Slow computer, and No Internet.

[M0LD0V4N]

My Uncles PC Got Infected badly and I'm not so good with windows, I fixed a Few, But I think there is still something wrong. Examples would be: Slow Computer, When I open up FireFox it says "Waiting for google.com" Just stays there. It shows that internet is Present so thats a Sign. I've also done some scans with Combofix, and with SmithFraudFix.


Some help would be appreciated.

Hijackthis Log.
---------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:18:31, on 8/14/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\zHotkey.exe
C:\Windows\ModPS2Key.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [ModPS2] ModPS2Key.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote Table Of Contents.onetoc2
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7178 bytes

 

[M0LD0V4N]

ComboFix 08-08-14.01 - Arkadiy 2008-08-14 16:08:12.3 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.565 [GMT -7:00]
Running from: C:\Users\Arkadiy\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-07-14 to 2008-08-14 )))))))))))))))))))))))))))))))
.

2008-08-14 16:02 . 2008-08-14 16:02 691 --a------ C:\Users\Arkadiy\AppData\Roaming\GetValue.vbs
2008-08-14 16:02 . 2008-08-14 16:02 35 --a------ C:\Users\Arkadiy\AppData\Roaming\SetValue.bat
2008-08-14 16:00 . 2007-09-06 00:22 289,144 --a------ C:\Windows\System32\VCCLSID.exe
2008-08-14 16:00 . 2006-04-27 17:49 288,417 --a------ C:\Windows\System32\SrchSTS.exe
2008-08-14 16:00 . 2008-05-29 09:35 86,528 --a------ C:\Windows\System32\VACFix.exe
2008-08-14 16:00 . 2008-05-18 21:40 82,944 --a------ C:\Windows\System32\IEDFix.exe
2008-08-14 16:00 . 2008-08-14 21:52 82,432 --a------ C:\Windows\System32\IEDFix.C.exe
2008-08-14 16:00 . 2008-08-09 15:37 82,432 --a------ C:\Windows\System32\404Fix.exe
2008-08-14 16:00 . 2003-06-05 21:13 53,248 --a------ C:\Windows\System32\Process.exe
2008-08-14 16:00 . 2004-07-31 18:50 51,200 --a------ C:\Windows\System32\dumphive.exe
2008-08-14 16:00 . 2007-10-04 00:36 25,600 --a------ C:\Windows\System32\WS2Fix.exe
2008-08-14 16:00 . 2008-08-14 16:02 2,022 --a------ C:\Windows\System32\tmp.reg
2008-08-14 15:38 . 2008-08-14 16:07 <DIR> d-------- C:\327882R2FWJFW
2008-08-14 15:03 . 2008-08-14 15:10 <DIR> d-------- C:\New Folder
2008-08-14 15:00 . 2008-08-14 15:00 <DIR> d-------- C:\Users\Arkadiy\Map Editor
2008-08-14 15:00 . 2008-08-14 15:00 <DIR> d-------- C:\Users\Arkadiy\Dedicated Server
2008-08-14 15:00 . 2008-08-14 15:00 <DIR> d-------- C:\Users\Arkadiy\CRACK
2008-08-14 15:00 . 2007-05-01 02:29 75,128 --a------ C:\Users\Arkadiy\Activate.exe
2008-08-14 15:00 . 2007-05-01 02:29 62,840 --a------ C:\Users\Arkadiy\IMEUiRes.dll
2008-08-14 10:01 . 2008-08-14 10:01 167,614,476 --a------ C:\Windows\MEMORY.DMP
2008-08-11 11:00 . 2008-08-11 11:00 <DIR> d-------- C:\Users\All Users\Lifetime
2008-08-11 11:00 . 2008-08-11 11:00 <DIR> d-------- C:\ProgramData\Lifetime
