ComboFix 09-07-04.09 - Hellhound 07/05/2009 14:39.5 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.3071.2512 [GMT -4:00]
Running from: c:\documents and settings\Hellhound\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090704-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\HELLHO~1\APPLIC~1\inst.exe
c:\documents and settings\Owner\Application Data\inst.exe
c:\program files\INSTALL.LOG
c:\windows\Installer\24368.msi
c:\windows\Installer\24376.msi
c:\windows\patch.exe
c:\windows\system32\qjsqxaoe.ini

.
(((((((((((((((((((((((((   Files Created from 2009-06-05 to 2009-07-05  )))))))))))))))))))))))))))))))
.

2009-07-04 13:36 . 2009-03-06 14:22	284160	-c----w-	c:\windows\system32\dllcache\pdh.dll
2009-07-04 13:36 . 2009-02-09 12:10	729088	-c----w-	c:\windows\system32\dllcache\lsasrv.dll
2009-07-04 13:36 . 2009-02-09 12:10	617472	-c----w-	c:\windows\system32\dllcache\advapi32.dll
2009-07-04 13:36 . 2009-02-09 12:10	473600	-c----w-	c:\windows\system32\dllcache\fastprox.dll
2009-07-04 13:36 . 2009-02-09 12:10	453120	-c----w-	c:\windows\system32\dllcache\wmiprvsd.dll
2009-07-04 13:36 . 2009-02-09 12:10	401408	-c----w-	c:\windows\system32\dllcache\rpcss.dll
2009-07-04 13:36 . 2009-02-06 11:11	110592	-c----w-	c:\windows\system32\dllcache\services.exe
2009-07-04 13:36 . 2009-02-06 10:10	227840	-c----w-	c:\windows\system32\dllcache\wmiprvse.exe
2009-07-04 13:36 . 2009-02-09 12:10	714752	-c----w-	c:\windows\system32\dllcache\ntdll.dll
2009-07-04 13:36 . 2009-02-06 11:08	2189056	-c----w-	c:\windows\system32\dllcache\ntoskrnl.exe
2009-07-04 13:36 . 2009-02-06 11:06	2145280	-c----w-	c:\windows\system32\dllcache\ntkrnlmp.exe
2009-07-04 13:35 . 2009-02-06 10:32	2023936	-c----w-	c:\windows\system32\dllcache\ntkrpamp.exe
2009-07-04 13:35 . 2008-05-08 14:02	203136	-c----w-	c:\windows\system32\dllcache\rmcast.sys
2009-07-04 13:35 . 2008-10-24 11:21	455296	-c----w-	c:\windows\system32\dllcache\mrxsmb.sys
2009-07-04 13:35 . 2008-06-13 11:05	272128	-c----w-	c:\windows\system32\dllcache\bthport.sys
2009-07-04 13:23 . 2008-12-11 10:57	333952	-c----w-	c:\windows\system32\dllcache\srv.sys
2009-07-04 13:23 . 2008-05-01 14:33	331776	-c----w-	c:\windows\system32\dllcache\msadce.dll
2009-07-04 13:23 . 2008-04-11 19:04	691712	-c----w-	c:\windows\system32\dllcache\inetcomm.dll
2009-07-04 13:22 . 2008-10-15 16:34	337408	-c----w-	c:\windows\system32\dllcache\netapi32.dll
2009-07-04 13:21 . 2008-09-04 17:15	1106944	-c----w-	c:\windows\system32\dllcache\msxml3.dll
2009-07-04 13:21 . 2008-05-03 11:55	2560	------w-	c:\windows\system32\xpsp4res.dll
2009-07-04 13:21 . 2008-04-21 12:08	215552	-c----w-	c:\windows\system32\dllcache\wordpad.exe
2009-07-03 20:18 . 2009-07-03 20:18	--------	d-----w-	c:\program files\Aspell
2009-07-03 18:24 . 2009-07-03 18:24	--------	d-----w-	c:\documents and settings\All Users\Application Data\Skype
2009-07-03 18:14 . 2009-05-26 23:50	607472	----a-w-	c:\documents and settings\All Users\Application Data\yahoo!\YUpdater\yupdater.exe
2009-07-03 18:01 . 2007-05-29 16:23	94208	----a-w-	c:\windows\system32\drivers\camfilt2.sys
