Yep, got that. Here's the log from ComboFix:
ComboFix 11-05-26.01 - Ben 26/05/2011 23:16:47.1.4 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.3325.2597 [GMT 1:00]
Running from: c:\users\Ben\Downloads\ComboFix.exe
AV: AVG Internet Security 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\42983160.exe
c:\programdata\gODYLqGmtHs.exe
c:\programdata\hpe2036.dll
c:\users\Ben\AppData\Roaming\.#
c:\users\Ben\AppData\Roaming\Adobe\plugs
c:\users\Ben\AppData\Roaming\Adobe\plugs\mmc484238553.txt
c:\users\Ben\AppData\Roaming\Adobe\shed
c:\users\Ben\AppData\Roaming\Adobe\shed\thr1.chm
c:\users\Ben\AppData\Roaming\system32
c:\users\Ben\WoWMe.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-04-26 to 2011-05-26 )))))))))))))))))))))))))))))))
.
.
2011-05-26 22:24 . 2011-05-26 22:24 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2011-05-26 22:24 . 2011-05-26 22:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-26 13:54 . 2011-05-26 13:54 388096 ----a-r- c:\users\Ben\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-05-26 13:54 . 2011-05-26 13:54 -------- d-----w- c:\program files\Trend Micro
2011-05-26 03:09 . 2011-05-26 03:09 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-25 19:02 . 2011-05-25 19:02 -------- d--h--w- c:\programdata\SplitMediaLabs
2011-05-25 19:00 . 2011-05-25 19:00 -------- d-----w- c:\program files\SplitMediaLabs
2011-05-24 12:47 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D8875DC0-3AD6-49FB-8711-06FBEC5FC834}\mpengine.dll
2011-05-17 16:52 . 2011-05-17 16:52 -------- d-----w- C:\BraCa Soft
2011-05-11 16:03 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-04-30 15:26 . 2011-04-30 15:26 -------- d--h--w- c:\programdata\nL31000BkHgN31000
2011-04-28 11:52 . 2011-04-28 11:52 784136 ---ha-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-04-27 03:19 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-04-27 03:19 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-09 17:55 . 2011-04-09 17:55 15453336 ----a-w- c:\windows\system32\xlive.dll
2011-04-09 17:55 . 2011-04-09 17:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2011-03-10 16:12 . 2011-04-14 14:31 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 16:12 . 2011-04-14 14:31 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-03-09 15:53 . 2011-03-09 15:53 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-03-09 15:53 . 2011-03-09 15:53 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-03-03 15:00 . 2011-04-14 14:31 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 14:56 . 2011-04-27 03:19 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 14:56 . 2011-04-27 03:19 459776 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 14:56 . 2011-04-27 03:19 541696 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 14:56 . 2011-04-27 03:19 2153984 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-03-03 12:53 . 2011-04-14 14:31 2040832 ----a-w- c:\windows\system32\win32k.sys
2011-03-02 14:49 . 2011-04-14 14:31 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{865fa0aa-d483-4caf-b548-838596b2906b}"= "c:\program files\Messenger_Plus_UK\prxtbMess.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{865fa0aa-d483-4caf-b548-838596b2906b}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 09:32 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 16:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{865fa0aa-d483-4caf-b548-838596b2906b}]
2011-01-17 16:54 175912 ----a-w- c:\program files\Messenger_Plus_UK\prxtbMess.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
"{865fa0aa-d483-4caf-b548-838596b2906b}"= "c:\program files\Messenger_Plus_UK\prxtbMess.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CLASSES_ROOT\clsid\{865fa0aa-d483-4caf-b548-838596b2906b}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]
"{865FA0AA-D483-4CAF-B548-838596B2906B}"= "c:\program files\Messenger_Plus_UK\prxtbMess.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CLASSES_ROOT\clsid\{865fa0aa-d483-4caf-b548-838596b2906b}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-09 39408]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-09-24 434176]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"VolPanel"="c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-05-05 221300]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-03-28 1910152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
backup=c:\windows\pss\Adobe Gamma Loader.exe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Ben^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk]
path=c:\users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hamachi.lnk
backup=c:\windows\pss\hamachi.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Ben^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=c:\users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 22:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]
2007-06-27 09:18 215256 ----a-w- c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 11:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-03-21 12:00 174872 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 15:33 141624 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
2007-01-12 17:48 275800 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 16:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NMSSupport]
2007-06-27 09:14 439512 ----a-w- c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-11-02 08:38 167936 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 21:16 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\razer]