2008-08-10 12:17 . 2008-08-10 12:17 <DIR> d-------- C:\Users\Arkadiy\AppData\Roaming\InstallShield
2008-08-09 14:49 . 2008-08-09 14:49 <DIR> d-------- C:\Users\All Users\Trymedia
2008-08-09 14:49 . 2008-08-09 14:49 <DIR> d-------- C:\ProgramData\Trymedia
2008-08-09 14:47 . 2008-08-09 14:47 <DIR> d-------- C:\Program Files\AOL Games
2008-08-09 11:55 . 2008-08-09 11:55 <DIR> d-------- C:\Users\Arkadiy\AppData\Roaming\ViquaSoft
2008-08-09 11:53 . 2008-08-09 11:53 <DIR> d-------- C:\Program Files\Travel Agency
2008-08-09 11:48 . 2008-08-09 11:49 <DIR> d-------- C:\Program Files\Kindergarten
2008-08-08 13:44 . 2008-08-08 13:44 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\COWON
2008-08-08 12:43 . 2008-08-08 12:44 <DIR> d-------- C:\Users\Dorin\dwhelper
2008-08-08 11:40 . 2008-08-08 11:40 <DIR> d-------- C:\Users\Arkadiy\AppData\Roaming\.purple
2008-08-07 22:32 . 2008-08-07 22:32 <DIR> dra------ C:\Users\New Folder\VIDEO_TS
2008-08-07 22:30 . 2008-08-07 22:32 <DIR> d-------- C:\Users\New Folder
2008-08-07 22:28 . 2008-08-03 11:36 <DIR> dr------- C:\Users\VIDEO_TS
2008-08-07 22:26 . 2008-08-07 22:28 <DIR> dr------- C:\Users\IOSIF & VALERIA
2008-08-07 22:24 . 2008-08-07 22:24 <DIR> d-------- C:\Users\All Users\DVD Shrink
2008-08-07 22:24 . 2008-08-07 22:24 <DIR> d-------- C:\ProgramData\DVD Shrink
2008-08-07 22:24 . 2008-08-07 22:24 <DIR> d-------- C:\Program Files\DVD Shrink
2008-08-07 22:19 . 2007-10-12 15:14 3,734,536 --a------ C:\Windows\System32\d3dx9_36.dll
2008-08-07 22:19 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll
2008-08-07 22:19 . 2007-10-12 15:14 1,374,232 --a------ C:\Windows\System32\D3DCompiler_36.dll
2008-08-07 22:19 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll
2008-08-07 22:19 . 2007-10-02 09:56 444,776 --a------ C:\Windows\System32\d3dx10_36.dll
2008-08-07 22:19 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll
2008-08-07 22:19 . 2007-10-22 03:39 267,272 --a------ C:\Windows\System32\xactengine2_10.dll
2008-08-07 22:19 . 2007-07-20 00:57 267,112 --a------ C:\Windows\System32\xactengine2_9.dll
2008-08-07 22:19 . 2007-06-20 20:46 266,088 --a------ C:\Windows\System32\xactengine2_8.dll
2008-08-07 22:19 . 2007-10-22 03:37 17,928 --a------ C:\Windows\System32\X3DAudio1_2.dll
2008-08-07 22:16 . 2008-08-07 22:17 <DIR> d-------- C:\Program Files\Hunting Unlimited 2009
2008-08-07 09:55 . 2008-08-13 11:31 <DIR> d-------- C:\Users\Public\RealArcade
2008-08-07 09:55 . 2008-08-14 12:52 <DIR> d-------- C:\Program Files\RealArcade
2008-08-07 09:55 . 2008-08-11 11:00 <DIR> d-------- C:\My Games
2008-08-06 09:56 . 2008-08-06 09:56 <DIR> d-------- C:\Users\All Users\Gogii
2008-08-06 09:56 . 2008-08-06 09:56 <DIR> d-------- C:\ProgramData\Gogii
2008-08-06 09:29 . 2008-08-06 09:33 <DIR> d-------- C:\Program Files\Fenomen Games Downloader
2008-08-05 09:48 . 2008-08-05 11:45 <DIR> d-------- C:\Program Files\Family Feud
