ComboFix 08-08-18.05 - Znoken 2008-08-20 13:13:53.1 - NTFSx86 Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.2225 [GMT 2:00] Running from: C:\Users\Znoken\Downloads\ComboFix.exe * Created a new restore point * Resident AV is active . ((((((((((((((((((((((((( Files Created from 2008-07-20 to 2008-08-20 ))))))))))))))))))))))))))))))) . 2008-08-19 15:59 . 2008-08-19 15:59 d-------- C:\Users\Znoken\AppData\Roaming\VersionTracker Pro 2008-08-19 15:57 . 2008-08-19 15:57 d-------- C:\Program Files\TechTracker 2008-08-13 11:43 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll 2008-08-13 08:11 . 2008-06-27 03:55 1,383,424 --a------ C:\Windows\System32\mshtml.tlb 2008-08-13 08:11 . 2008-06-27 06:15 827,392 --a------ C:\Windows\System32\wininet.dll 2008-08-13 08:11 . 2008-06-19 05:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL 2008-08-13 08:11 . 2008-04-18 07:48 269,312 --a------ C:\Windows\System32\es.dll 2008-08-13 08:09 . 2008-04-10 07:12 738,304 --a------ C:\Windows\System32\inetcomm.dll 2008-08-12 18:13 . 2008-08-06 15:27 499,712 --a------ C:\Windows\System32\msvcp71.dll 2008-08-12 18:12 . 2008-08-12 18:13 d-------- C:\Windows\System32\Adobe 2008-08-11 13:33 . 2008-07-30 21:09 38 --a------ C:\Windows\avisplitter.ini 2008-08-06 18:11 . 2008-08-06 18:36 319 --a------ C:\Windows\game.ini 2008-08-06 17:59 . 2008-08-06 17:59 d-------- C:\Program Files\Activision 2008-08-05 22:06 . 2008-08-05 22:06 d-------- C:\Program Files\MSXML 4.0 2008-08-05 17:43 . 2008-08-05 17:43 d-------- C:\Users\All Users\Futuremark 2008-08-05 17:43 . 2008-08-05 17:43 d-------- C:\ProgramData\Futuremark 2008-08-05 17:39 . 2008-08-05 17:39 d-------- C:\Program Files\Common Files\Futuremark Shared 2008-08-05 17:37 . 2008-08-05 17:37 d-------- C:\Windows\System32\AGEIA 2008-08-05 17:37 . 2008-08-13 19:52 d-------- C:\Program Files\AGEIA Technologies 2008-08-05 17:36 . 2008-08-13 19:52 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-08-05 16:24 . 2008-08-05 16:24 d-------- C:\Users\Znoken\AppData\Roaming\Media Player Classic 2008-08-05 15:28 . 2008-08-08 22:35 d-------- C:\Users\Znoken\AppData\Roaming\Winamp 2008-08-05 15:28 . 2008-08-06 12:18 d-------- C:\Program Files\Winamp 2008-08-05 15:28 . 2007-03-08 01:51 129,784 --------- C:\Windows\System32\pxafs.dll 2008-08-05 15:27 . 2008-08-05 15:27 d-------- C:\Users\Znoken\AppData\Roaming\Nero 2008-08-05 15:26 . 2008-08-06 11:33 d-------- C:\Users\Znoken\AppData\Roaming\ImgBurn 2008-08-05 15:25 . 2008-08-05 15:25 d-------- C:\Program Files\ImgBurn 2008-08-05 14:13 . 2008-08-05 14:13 d-------- C:\Users\All Users\Nero 2008-08-05 14:13 . 2008-08-05 14:13 d-------- C:\ProgramData\Nero 2008-08-05 14:13 . 2008-08-05 14:13 d-------- C:\Program Files\Nero 2008-08-05 14:13 . 2008-08-05 14:13 d-------- C:\Program Files\Common Files\Nero 2008-08-05 13:52 . 2008-08-05 13:52 d-------- C:\Program Files\Microsoft Works 2008-08-05 13:51 . 2008-08-05 13:51 d-------- C:\Program Files\Microsoft.NET 2008-08-05 13:49 . 2008-08-05 13:49 dr-h----- C:\MSOCache 2008-08-05 13:37 . 2008-08-05 13:37 d-------- C:\Users\Znoken\AppData\Roaming\Logitech 2008-08-05 13:35 . 2008-08-05 13:35 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2008-08-05 13:34 . 2008-05-02 02:38 301,656 --a------ C:\Windows\System32\BtCoreIf.dll 2008-08-05 13:34 . 2008-05-02 02:39 170,512 --a------ C:\Windows\System32\kemutb.dll 2008-08-05 13:34 . 2008-05-02 02:39 145,936 --a------ C:\Windows\System32\KemUtil.dll 2008-08-05 13:34 . 