2009-07-03 18:01 . 2007-05-25 22:37	167936	----a-w-	c:\windows\system32\rsnp2uvc.dll
2009-07-03 18:01 . 2007-05-16 19:33	299008	----a-w-	c:\windows\system32\vsnp2uvc.dll
2009-07-03 18:01 . 2007-05-16 17:02	9602944	----a-w-	c:\windows\system32\drivers\snp2uvc.sys
2009-07-03 18:01 . 2007-05-09 19:16	28160	----a-w-	c:\windows\system32\drivers\sncduvc.sys
2009-07-03 18:01 . 2005-11-23 17:55	53248	----a-w-	c:\windows\system32\csnp2uvc.dll
2009-07-03 18:00 . 2006-08-01 16:31	3600384	----a-w-	c:\windows\ffmpeg.exe
2009-07-03 18:00 . 2009-07-03 18:01	--------	d-----w-	c:\windows\system32\HWC HD
2009-07-03 18:00 . 2009-07-03 18:00	--------	d-----w-	c:\program files\Hercules
2009-07-03 18:00 . 2009-07-03 18:00	--------	d-----w-	c:\docume~1\HELLHO~1\APPLIC~1\InstallShield
2009-06-30 04:36 . 2008-04-13 23:11	21504	-c--a-w-	c:\windows\system32\dllcache\hidserv.dll
2009-06-30 04:36 . 2008-04-13 23:11	21504	----a-w-	c:\windows\system32\hidserv.dll
2009-06-27 16:14 . 2009-06-27 16:15	--------	d-----w-	c:\program files\Fast AVI MPEG Joiner
2009-06-27 14:36 . 2009-06-27 14:36	--------	d-----w-	c:\program files\Common Files\Common Share
2009-06-27 14:35 . 2009-06-27 14:35	--------	d-----w-	c:\program files\RER
2009-06-27 09:34 . 2009-06-27 09:34	--------	d-----w-	c:\program files\Gabest
2009-06-27 09:34 . 2009-06-27 12:12	--------	d-----w-	c:\program files\Xvid
2009-06-27 09:34 . 2009-07-02 16:54	--------	d-----w-	c:\program files\AviSynth 2.5
2009-06-22 03:46 . 2009-06-22 03:46	--------	d-----w-	c:\docume~1\HELLHO~1\APPLIC~1\rockbox.org
2009-06-13 04:46 . 2009-06-21 05:50	--------	d-----w-	c:\docume~1\HELLHO~1\APPLIC~1\gtk-2.0
2009-06-13 03:32 . 2009-07-04 08:21	--------	d-----w-	c:\docume~1\HELLHO~1\APPLIC~1\.purple
2009-06-13 03:29 . 2009-07-03 20:18	--------	d-----w-	c:\program files\Pidgin
2009-06-13 03:28 . 2009-07-03 20:17	--------	d-----w-	c:\program files\Common Files\GTK
2009-06-09 07:36 . 2009-06-09 07:36	10134	----a-r-	c:\documents and settings\Owner\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-06-09 07:36 . 2009-06-09 07:36	--------	d-----w-	c:\program files\Microsoft WSE
2009-06-09 06:30 . 2009-06-09 06:30	--------	d-----w-	c:\documents and settings\Owner\Local Settings\Application Data\tjnet
2009-06-09 02:13 . 2009-06-09 02:13	47360	----a-w-	c:\documents and settings\Owner\Application Data\pcouffin.sys
2009-06-09 01:42 . 2009-04-10 13:58	6327408	---ha-w-	c:\documents and settings\Owner\Application Data\mjusbsp\in00000\setup.exe
2009-06-09 01:42 . 2009-04-10 13:58	6327408	---ha-w-	c:\documents and settings\Owner\Application Data\mjusbsp\Upgrade\setup1.exe
2009-06-09 01:42 . 2009-04-10 13:55	725296	---ha-w-	c:\documents and settings\Owner\Application Data\mjusbsp\Upgrade\install1.exe
2009-06-09 01:41 . 2009-06-09 01:42	7685232	---h--w-	c:\documents and settings\Owner\Application Data\mjusbsp\ar00000\upgrade.exe
2009-06-09 01:41 . 2008-02-29 12:42	386496	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\ar00000\magicJackSplash.exe
2009-06-09 01:41 . 2009-06-09 01:42	--------	d-----w-	c:\documents and settings\Owner\Application Data\mjusbsp