2008-08-02 21:54 . 2008-08-02 21:54 <DIR> d-------- C:\Users\Arkadiy\AppData\Roaming\Wireshark
2008-07-28 16:28 . 2008-07-28 16:30 <DIR> d-------- C:\BigFishGamesCache
2008-07-28 10:43 . 2008-07-28 10:43 <DIR> d-------- C:\Users\Arkadiy\AppData\Roaming\vlc
2008-07-23 11:58 . 2008-07-23 11:58 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\vlc
2008-07-23 11:57 . 2008-07-23 11:57 <DIR> d-------- C:\Program Files\VideoLAN
2008-07-23 11:46 . 2008-07-23 12:14 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\FrostWire
2008-07-23 11:43 . 2008-07-23 13:28 <DIR> d-------- C:\Program Files\LiberTV
2008-07-23 11:35 . 2008-07-23 11:35 <DIR> d-------- C:\MxDownload
2008-07-22 16:32 . 2008-07-22 16:32 <DIR> d-------- C:\Users\All Users\Fitn17
2008-07-22 16:32 . 2008-07-22 16:32 <DIR> d-------- C:\ProgramData\Fitn17
2008-07-22 13:30 . 2008-07-22 15:50 <DIR> d-------- C:\Users\Arkadiy\dwhelper
2008-07-22 12:47 . 2008-07-22 12:48 <DIR> d-------- C:\Program Files\Movavi VideoSuite 5
2008-07-22 12:45 . 2008-07-22 12:45 <DIR> d-------- C:\Users\Arkadiy\AppData\Roaming\Download Manager
2008-07-22 12:33 . 2008-07-22 12:33 <DIR> d-------- C:\Users\Arkadiy\AppData\Roaming\Xilisoft Corporation
2008-07-22 12:32 . 2008-07-22 12:32 <DIR> d-------- C:\Program Files\Xilisoft
2008-07-21 09:25 . 2008-08-14 12:51 <DIR> d-------- C:\Program Files\Shockwave.com
2008-07-20 21:39 . 2008-07-21 11:00 737,280 --a------ C:\Windows\iun6002.exe
2008-07-20 20:26 . 2008-07-21 11:00 <DIR> d-------- C:\Program Files\EA GAMES
2008-07-20 20:26 . 2004-08-18 01:34 442,368 -ra------ C:\Windows\System32\vp6vfw.dll
2008-07-19 21:32 . 2008-07-20 15:48 <DIR> d-------- C:\Program Files\Flower Shop Big City Break
2008-07-19 21:27 . 2008-07-19 21:27 <DIR> d-------- C:\Users\All Users\Astar Games
2008-07-19 21:27 . 2008-07-19 21:27 <DIR> d-------- C:\ProgramData\Astar Games
2008-07-19 21:15 . 2008-07-19 21:15 <DIR> d-------- C:\Users\Arkadiy\AppData\Roaming\My Games
2008-07-19 20:39 . 2008-08-06 09:34 <DIR> d-------- C:\Program Files\Fashion Craze
2008-07-19 20:28 . 2008-07-19 20:28 <DIR> d-------- C:\Program Files\ReflexiveArcade
2008-07-19 19:18 . 2008-07-19 21:15 <DIR> d-------- C:\Users\Arkadiy\AppData\Roaming\GetRightToGo
2008-07-19 19:10 . 2008-07-20 15:47 <DIR> d-------- C:\Program Files\iWin
2008-07-19 18:48 . 2008-08-11 10:39 <DIR> d--h----- C:\Users\Arkadiy\igLoader Files
2008-07-18 19:25 . 2008-08-14 15:00 <DIR> d-------- C:\Users\All Users\Google Updater
2008-07-18 19:25 . 2008-08-14 15:00 <DIR> d-------- C:\ProgramData\Google Updater
2008-07-18 17:59 . 2008-07-21 20:26 <DIR> d-------- C:\USB
2008-07-18 17:58 . 2008-07-18 17:59 <DIR> d-------- C:\Driver
2008-07-18 15:55 . 2003-09-29 12:47 1,970,176 --a------ C:\Windows\System32\d3dx9.dll
2008-07-18 15:55 . 2001-11-12 00:16 679,936 --a------ C:\Windows\System32\D3DX81ab.dll
2008-07-17 16:22 . 2008-07-17 16:22 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\Wireshark