2008-05-02 02:40 117,264 --a------ C:\Windows\System32\KemWnd.dll 2008-08-05 13:34 . 2008-05-02 02:40 84,496 --a------ C:\Windows\System32\KemXML.dll 2008-08-05 13:23 . 2008-08-05 13:23 d-------- C:\NVIDIA 2008-08-05 13:20 . 2008-08-20 00:34 d-------- C:\Program Files\Driver Magician 2008-08-05 13:20 . 2004-03-09 00:00 1,081,616 --a------ C:\Windows\System32\Mscomctl.ocx 2008-08-05 13:20 . 2004-09-28 11:13 526,184 --a------ C:\Windows\System32\XceedCry.dll 2008-08-05 13:20 . 2005-01-12 11:19 456,536 --a------ C:\Windows\System32\XCEEDZIP.DLL 2008-08-05 13:20 . 2004-03-09 00:00 224,016 --a------ C:\Windows\System32\Tabctl32.ocx 2008-08-05 13:20 . 2004-03-09 00:00 152,848 --a------ C:\Windows\System32\Comdlg32.ocx 2008-08-05 13:20 . 2004-03-09 00:00 132,880 --a------ C:\Windows\System32\Msinet.ocx 2008-08-05 13:20 . 2004-08-11 15:55 110,602 --a------ C:\Windows\System32\xcdsfx32.bin 2008-08-05 00:11 . 2008-08-05 00:11 d-------- C:\Program Files\DAEMON Tools Lite 2008-08-04 23:11 . 2008-08-13 11:44 d-------- C:\Users\All Users\Microsoft Help 2008-08-04 23:11 . 2008-08-13 11:44 d-------- C:\ProgramData\Microsoft Help 2008-08-04 21:01 . 2008-08-04 23:45 d-------- C:\Users\Znoken\AppData\Roaming\DAEMON Tools 2008-08-04 20:56 . 2008-08-04 20:58 d-------- C:\Users\Znoken\AppData\Roaming\DAEMON Tools Pro 2008-08-04 20:51 . 2008-08-11 13:33 d-------- C:\Program Files\K-Lite Codec Pack 2008-08-04 20:49 . 2008-08-04 20:49 d-------- C:\Users\Znoken\AppData\Roaming\teamspeak2 2008-08-04 20:49 . 2008-08-04 20:49 d-------- C:\Program Files\Teamspeak2_RC2 2008-08-04 20:49 . 2008-08-04 20:49 34,064 --a------ C:\Windows\System32\lhacm.acm 2008-08-04 20:11 . 2008-08-04 20:11 d-------- C:\Program Files\TPTEST5 2008-08-04 16:23 . 2008-08-04 16:23 d-------- C:\Users\Znoken\AppData\Roaming\Malwarebytes 2008-08-04 16:23 . 2008-08-04 16:23 d-------- C:\Users\All Users\Malwarebytes 2008-08-04 16:23 . 2008-08-04 16:23 d-------- C:\ProgramData\Malwarebytes 2008-08-04 16:23 . 2008-08-20 12:11 d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-04 16:23 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys 2008-08-04 16:23 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys 2008-08-04 12:41 . 2008-08-04 12:41 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-08-04 12:40 . 2008-08-19 01:37 d-------- C:\Program Files\Microsoft Silverlight 2008-08-04 12:03 . 2008-08-04 23:34 d-------- C:\Users\All Users\WLInstaller 2008-08-04 12:03 . 2008-08-04 23:34 d-------- C:\ProgramData\WLInstaller 2008-08-04 12:03 . 2008-08-04 23:28 d-------- C:\Program Files\Windows Live 2008-08-04 12:03 . 2008-08-04 23:45 d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-08-04 11:27 . 2008-08-20 13:06 d-------- C:\Users\Znoken\AppData\Roaming\uTorrent 2008-08-04 11:27 . 2008-08-04 11:27 d-------- C:\Program Files\uTorrent 2008-08-04 03:02 . 2008-08-03 17:07 d-------- C:\Windows\Panther 2008-08-04 03:02 . 2008-08-04 03:02 d--hs---- C:\Boot 2008-08-04 03:02 . 2008-01-21 04:22 333,203 -rahs---- C:\bootmgr 2008-08-04 03:02 . 2008-08-04 03:02 8,192 -ra-s---- C:\BOOTSECT.BAK 2008-08-03 20:16 . 2008-08-19 16:50 136,888 --a------ C:\Windows\System32\drivers\PnkBstrK.sys 2008-08-03 20:16 . 2008-08-06 18:36 22,328 --a------ C:\Users\Znoken\AppData\Roaming\PnkBstrK.sys 2008-08-03 20:15 . 2008-08-19 16:50 111,928 --a------ C:\Windows\System32\PnkBstrB.exe 2008-08-03 20:15 . 2008-08-06 18:38 66,872 --a------ C:\Windows\System32\PnkBstrA.exe 2008-08-03 20:00 . 2008-08-03 20:00 d-------- C:\Windows\System32\Futuremark 2008-08-03 20:00 . 