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-05 18:44 . 2007-08-21 14:51	665485344	--sha-w-	c:\windows\system32\drivers\fidbox.dat
2009-07-05 11:08 . 2007-08-21 14:51	7800884	--sha-w-	c:\windows\system32\drivers\fidbox.idx
2009-07-03 19:05 . 2008-09-02 01:12	--------	d-----w-	c:\docume~1\HELLHO~1\APPLIC~1\mjusbsp
2009-07-03 18:15 . 2007-06-24 01:05	--------	d--h--r-	c:\documents and settings\All Users\Application Data\yahoo!
2009-07-03 18:15 . 2004-06-11 19:47	--------	d-----w-	c:\program files\Yahoo!
2009-07-03 18:15 . 2005-08-31 03:21	--------	d-----w-	c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-07-03 18:00 . 2004-01-26 12:22	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-07-03 11:57 . 2008-07-18 07:09	--------	d-----w-	c:\docume~1\HELLHO~1\APPLIC~1\uTorrent
2009-07-02 16:29 . 2007-09-16 21:14	63047686	----a-w-	c:\windows\Internet Logs\tvDebug.zip
2009-06-09 08:00 . 2004-06-29 03:46	110424	-c--a-w-	c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-09 07:18 . 2008-01-18 22:48	--------	d-----w-	c:\program files\Electronic Arts
2009-06-09 02:47 . 2004-01-26 12:29	--------	d-----w-	c:\program files\Common Files\Real
2009-06-09 02:43 . 2004-01-26 11:11	--------	d-----w-	c:\program files\HP
2009-06-09 02:42 . 2005-12-28 01:01	--------	d-----w-	c:\program files\Max Media Creator
2009-06-09 02:19 . 2007-02-02 15:16	--------	d-----w-	c:\program files\Google
2009-06-09 02:15 . 2006-12-15 23:46	--------	d-----w-	c:\program files\DVDFab Decrypter
2009-06-09 02:13 . 2006-12-27 22:35	--------	d-----w-	c:\documents and settings\Owner\Application Data\Vso
2009-06-09 02:06 . 2006-04-01 22:34	--------	d-----w-	c:\program files\Canon
2009-06-09 02:04 . 2004-08-11 05:24	--------	d-----w-	c:\program files\AIM
2009-06-09 02:03 . 2005-06-28 02:57	--------	d-----w-	c:\program files\A+ 2003
2009-06-08 12:08 . 2007-08-15 22:50	--------	d-----w-	c:\documents and settings\Owner\Application Data\uTorrent
2009-06-05 03:57 . 2009-06-05 03:57	--------	d-----w-	c:\program files\BTjunkie
2009-06-05 03:57 . 2008-03-04 20:43	--------	d-----w-	c:\program files\Conduit
2009-06-01 18:47 . 2009-06-01 18:39	--------	d-----w-	c:\program files\Ultra Tag Editor
2009-04-29 04:56 . 2004-01-21 20:16	827392	----a-w-	c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2004-09-09 05:14	78336	----a-w-	c:\windows\system32\ieencode.dll
2009-04-28 19:10 . 2004-09-09 11:35	110424	-c--a-w-	c:\documents and settings\Hellhound\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-19 22:50 . 2007-08-26 16:37	717296	----a-w-	c:\windows\system32\drivers\sptd.sys
2009-04-17 12:26 . 2004-01-26 08:11	1847168	----a-w-	c:\windows\system32\win32k.sys
2009-04-10 13:58 . 2009-04-10 13:58	86360	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\ug00000\magicJack.dll
2009-04-10 13:58 . 2009-04-10 13:58	6327408	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\ug00000\setup.exe
2009-04-10 13:58 . 2009-04-10 13:58	412784	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\magicJackLoader.exe
2009-04-10 13:58 . 2009-04-10 13:58	480608	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\octvqe1_apiw.dll
2009-04-10 13:58 . 2009-04-10 13:58	214360	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\TjVista.dll
2009-04-10 13:58 . 2009-04-10 13:58	325040	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\TjIpSys.dll
2009-04-10 13:57 . 2009-04-10 13:57	398696	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\SJHandsetTigerJet.dll
2009-04-10 13:57 . 2009-04-10 13:57	87384	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\st00000\mjsetup.exe
2009-04-10 13:57 . 2009-04-10 13:57	86360	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\st00000\magicJack.dll
2009-04-10 13:57 . 2009-04-10 13:57	86360	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\magicJack.dll
2009-04-10 13:56 . 2009-04-10 13:56	11871576	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\magicJack.exe
2009-04-10 13:55 . 2009-04-10 13:55	725296	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\ug00000\install.exe
2009-04-10 13:55 . 2009-04-10 13:55	87384	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\in00000\mjsetup.exe
2009-04-10 13:55 . 2009-04-10 13:55	86360	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\in00000\magicJack.dll
2009-04-10 13:53 . 2009-04-10 13:53	456040	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\ug00000\magicJackSplash.exe
2009-04-10 13:53 . 2009-04-10 13:53	456040	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\st00000\magicJackSplash.exe
2009-04-10 13:53 . 2009-04-10 13:53	456040	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\magicJackSplash.exe
2009-04-10 13:53 . 2009-04-10 13:53	456040	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\in00000\magicJackSplash.exe
2009-04-10 13:53 . 2009-04-10 13:53	50520	----a-w-	c:\documents and settings\Owner\Application Data\mjusbsp\cdloader2.exe
2009-04-08 16:12 . 2009-04-08 15:55	45056	----a-w-	c:\windows\system32\sstunst2.exe
2009-04-08 16:12 . 2009-04-08 16:12	475136	----a-w-	c:\windows\system32\Shadow Usul.scr
2009-04-08 16:12 . 2009-04-08 16:12	499200	----a-w-	c:\windows\system32\Haunted House.scr
2009-04-08 16:04 . 2009-04-08 16:04	1048171	----a-w-	c:\windows\system32\Puririn_Valentine.scr
2009-04-08 16:02 . 2009-04-08 16:02	520192	----a-w-	c:\windows\system32\Beautiful Katamari.scr
2009-04-08 15:56 . 2009-04-08 15:56	499200	----a-w-	c:\windows\system32\Maraqua.scr
2009-04-08 15:55 . 2009-04-08 15:55	499200	----a-w-	c:\windows\system32\Pirates.scr
2009-04-08 15:51 . 2009-04-08 15:51	520192	----a-w-	c:\windows\system32\Neopets - Meepits.scr
2005-02-01 06:39 . 2005-02-01 06:39	0	-csha-w-	c:\windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1a71246c-3eb0-4d6c-af77-3ab756017c3a}]
2009-05-20 22:05	2085400	----a-w-	c:\program files\BTjunkie\tbBTju.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdloader"="c:\documents and settings\Hellhound\Application Data\mjusbsp\cdloader2.exe" [2009-04-10 50520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2003-10-29 135168]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_03\bin\jusched.exe" [2005-04-13 36975]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2003-11-04 221184]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-12 61440]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-08 52736]
"BellSouthAlertManager.exe"="c:\program files\BellSouth\AM\BellSouthAlertManager.exe" [2007-01-28 2061816]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-09-06 919016]
"PS2"="c:\windows\system32\ps2.exe" [2003-09-13 98304]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-13 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-13 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"CamserviceDP"="c:\program files\Hercules\DualPix Exchange\Camservice.exe" [2007-08-10 81920]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-08 53248]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-10-30 16269312]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-08-13 1626112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"navapsvc"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Owner\\Application Data\\mjusbsp\\magicJack.exe"=
"c:\\Documents and Settings\\Hellhound\\Application Data\\mjusbsp\\magicJack.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12479:TCP"= 12479:TCP:BitComet 12479 TCP
"12479:UDP"= 12479:UDP:BitComet 12479 UDP
"57867:TCP"= 57867:TCP:Pando P2P TCP Listening Port
"57867:UDP"= 57867:UDP:Pando P2P UDP Listening Port