2008-07-17 16:20 . 2008-07-17 16:21 <DIR> d-------- C:\Program Files\Wireshark
2008-07-17 14:12 . 2008-08-08 14:59 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\.purple
2008-07-17 14:12 . 2008-07-17 14:12 <DIR> d-------- C:\Program Files\Pidgin
2008-07-17 14:12 . 2008-07-17 14:12 <DIR> d-------- C:\Program Files\Common Files\GTK
2008-07-17 12:51 . 2008-07-17 12:51 <DIR> d-------- C:\Users\Dorin\Program Files
2008-07-17 12:51 . 2008-07-21 13:52 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\uTorrent
2008-07-17 11:05 . 2008-07-17 11:05 2,560 --a------ C:\Windows\_MSRSTRT.EXE
2008-07-17 10:25 . 2008-07-17 10:25 <DIR> d-------- C:\Program Files\Stardock
2008-07-17 10:25 . 2007-09-12 18:58 58,792 --------- C:\Windows\System32\wbload.dll
2008-07-17 10:25 . 2007-07-11 15:06 42,672 --------- C:\Windows\System32\wbsys.dll
2008-07-17 09:46 . 2008-07-17 09:46 <DIR> dr-h----- C:\Users\Dorin\AppData\Roaming\SecuROM
2008-07-17 09:46 . 2008-07-17 09:47 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\Bioshock
2008-07-17 09:44 . 2007-05-16 16:45 3,497,832 --a------ C:\Windows\System32\d3dx9_34.dll
2008-07-17 09:44 . 2007-03-12 16:42 3,495,784 --a------ C:\Windows\System32\d3dx9_33.dll
2008-07-17 09:44 . 2007-05-16 16:45 1,124,720 --a------ C:\Windows\System32\D3DCompiler_34.dll
2008-07-17 09:44 . 2007-03-12 16:42 1,123,696 --a------ C:\Windows\System32\D3DCompiler_33.dll
2008-07-17 09:44 . 2007-05-16 16:45 443,752 --a------ C:\Windows\System32\d3dx10_34.dll
2008-07-17 09:44 . 2007-03-15 16:57 443,752 --a------ C:\Windows\System32\d3dx10_33.dll
2008-07-17 09:44 . 2007-04-04 18:55 261,480 --a------ C:\Windows\System32\xactengine2_7.dll
2008-07-17 09:44 . 2007-04-04 18:53 81,768 --a------ C:\Windows\System32\xinput1_3.dll
2008-07-17 09:44 . 2007-03-05 12:42 15,128 --a------ C:\Windows\System32\x3daudio1_1.dll
2008-07-17 09:29 . 2008-07-17 09:29 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\TuneUp Software
2008-07-17 09:18 . 2008-07-17 09:18 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\ESET
2008-07-17 09:17 . 2008-07-17 09:17 <DIR> dr------- C:\Users\Dorin\Searches
2008-07-17 09:17 . 2008-07-17 17:06 <DIR> d-------- C:\Users\Dorin\AppData\Roaming\VMware
2008-07-17 09:16 . 2008-08-08 17:07 <DIR> dr------- C:\Users\Dorin\Videos
2008-07-17 09:16 . 2008-07-17 09:17 <DIR> dr------- C:\Users\Dorin\Saved Games
2008-07-17 09:16 . 2008-07-18 14:07 <DIR> dr------- C:\Users\Dorin\Pictures
2008-07-17 09:16 . 2008-08-08 17:07 <DIR> dr------- C:\Users\Dorin\Music
2008-07-17 09:16 . 2008-07-17 09:17 <DIR> dr------- C:\Users\Dorin\Links
2008-07-17 09:16 . 2008-07-17 09:17 <DIR> dr------- C:\Users\Dorin\Downloads
2008-07-17 09:16 . 2008-08-06 10:47 <DIR> dr------- C:\Users\Dorin\Documents
2008-07-17 09:16 . 2008-07-17 09:16 <DIR> dr------- C:\Users\Dorin\Contacts
---------------------------------------------------------------------------------