2008-08-05 17:38 d-------- C:\Program Files\Futuremark 2008-08-03 20:00 . 2008-04-22 08:53 27,672 -ra------ C:\Windows\System32\drivers\Entech.sys 2008-08-03 20:00 . 1999-11-02 10:01 6,173 --a------ C:\Windows\System32\drivers\Entech.vxd 2008-08-03 20:00 . 2004-06-22 15:44 5,632 --a------ C:\Windows\System32\drivers\Entech64.sys 2008-08-03 20:00 . 2001-11-19 19:05 3,972 --a------ C:\Windows\System32\drivers\PciBus.sys 2008-08-03 19:57 . 2008-08-05 00:09 717,296 --a------ C:\Windows\System32\drivers\sptd.sys 2008-08-03 19:55 . 2008-08-03 19:55 d-------- C:\Users\Znoken\AppData\Roaming\URSoft 2008-08-03 19:55 . 2008-08-20 11:03 d-a------ C:\Users\All Users\TEMP 2008-08-03 19:55 . 2008-08-20 11:03 d-a------ C:\ProgramData\TEMP 2008-08-03 19:55 . 2008-08-03 19:56 d-------- C:\Program Files\Your Uninstaller 2008 2008-08-03 18:32 . 2008-08-20 13:12 452,100 --a------ C:\Windows\System32\perfh014.dat 2008-08-03 18:32 . 2008-08-03 18:31 294,254 --a------ C:\Windows\System32\perfi014.dat 2008-08-03 18:32 . 2008-08-20 13:12 76,284 --a------ C:\Windows\System32\perfc014.dat 2008-08-03 18:32 . 2008-08-03 18:31 35,166 --a------ C:\Windows\System32\perfd014.dat 2008-08-03 18:31 . 2008-08-03 18:31 d-------- C:\Windows\System32\no 2008-08-03 18:31 . 2008-08-03 18:31 d-------- C:\Windows\System32\drivers\nb-NO 2008-08-03 18:31 . 2008-08-03 18:31 d-------- C:\Windows\System32\[u]0[/u]414 2008-08-03 18:31 . 2008-08-03 18:31 d-------- C:\Windows\nb-NO 2008-08-03 18:28 . 2008-08-03 18:28 d-------- C:\Windows\PCHEALTH 2008-08-03 18:16 . 2008-08-03 18:42 d-------- C:\Program Files\BitLocker 2008-08-03 18:16 . 2007-07-20 01:55 233,888 --a------ C:\Windows\System32\DreamScene.dll 2008-08-03 18:15 . 2007-02-22 04:26 1,171,848 --a------ C:\Windows\System32\SecureKeyBackupCPL.dll 2008-08-03 18:15 . 2008-03-12 22:21 678,408 --a------ C:\Windows\System32\gpprefcl.dll 2008-08-03 18:15 . 2006-12-21 02:58 711 --a------ C:\Windows\System32\CPSOKBTasks.xml 2008-08-03 18:08 . 2008-08-03 18:09 d-------- C:\Program Files\Java 2008-08-03 18:08 . 2008-08-03 18:08 d-------- C:\Program Files\Common Files\Java 2008-08-03 18:06 . 2008-08-03 18:06 d-------- C:\Users\All Users\Adobe 2008-08-03 18:06 . 2008-08-03 18:06 d-------- C:\Program Files\Common Files\Adobe AIR 2008-08-03 18:06 . 2008-08-03 18:06 d-------- C:\Program Files\Common Files\Adobe 2008-08-03 18:00 . 2008-08-03 18:00 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-08-03 17:52 . 2008-08-03 17:52 d-------- C:\Windows\System32\Macromed 2008-08-03 17:48 . 2008-08-05 13:34 d-------- C:\Users\All Users\Logitech 2008-08-03 17:48 . 2008-08-03 17:52 d-------- C:\Users\All Users\Logishrd 2008-08-03 17:48 . 2008-08-05 13:34 d-------- C:\ProgramData\Logitech 2008-08-03 17:48 . 2008-08-03 17:52 d-------- C:\ProgramData\Logishrd 2008-08-03 17:48 . 2008-08-05 13:34 d-------- C:\Program Files\Logitech 2008-08-03 17:47 . 2008-08-13 21:38 d-------- C:\Users\All Users\NVIDIA 2008-08-03 17:47 . 2008-08-13 21:38 d-------- C:\ProgramData\NVIDIA 2008-08-03 17:47 . 2004-11-15 19:02 258,048 --a------ C:\Windows\System32\cmdiag.cpl 2008-08-03 17:43 . 2008-08-05 13:34 d-------- C:\Program Files\Common Files\logishrd 2008-08-03 17:42 . 2008-03-25 02:52 1,079,840 --a------ C:\Windows\System32\nvcpluir.dll 2008-08-03 17:42 . 2008-07-26 12:48 797,216 --a------ C:\Windows\System32\nvcplui.