R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [1/14/2008 8:48 PM 26112]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [12/25/2008 1:47 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/25/2008 1:47 PM 20560]
S3 camfilt2;camfilt2;c:\windows\system32\drivers\camfilt2.sys [7/3/2009 2:01 PM 94208]
S3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [5/21/2008 7:42 AM 64000]
S3 pmxscan;Visioneer USB Kernel;c:\windows\system32\drivers\usbscan.sys [6/29/2004 9:53 PM 15104]
S3 XIRLINK;Dsc Pro Digital Camera;c:\windows\system32\DRIVERS\C-itnt.sys --> c:\windows\system32\DRIVERS\C-itnt.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - QBLAUIKJ
*Deregistered* - qblauikj
.
Contents of the 'Scheduled Tasks' folder

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{0DC9D31D-8840-4429-8815-B63903EC5A99}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 15:58]

2009-07-05 c:\windows\Tasks\User_Feed_Synchronization-{91EB3C36-B623-4EBA-8C23-125A130C723B}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 15:58]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
HKCU-RunOnce-Shockwave Updater - c:\windows\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; PeoplePal 3.0; .NET
HKLM-Run-OpwareSE2 - c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
HKLM-Run-OPSE reminder - c:\program files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe
HKLM-Run-HostManager - c:\program files\Common Files\AOL\1112078643\EE\AOLHostManager.exe


.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://srch-qus10.hpwis.com/
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
Trusted Zone: yourmusic.com\www
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://ea-src-cdn.systemrequirementslab.com/curi/bin/sysreqlab_srlx.cab
DPF: {D410AFBD-4E26-4D5F-840F-0412D6F6BB8D} - hxxp://www.shockwave.com/content/sandscript/sis/SandScript.1.0.0.21.cab
DPF: {E85362EF-40D4-4E5D-BE07-D6B036CCA277} - hxxps://secure.gopetslive.com/dev/gopets.cab
DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} - hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-05 14:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-07-05 14:47
ComboFix-quarantined-files.txt  2009-07-05 18:46

Pre-Run: 38,504,370,176 bytes free
Post-Run: 38,964,047,872 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect  /usepmtimer

254	--- E O F ---	2009-07-05 09:18