 

[M0LD0V4N]

Part 2, of ComboFix log. Wouldn't fit.
--------------------------------------------------


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-14 22:57 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\uTorrent
2008-08-13 16:20 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\Gamelab
2008-08-12 21:41 --------- d---a-w C:\ProgramData\TEMP
2008-08-11 01:36 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-08-11 01:36 107,832 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-08-11 00:53 --------- d-----w C:\Program Files\WarRock
2008-08-10 19:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-07 16:57 --------- d-----w C:\Program Files\Google
2008-08-05 16:50 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\PlayFirst
2008-08-05 16:50 --------- d-----w C:\ProgramData\PlayFirst
2008-07-28 23:43 --------- d-----w C:\ProgramData\Fugazo
2008-07-23 22:19 --------- d-----w C:\Program Files\Common Files\Real
2008-07-23 18:46 --------- d-----w C:\Program Files\FrostWire
2008-07-23 18:40 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\MxBoost
2008-07-21 01:01 --------- d-----w C:\Program Files\Microsoft Games
2008-07-20 22:53 --------- d-----w C:\Program Files\DivX
2008-07-20 22:49 --------- d-----w C:\Program Files\Zylom Games
2008-07-20 22:47 --------- d-----w C:\Program Files\DeliciousDeluxe2_at
2008-07-19 02:06 --------- d-----w C:\Program Files\Common Files\Adobe
2008-07-18 23:08 --------- d-----w C:\Program Files\Cheat Engine
2008-07-16 05:15 615,424 ----a-w C:\Windows\System32\themeui.dll
2008-07-16 05:15 240,128 ----a-w C:\Windows\System32\uxtheme.dll
2008-07-13 06:38 174 --sha-w C:\Program Files\desktop.ini
2008-07-13 06:30 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-13 06:30 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-07-13 06:30 --------- d-----w C:\Program Files\Windows Mail
2008-07-13 06:30 --------- d-----w C:\Program Files\Windows Journal
2008-07-13 06:30 --------- d-----w C:\Program Files\Windows Defender
2008-07-13 06:30 --------- d-----w C:\Program Files\Windows Collaboration
2008-07-13 06:30 --------- d-----w C:\Program Files\Windows Calendar
2008-07-13 06:14 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-07-13 06:14 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-07-13 05:41 47,560 ----a-w C:\Windows\System32\SPReview.exe
2008-07-13 05:41 152,576 ----a-w C:\Windows\System32\SPWizUI.dll
2008-07-11 02:37 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\Yahoo!
2008-07-11 02:37 --------- d-----w C:\ProgramData\Yahoo! Companion
2008-07-10 02:45 --------- d-----w C:\Program Files\Yahoo!
2008-07-07 16:19 --------- d-----w C:\ProgramData\Zylom
2008-07-03 16:16 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\Ludia
2008-07-03 16:16 --------- d-----w C:\ProgramData\Ludia
2008-07-03 05:10 --------- d-----w C:\Program Files\bfgclient
2008-06-28 23:38 --------- d-----w C:\Program Files\Real
2008-06-28 23:35 --------- d-----w C:\Program Files\Microsoft Money 2006
2008-06-27 19:17 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\Vso
2008-06-27 00:27 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\Thinking Minds Budiling Bytes
2008-06-26 22:11 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\ESET
2008-06-26 22:10 --------- d-----w C:\ProgramData\ESET
2008-06-26 22:10 --------- d-----w C:\Program Files\ESET
2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
2008-06-23 07:48 --------- d-----w C:\Program Files\AviSynth 2.5
2008-06-21 19:23 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-06-21 00:40 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\DivX
2008-06-21 00:37 --------- d-----w C:\ProgramData\Apple Computer
2008-06-21 00:37 --------- d-----w C:\Program Files\QT Lite
2008-06-21 00:20 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-06-20 21:29 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\Move Networks
2008-06-20 01:33 --------- d-----w C:\Program Files\Alcohol Soft
2008-06-20 01:13 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\Maxthon2
2008-06-20 01:07 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\Avant Profiles
2008-06-18 22:11 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
2008-06-16 22:06 --------- d-----w C:\Program Files\PeerGuardian2
2008-06-16 18:25 57,344 ----a-w C:\Users\Arkadiy\iSNIML.dll
2008-06-16 07:00 --------- d-----w C:\Users\Arkadiy\AppData\Roaming\MiniDm
2008-06-11 00:04 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-06-11 00:04 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-05-30 23:22 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-05-30 00:38 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-05-30 00:37 988,216 ----a-w C:\Windows\System32\winload.exe
2008-05-30 00:37 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-05-30 00:37 615,992 ----a-w C:\Windows\System32\ci.dll
2008-05-30 00:37 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-05-30 00:37 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-05-30 00:37 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-05-30 00:37 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-05-30 00:37 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-05-30 00:37 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2008-05-30 00:36 2,032,128 ----a-w C:\Windows\System32\win32k.sys
2008-05-30 00:35 295,936 ----a-w C:\Windows\System32\gdi32.dll
2008-05-30 00:34 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-05-30 00:34 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-05-30 00:34 4,240,384 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-05-30 00:34 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-05-30 00:34 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-05-30 00:34 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-05-30 00:34 1,695,744 ----a-w C:\Windows\System32\gameux.dll
2008-05-29 23:47 307,968 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-05-22 22:19 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-05-16 06:32 219,696 ----a-w C:\Windows\System32\vmnc.dll
.