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-15 10:33 6,656 ----a-w C:\Windows\System32\lpcio.dll 2008-08-13 09:47 --------- d-----w C:\Program Files\Windows Mail 2008-08-04 21:24 --------- d-----w C:\Program Files\MSBuild 2008-08-03 16:31 --------- d-----w C:\Program Files\Windows Sidebar 2008-08-03 16:31 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-08-03 16:31 --------- d-----w C:\Program Files\Windows Journal 2008-08-03 16:31 --------- d-----w C:\Program Files\Windows Defender 2008-08-03 16:31 --------- d-----w C:\Program Files\Windows Collaboration 2008-08-03 16:31 --------- d-----w C:\Program Files\Windows Calendar 2008-08-03 16:15 --------- d-----w C:\Program Files\Microsoft Games 2008-07-25 08:34 81,920 ----a-w C:\Windows\System32\dpl100.dll 2008-07-25 08:34 683,520 ----a-w C:\Windows\System32\divx.dll 2008-07-23 16:50 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll 2008-07-01 07:04 34,312 ----a-w C:\Windows\system32\drivers\epfwtdir.sys 2008-07-01 06:57 53,256 ----a-w C:\Windows\system32\drivers\easdrv.sys 2008-07-01 06:56 39,944 ----a-w C:\Windows\system32\drivers\eamon.sys 2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll 2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll 2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll 2008-06-24 14:06 972,072 ----a-w C:\Windows\UNNeroMediaHome.exe 2008-06-12 18:36 7,680 ----a-w C:\Windows\System32\ff_vfw.dll 2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-06-12 00:03 1,314,816 ----a-w C:\Windows\System32\quartz.dll 2008-06-12 00:01 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-06-12 00:01 428,544 ----a-w C:\Windows\System32\EncDec.dll 2008-06-12 00:01 4,240,384 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll 2008-06-12 00:01 293,376 ----a-w C:\Windows\System32\psisdecd.dll 2008-06-12 00:01 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll 2008-06-12 00:01 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-06-12 00:01 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-06-12 00:01 1,695,744 ----a-w C:\Windows\System32\gameux.dll 2008-06-11 07:02 58,648 ----a-w C:\Windows\System32\AgCPanelTraditionalChinese.dll 2008-06-11 07:02 58,648 ----a-w C:\Windows\System32\AgCPanelSwedish.dll 2008-06-11 07:02 58,648 ----a-w C:\Windows\System32\AgCPanelSpanish.dll 2008-06-11 07:02 58,648 ----a-w C:\Windows\System32\AgCPanelSimplifiedChinese.dll 2008-06-11 07:02 58,648 ----a-w C:\Windows\System32\AgCPanelPortugese.dll 2008-06-11 07:02 58,648 ----a-w C:\Windows\System32\AgCPanelKorean.dll 2008-06-11 07:02 58,648 ----a-w C:\Windows\System32\AgCPanelJapanese.dll 2008-06-11 07:02 58,648 ----a-w C:\Windows\System32\AgCPanelGerman.dll 2008-06-11 07:02 58,648 ----a-w C:\Windows\System32\AgCPanelFrench.dll 2008-06-06 12:54 95,600 ----a-w C:\Windows\System32\NeroCo.dll 2008-06-05 06:58 197,912 ----a-w C:\Windows\System32\physxcudart_20.dll 2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll 2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll 2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe 2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll 2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll 2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll 2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll 2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll 2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll 2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll 2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll 2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll 2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll 2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll 2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll 2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin 2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin 2008-01-21 02:41 174 --sha-w C:\Program Files\desktop.ini 2006-06-23 06:48 32,768 ----a-r C:\Windows\inf\UpdateUSB.