde26c7ecacb54 C:\WINDOWS\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
2007-02-28 02:55 2182144 5a5c8db4aa962c714c8371fbdf189fc9 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
2004-08-03 21:18 2148352 626309040459c3915997ef98ec1c8d40 C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
2005-03-01 17:57 2135552 48b3e89af7074cee0314a3e0c7faffdb C:\WINDOWS\$NtUninstallKB929338$\ntoskrnl.exe
2006-12-19 07:15 2136064 8318ed54797f3e513fd5817a1d4bbd18 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
2007-02-28 02:10 2180352 582a8dbaa58c3b1f176eb2817daee77c C:\WINDOWS\Driver Cache\I386\ntoskrnl.exe
2008-04-13 12:27 2188928 0c89243c7c3ee199b96fcc16990e0679 C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193 501484cf5e6884fa1d22f9e\ntoskrnl.exe
2007-02-28 02:08 2147840 5fb20cabc9a81baaabbe63f30ffc5284 C:\WINDOWS\SYSTEM32\ntoskrnl.exe
2007-02-28 02:08 2136064 1220faf071dea8653ee21de7dcda8bfd C:\WINDOWS\SYSTEM32\VITrans\ntoskrnl.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18a44c72-d267-d443-1461-db8338bae54e}]
2008-08-29 05:11 166400 --a------ C:\WINDOWS\system32\dcftwsccwjivny.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"Rainlendar2"="C:\Program Files\Rainlendar2\Rainlendar2.exe" [2007-12-30 1365504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [X]
"IAAnotif"="C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-03-23 135168]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 339968]
"IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-03 221184]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [2003-06-17 45056]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-10 90112]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2002-09-10 368706]
"YBrowser"="C:\PROGRA~1\Yahoo!\browser\ybrwicon.ex e" [2006-07-21 129536]
"Motive SmartBridge"="C:\PROGRA~1\SBCSEL~1\SMARTB~1\Motive SB.exe" [2003-12-10 380928]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2003-05-15 163840]
"IPHSend"="C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [2006-07-21 407032]
"StxTrayMenu"="C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe" [2007-01-04 187496]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 202544]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-10 289064]
"{88263159-d7ea-a00a-302d-778d20c39157}"="C:\WINDOWS\system32\dcftwsccwjivny .dll" [2008-08-29 166400]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-07-19 5361464]
"CTHelper"="CTHELPER.EXE" [2004-03-11 C:\WINDOWS\SYSTEM32\CTHELPER.EXE]

C:\Documents and Settings\chevy\Start Menu\Programs\Startup\
AutoBackup Launcher.lnk - C:\Program Files\Memeo\AutoBackup\MemeoLauncher.exe [2006-12-14 214520]
PowerReg Scheduler V3.exe [2005-08-09 225280]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
UltraMon.lnk - C:\WINDOWS\Installer\{AF0FA6D7-96F3-468A-ABB7-28BE006EA8E9}\IcoUltraMon.ico [2008-08-04 29310]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):76,69,73,74,61,75,69,2e,65,78,65,0 0

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=xwvexa.dll gxnotq.dll dfhnhc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= IR41_32.DLL
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ImageMixer for HDD Camcorder.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ImageMixer for HDD Camcorder.lnk
backup=C:\WINDOWS\pss\ImageMixer for HDD Camcorder.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SBC Self Support Tool.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SBC Self Support Tool.lnk
backup=C:\WINDOWS\pss\SBC Self Support Tool.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^chevy^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\chevy\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^chevy^Start Menu^Programs^Startup^Stardock ObjectDock.lnk]
path=C:\Documents and Settings\chevy\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-10 03:00 15360 C:\WINDOWS\SYSTEM32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a------ 2007-03-15 11:09 460784 C:\Program Files\DellSupport\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
--a------ 2007-11-15 10:23 202544 C:\Program Files\Dell Support Center\bin\sprtcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
--a------ 2007-11-15 10:24 16384 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
--------- 2005-02-23 14:19 53248 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-08-05 14:56 64512 C:\WINDOWS\EHOME\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
--a------ 2006-05-09 17:24 50760 C:\Program Files\Common Files\AOL\1154645544\ee\aolsoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ink Monitor]
--------- 2002-05-29 01:23 258118 C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-07-10 10:51 289064 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock]
--a------ 2004-09-20 02:27 65536 C:\Program Files\LClock\LClock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
--a------ 2005-06-28 21:51 26112 C:\Program Files\Real\RealPlayer\realplay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
--a------ 2007-07-19 22:54 5361464 C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2007-12-14 04:42 144784 C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViOrb]
--a------ 2007-11-19 14:01 163840 C:\Program Files\ViOrb\ViOrb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vista Sidebar]
--a------ 2007-11-20 14:51 524288 C:\Program Files\Vista Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViStart]
--a------ 2007-11-26 20:27 593920 C:\Program Files\ViStart\ViStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 18:43 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\system32\\sessmgr.exe"=