((((((((((((((((((((((((((((( snapshot@2008-08-14_15.53.56.22 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-08-14 20:54:10 786,432 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-08-14 23:09:05 786,432 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
- 2008-08-14 20:54:15 786,432 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-08-14 23:09:00 786,432 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2008-05-29 15:18 219952]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-18 23:33 125952]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-18 19:25 68856]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 23:33 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-02-11 20:13 166424]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2008-02-11 20:13 133656]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-02-11 20:13 141848]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-03-13 16:48 1443072]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-28 20:11 4317184 C:\Windows\RtHDVCpl.exe]
"CHotkey"="zHotkey.exe" [2006-11-07 14:08 547840 C:\Windows\zHotkey.exe]
"ShowWnd"="ShowWnd.exe" [2005-01-27 09:13 36864 C:\Windows\ShowWnd.exe]
"ModPS2"="ModPS2Key.exe" [2006-11-07 14:34 53248 C:\Windows\ModPS2Key.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

C:\Users\Arkadiy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote Table Of Contents.onetoc2 [2007-12-04 16:22:45 3656]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.i420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"vidc.dvsd"= pdvcodec.dll

[HKLM\~\startupfolder\C:^Users^Arkadiy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Users\Arkadiy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigFix]
--a------ 2006-11-16 16:04 2348584 c:\Program Files\BigFix\bigfix.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
--a------ 2006-09-25 17:52 50736 C:\Program Files\Common Files\AOL\1197928652\ee\aolsoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
--a------ 2008-05-16 00:51 55856 C:\Program Files\VMware\VMware Workstation\hqtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
--a------ 2008-05-16 00:51 72240 C:\Program Files\VMware\VMware Workstation\vmware-tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2008-01-18 23:33 202240 C:\Program Files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
--a------ 2007-11-15 22:51 166304 c:\Program Files\Zune\ZuneLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{FC655EF9-4CCC-458A-BDD1-535C284CDDAE}C:\\program files\\frostwire\\frostwire.exe"= UDP:C:\program files\frostwire\frostwire.exe:FrostWire
"UDP Query User{C1BCA28F-EBBC-4CE9-97DE-056D0F727C00}C:\\program files\\frostwire\\frostwire.exe"= TCP:C:\program files\frostwire\frostwire.exe:FrostWire
"{94E30B97-BC0F-4D51-89F8-CACF23C5E6D1}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{6D71804A-AE92-41EE-A6F5-00C58E291526}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{399408DA-AC4C-4565-AD7E-52FD0B9C31AA}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{2386DB38-2145-467F-966C-7F7111B46C23}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{CEF4EFDC-83AD-4763-90B6-C151CCCD3203}"= UDP:C:\Program Files\AOL 9.0\AOLSETUP.EXE:AOL
"{748F8195-2700-49E5-AE85-437FE57E5FC7}"= TCP:C:\Program Files\AOL 9.0\AOLSETUP.EXE:AOL