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 04:21 1233920] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2008-08-04 12:36 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2008-03-17 00:40 1302528] "SoundTray"="C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe" [2008-03-26 14:04 143360] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 09:01 1447168] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-08-02 12:20 13576736] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-08-02 12:20 92704] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 03:12 76304 C:\Windows\KHALMNPR.Exe] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-08-05 13:34:22 805392] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{FF1E25EF-81E7-4C9E-9758-F21E76900649}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{C5D2175A-EEB1-4749-A4AE-658E904B652F}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA "{EEA761A1-0EF4-4F1C-AFB2-B5D5028BF69D}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "{52C482B2-DC67-4515-BFE3-1E90A527418A}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB "TCP Query User{5E37AE3C-AAA7-4DF9-9DBE-A2A465CCD8C6}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{6A7CEDBF-FE1B-476B-85E3-841808D3C8FD}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent "{A18EB016-EDF5-4F96-997A-3C5AE5D2867B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{3F34DE71-4CFB-48A1-92C5-6A102A5C31F7}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM) "{CE4968D5-46B2-43DA-8AA6-614E5A855794}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM) "{473F7B52-C8C8-4ABF-AE37-F2991B5D7D30}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{FFE3C898-0A2A-41C8-BB9F-C9444930BCBD}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In) R0 mv61xx;mv61xx;C:\Windows\system32\DRIVERS\mv61xx.sys [2008-05-19 09:46] R1 epfwtdir;epfwtdir;C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-07-01 09:04] R2 AEADIFilters;Andrea ADI Filters Service;C:\Windows\system32\AEADISRV.EXE [2007-10-19 01:28] R3 cmeu0wdm;CardMan 2020;C:\Windows\system32\DRIVERS\cmeu0wdm.sys [2005-05-23 09:30] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51] S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 04:21] S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 04:21] *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}] %SystemRoot%\system32\soundschemes.exe /AddRegistration . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Users\Znoken\AppData\Roaming\Mozilla\Firefox\Profiles\42eemiiu.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - www.sol.no . . ------- File Associations (Beta) ------- . VBEFile="%SystemRoot%\System32\WScript.exe" "%1" %* VBSFile="%SystemRoot%\System32\WScript.exe" "%1" %* vbefile\shell\open\command="%SystemRoot%\System32\WScript.exe" "%1" %* vbsfile\shell\open\command="%SystemRoot%\System32\WScript.exe" "%1" %* jsefile\shell\open\command=%SystemRoot%\System32\WScript.exe "%1" %* . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-20 13:18:18 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-08-20 13:21:03 ComboFix-quarantined-files.txt 2008-08-20 11:20:50 Pre-Run: 190,210,039,808 byte ledig Post-Run: 189,758,414,848 byte ledig 273 --- E O F --- 2008-08-19 22:33:37