R0 SSFS0BB8;Spy Sweeper File System Filer Driver: 0BB8;C:\WINDOWS\system32\Drivers\SSFS0BB8.SYS [2007-07-19 20280]
R2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [2006-09-24 11776]
R3 UltraMonMirror;UltraMonMirror;C:\WINDOWS\system32\ DRIVERS\UltraMonMirror.sys [2006-09-24 3584]
S1 agp4400;agp4400;C:\WINDOWS\system32\drivers\agp440 0.sys [ ]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\WINDOWS\system32\drivers\ScreamingBAudio. sys [ ]
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

BHO-{26D81645-7E48-45C2-B063-9CB1E02045CB} - C:\WINDOWS\system32\jkkklKDS.dll
BHO-{5667B8CF-EB62-48DD-9155-6EB5D985388B} - C:\WINDOWS\system32\byXnKcBu.dll
BHO-{7186704C-C78F-425D-80DC-17A8E83F246F} - C:\WINDOWS\system32\yayvTmmL.dll
HKLM-Run-BMc3f18164 - C:\WINDOWS\system32\nfxbdohd.dll
HKLM-Run-c0c2b2f8 - C:\WINDOWS\system32\efcBtSkI.dll
ShellExecuteHooks-{07846E47-47CE-4C7C-989A-9A8380F3BD91} - (no file)
ShellExecuteHooks-{DA2E0515-F0D5-4773-8191-400CCD50783B} - (no file)
ShellExecuteHooks-{7186704C-C78F-425D-80DC-17A8E83F246F} - C:\WINDOWS\system32\yayvTmmL.dll
Notify-dimsntfy - (no file)
MSConfigStartUp-!AVG Anti-Spyware - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
MSConfigStartUp-ccApp - C:\Program Files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-MySpaceIM - C:\Program Files\MySpace\IM\MySpaceIM.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\chevy\Application Data\Mozilla\Firefox\Profiles\0l1uaqr4.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://us.f825.mail.yahoo.com/dc/launch?.rand=4euaucs69t81s
FF -: plugin - C:\Program Files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npampx3.0.84.2.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\npdivx32.dll
FF -: plugin - C:\Program Files\Yahoo!\Shared\npYState.dll
.

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-20 18:20:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Memeo\AutoBackup\MemeoService.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
C:\WINDOWS\EHOME\ehrecvr.exe
C:\WINDOWS\EHOME\ehSched.exe
C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe
C:\WINDOWS\SYSTEM32\PnkBstrA.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Memeo\AutoBackup\MemeoBackup.exe
C:\WINDOWS\EHOME\mcrdsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\SYSTEM32\dllhost.exe
C:\Program Files\Adobe\Acrobat 4.0\Reader\AcroRd32.exe
C:\Program Files\Webroot\Spy Sweeper\ssu.exe
C:\WINDOWS\SYSTEM32\imapi.exe
.
************************************************** ************************
.
Completion time: 2008-09-20 18:43:24 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-21 01:43:05
ComboFix2.txt 2008-02-14 23:15:33
ComboFix3.txt 2008-02-14 02:37:11