"{E37E745A-CCEF-4E57-8C7F-0B7DBBBB8244}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{07B771ED-B073-405E-B5E1-79C69B584C9E}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{E2976706-C364-4E8B-BA19-80F92F3CBF34}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{0E9C9B0F-5067-4E0D-A0A9-BAC8B6E6F27B}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E1D28528-05C5-4827-B39F-17B97FE3D3D0}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{E8B523A1-85E9-4FAD-A06D-94EB45E6F134}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{40815D6D-31CF-4DD2-9834-01AE02C80E13}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{1DD69F80-62C7-43A3-AE32-B677483D48ED}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{A5ACE63E-C487-4B6D-A810-5DB91322A4CD}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"TCP Query User{C6417CB4-09ED-4831-AB63-C1ACA3D5EAE9}C:\\users\\arkadiy\\documents\\cs\\counter-strike 1.6 + half-life\\hl.exe"= UDP:C:\users\arkadiy\documents\cs\counter-strike 1.6 + half-life\hl.exe:hl.exe
"UDP Query User{8D0CF02C-1B53-4306-A276-5B17C2B78988}C:\\users\\arkadiy\\documents\\cs\\counter-strike 1.6 + half-life\\hl.exe"= TCP:C:\users\arkadiy\documents\cs\counter-strike 1.6 + half-life\hl.exe:hl.exe
"{9DF1DA57-C842-44B9-99B9-1B2C6EA8296E}"= UDP:C:\Program Files\LiberTV\LiberTV.exe:LiberTV Player
"{89D62C3C-A8A3-4BC0-A7A5-A8EAD17AB405}"= TCP:C:\Program Files\LiberTV\LiberTV.exe:LiberTV Player

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\xchat\\xchat.exe"= C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client
"C:\\Program Files\\IEPro\\MiniDM.exe"= C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM

S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\Windows\system32\regedt32.exe [2006-11-02 02:45]
S2 NPF;NetGroup Packet Filter Driver;C:\Windows\system32\drivers\npf.sys [2007-11-06 13:22]
S2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-18 23:33]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Users\Dorin\Documents\DORIN\All In One DVD\Everest Ultimate Edition v4.20.1291b\Install\kerneld.wnt [2007-12-14 10:09]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 00:30]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-05-29 16:47]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service;c:\Windows\system32\ZuneWlanCfgSvc.exe [2007-11-15 22:51]
S4 WUSB54Gv4SVC;WUSB54Gv4SVC;C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe WUSB54Gv4.exe []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2090c44c-9194-11dc-9466-c2c44998a6d0}]
\shell\AutoRun\command - J:\Startup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e40ceabd-0371-11dd-aeeb-8aef0fdee4ce}]
\shell\AutoRun\command - L:\LaunchU3.exe -a

*Newly Created Service* - ECACHE
.
Contents of the 'Scheduled Tasks' folder

2008-08-14 C:\Windows\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-29 14:24]

2008-08-14 C:\Windows\Tasks\User_Feed_Synchronization-{2E7D8B6D-B6CC-4B52-9712-AD7CB5A48BC9}.job
- C:\Windows\system32\msfeedssync.exe [2008-01-18 23:33]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Arkadiy\AppData\Roaming\Mozilla\Firefox\Profiles\v7mdpryh.default\


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-14 16:09:42
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-14 16:10:35
ComboFix-quarantined-files.txt 2008-08-14 23:10:15
ComboFix2.txt 2008-08-14 22:55:15
ComboFix3.txt 2008-06-27 01:44:54

Pre-Run: 95,945,867,264 bytes free
Post-Run: 95,878,557,696 bytes free

370 --- E O F --- 2008-07-15 21:01:49

 

[M0LD0V4N]

Fixed it, Didn't think it would be a winsock problem.