2005-09-06 11:52 155648 ----a-w- c:\program files\Razer\Copperhead\razerhid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder_MUI]
2007-07-20 09:15 1089536 ---ha-r- c:\applications\oem\Reminder\Reminder_MUI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-06-20 16:56 4493312 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-01-19 07:33 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 13:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-06-15 16:45 1826816 ----a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2011-01-26 17:41 336384 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-24 02:22 1242448 ---ha-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-09 20:10 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX3000]
2006-12-05 15:39 707360 ----a-w- c:\windows\vVX3000.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-19 21504]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 176128]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1ca6d5d46378509;Google Update Service (gupdate1ca6d5d46378509);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-24 133104]
R2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [2007-02-18 5376]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 7566848]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 238592]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2010-11-17 97296]
R3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe [2011-03-06 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-03-06 79360]
R3 Creative HOAL Licensing Service;Creative HOAL Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTHOALLicensing.exe [2011-03-06 79360]
R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files\NCsoft\Aion\bin32\GameGuard\dump_wmimmc.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-24 133104]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2008-06-04 90408]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2008-06-04 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2008-06-04 122024]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2008-06-04 115368]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2008-06-04 25768]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2008-06-04 111784]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2008-06-04 117544]
R3 SecureSrv;SecureSrv;c:\program files\Hide My IP 2008\SecureSrv.exe [x]
R3 skfiltv;skfiltv;c:\windows\system32\drivers\skfiltv.sys [2008-08-14 17408]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 XDva370;XDva370;c:\windows\system32\XDva370.sys [x]
R3 XDva375;XDva375;c:\windows\system32\XDva375.sys [x]
R4 DHTRACE;Intel(R) DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [2007-06-27 39640]
R4 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2007-02-12 208896]
R4 NMSCore;Intel(R) NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [2007-06-27 317656]
R4 QualityManager;Intel(R) Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [2007-06-27 272600]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-03-19 717296]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
S3 IntelDH;IntelDH Driver;c:\windows\system32\Drivers\IntelDH.sys [2007-09-28 5632]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2005-11-02 11596]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-24 23:24]
.
2011-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-24 23:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Ben\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\n9gc1n5k.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://uk.msn.com/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4d967597&v=6.103.018.001&i=26&tp=ab&iy=b&ychte=uk&lng=en-GB&q=
FF - Ext: FIFA Online Web Launcher:
[email protected] - %profile%\extensions\
[email protected]
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Conduit Engine :
[email protected] - %profile%\extensions\
[email protected]
FF - Ext: Messenger Plus UK Community Toolbar: {865fa0aa-d483-4caf-b548-838596b2906b} - %profile%\extensions\{865fa0aa-d483-4caf-b548-838596b2906b}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
pref(dom.disable_open_during_load, true);
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-PlayNC Launcher - (no file)
HKCU-Run-Microsoft Security Update Machine - 89775.exe
HKCU-Run-gODYLqGmtHs - c:\programdata\gODYLqGmtHs.exe
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLL
Notify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.dll
MSConfigStartUp-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe
MSConfigStartUp-lphcvk0j0e91v - c:\windows\system32\lphcvk0j0e91v.exe
MSConfigStartUp-NvCplDaemon - c:\windows\system32\NvCpl.dll
MSConfigStartUp-NvMediaCenter - c:\windows\system32\NvMcTray.dll
MSConfigStartUp-SMrhcrk0j0e91v - c:\program files\rhcrk0j0e91v\rhcrk0j0e91v.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSConfigStartUp-Vidalia - c:\program files\Vidalia Bundle\Vidalia\vidalia.exe
AddRemove-Glitchy's Model Editing Suite_is1 - c:\program files\Glitchy's Model Editing Suite\unins000.exe
AddRemove-League of Legends_is1 - c:\program files\League of Legends\unins000.exe
AddRemove-LimeWire - c:\program files\Norton\LimeWire\uninstall.exe
AddRemove-Teamspeak 2 RC2_is1 - c:\program files\Teamspeak2_RC2\unins000.exe
AddRemove-Xvid_is1 - c:\program files\Xvid\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2011-05-26 23:24
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-05-26 23:33:44
ComboFix-quarantined-files.txt 2011-05-26 22:33
.
Pre-Run: 37,786,628,096 bytes free
Post-Run: 40,610,119,680 bytes free
.
- - End Of File - - 575708865D119E96FA8D022EA2F72103