Pre-Run: 181,409,173,504 bytes free
Post-Run: 181,386,924,032 bytes free

449 --- E O F --- 2008-09-10 22:01:21

__________________
Mike Pics of my rig HERE
Case:Lian Li with Swiftek apogee watercooling
CPU: Intel Q6600 (2.4 GHz)
Video: NVIDIA GeForce 8800GTX BFG OC Edition. LG 23" 1080HD and Sharp 19"
RAM/Storage:4GB Kingston Hyper X DDR2/320GB(7,200RPM) an 160GB(10,000 RPM) internals, and 320GB External
Sound Card: Creative X-Fi XtremeGamer Fatality
OS: Windows Vista Home Premium (64-bit)
M-B-Photos
Winner of Photo Tournaments: Automobiles and Birds

Buzz1927

Please wait for Cohen to give his standard bullshit reply

__________________
Son of Glyndwr
Mae hen wlad fy nhadau yn annwyl i mi

Respital

I laughed so hard but since he isn't online... i'll do the honors.
Buzz why don't you just simply give him a ComboFix script anyways? You are able to aren't you?

Run A Kaspersky Online Scan
Using Internet Explorer Go to http://www.kaspersky.com/kos/eng/par...avwebscan.html and click the Accept button at the end of the page.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

• Read the Requirements and limitations before you click Accept.
• Allow the ActiveX download if necessary.
• Once the database has downloaded, click Next.
• Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
• Click on "My Computer" and then put the kettle on!
• When the scan has completed, click Save Report As...
• Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
• Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.

Copy and paste the report into your next reply along with a fresh HJT log and a description of how your PC is behaving.

__________________
Winner of Photo Tourney: Twilight
/My Rig:/
/Case :/ Antec Sonata III
/Power Supply :/ Antec Earthquake 500W
/Motherboard :/ Gigabyte P35-DSR3
/Processor :/ Intel E6850@3.4Ghz
/Ram :/ Consair 2x 1 Gb 800mhz
/Video Card :/ Zotac 8800 GT
/Monitor:/Samsung T220 w 20 000 : 1 Contrast and 2ms response time
/3DMark06 Score :/ 11730

Buzz1927

Yes, but I won't while he's still around

__________________
Son of Glyndwr
Mae hen wlad fy nhadau yn annwyl i mi

Respital

Oh then maybe i could lend him my toy which only he is allowed to touch.
Cohen, only you are allowed to touch this.

__________________
Winner of Photo Tourney: Twilight
/My Rig:/
/Case :/ Antec Sonata III
/Power Supply :/ Antec Earthquake 500W
/Motherboard :/ Gigabyte P35-DSR3
/Processor :/ Intel E6850@3.4Ghz
/Ram :/ Consair 2x 1 Gb 800mhz
/Video Card :/ Zotac 8800 GT
/Monitor:/Samsung T220 w 20 000 : 1 Contrast and 2ms response time
/3DMark06 Score :/ 11730

MBGraphics

Wow, this scan takes FOREVER!!
I'm at an hour and 40 mins and it says it's only at 40%

__________________
Mike Pics of my rig HERE
Case:Lian Li with Swiftek apogee watercooling
CPU: Intel Q6600 (2.4 GHz)
Video: NVIDIA GeForce 8800GTX BFG OC Edition. LG 23" 1080HD and Sharp 19"
RAM/Storage:4GB Kingston Hyper X DDR2/320GB(7,200RPM) an 160GB(10,000 RPM) internals, and 320GB External
Sound Card: Creative X-Fi XtremeGamer Fatality
OS: Windows Vista Home Premium (64-bit)
M-B-Photos
Winner of Photo Tournaments: Automobiles and Birds

Respital

It's very thorough.
Better to be long and thorough and detect everything then be short and detect nothing.

__________________
Winner of Photo Tourney: Twilight
/My Rig:/
/Case :/ Antec Sonata III
/Power Supply :/ Antec Earthquake 500W
/Motherboard :/ Gigabyte P35-DSR3
/Processor :/ Intel E6850@3.4Ghz
/Ram :/ Consair 2x 1 Gb 800mhz
/Video Card :/ Zotac 8800 GT
/Monitor:/Samsung T220 w 20 000 : 1 Contrast and 2ms response time
/3DMark06 Score :/ 11730