Here ya go, fresh outta the oven, this is the ComboFix logfile:
ComboFix 07-08-22.1 - "Courtney" 2007-08-21 16:23:06.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.368 [GMT -4:00]
* Created a new restore point
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Courtney\Desktop\internet explorer.lnk
C:\Program Files\ISM
C:\Program Files\ISM\bndloader.exe
C:\Program Files\ISM\dictionary.gz
C:\Program Files\ISM\ism.exe
C:\Program Files\ISM\ISMModule2.exe
C:\Program Files\ISM\targets.gz
C:\Program Files\ISM\Uninstall.exe
C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup
((((((((((((((((((((((((( Files Created from 2007-07-22 to 2007-08-22 )))))))))))))))))))))))))))))))
2007-08-21 16:21 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-20 20:26 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-08-20 20:26 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-08-20 20:26 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-08-20 20:26 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-08-20 20:26 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-20 20:26 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-08-20 20:25 783,224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-08-20 18:25 <DIR> d----c--- C:\KAV
2007-08-19 14:05 <DIR> d----c--- C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
2007-08-19 10:07 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-08-19 08:59 <DIR> d-------- C:\DOCUME~1\Courtney\.housecall6.6
2007-08-17 13:05 <DIR> d-------- C:\DOCUME~1\Courtney\trebcache
2007-08-17 12:57 <DIR> d-------- C:\Program Files\Trebuchet Tk
2007-08-14 22:20 <DIR> d-------- C:\Program Files\MSXML 6.0
2007-08-13 22:54 740,442 --a------ C:\WINDOWS\system32\divx.dll
2007-08-13 22:54 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-08-13 22:54 163,840 --a------ C:\WINDOWS\system32\unrar.dll
2007-08-10 08:08 413,696 --a------ C:\WINDOWS\system32\hapapi2.dll
2007-08-10 08:08 <DIR> d-------- C:\WINDOWS\system32\apigidsys
2007-08-05 18:41 <DIR> d-------- C:\Program Files\Project64 1.6
2007-07-27 19:37 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-07-27 19:37 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
2007-07-27 19:36 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-27 18:55 <DIR> d----c--- C:\8761aaad2f9a96262bacde7ffc390e27
2007-07-27 18:54 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-07-27 18:54 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-07-27 18:52 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-07-27 18:50 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2007-07-27 18:47 <DIR> d-------- C:\WINDOWS\system32\URTTEMP
2007-07-27 18:45 36,352 --------- C:\WINDOWS\system32\tsgqec.dll
2007-07-27 18:45 288,768 --------- C:\WINDOWS\system32\rhttpaa.dll
2007-07-27 18:45 116,736 --------- C:\WINDOWS\system32\aaclient.dll
2007-07-27 18:40 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-07-27 18:37 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-07-27 05:59 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-07-26 17:18 <DIR> d-------- C:\DOCUME~1\Courtney\APPLIC~1\teamspeak2
2007-07-25 17:49 49,664 --a------ C:\WINDOWS\uninstyler.exe
2007-07-25 17:49 <DIR> d-------- C:\Program Files\Cubic Carrot Software
2007-07-24 17:36 <DIR> d-------- C:\Program Files\OOBV2
2007-07-23 23:16 <DIR> d-------- C:\DOCUME~1\Courtney\APPLIC~1\Canon
2007-07-23 23:14 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-07-23 23:13 389,180 --a------ C:\WINDOWS\system32\UCS32P.DLL
2007-07-23 23:13 36,864 --a------ C:\WINDOWS\system32\CNQU70.DLL
2007-07-23 23:13 339,968 --a------ C:\WINDOWS\system32\N067UFW.DLL
2007-07-23 23:13 <DIR> d--h-c--- C:\CanoScan
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-21 07:40 --------- d-------- C:\DOCUME~1\Courtney\APPLIC~1\IMVU
2007-08-21 07:40 --------- d-------- C:\DOCUME~1\Courtney\APPLIC~1\IMVU
2007-08-20 20:09 --------- d-------- C:\Program Files\BitTorrent
2007-08-18 14:05 --------- d-------- C:\Program Files\StepMania
2007-08-13 22:54 --------- d-------- C:\Program Files\K-Lite Codec Pack
2007-08-13 22:52 --------- d-------- C:\Program Files\DivX
2007-07-31 13:54 --------- d-------- C:\DOCUME~1\Courtney\APPLIC~1\BitTorrent
2007-07-31 13:54 --------- d-------- C:\DOCUME~1\Courtney\APPLIC~1\BitTorrent
2007-07-24 17:31 --------- d----c--- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
2007-07-24 17:31 --------- d-------- C:\Program Files\Yahoo!
2007-07-20 16:39 --------- d-------- C:\Program Files\Frets on Fire
2007-07-19 19:12 --------- d-------- C:\DOCUME~1\Courtney\APPLIC~1\fretsonfire
2007-07-19 19:12 --------- d-------- C:\DOCUME~1\Courtney\APPLIC~1\fretsonfire
2007-07-16 17:28 --------- d----c--- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-07-13 02:08 --------- d-------- C:\DOCUME~1\Courtney\APPLIC~1\Skype
2007-07-13 02:08 --------- d-------- C:\DOCUME~1\Courtney\APPLIC~1\Skype
2007-07-12 01:10 --------- d-------- C:\Program Files\Paint.NET
2007-07-12 01:08 --------- d----c--- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Dragon's Eye Productions
2007-07-12 01:08 --------- d-------- C:\Program Files\Furcadia
2007-07-12 01:08 --------- d-------- C:\Program Files\dogproxy2
2007-07-10 18:55 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-07-10 13:16 --------- d-------- C:\Program Files\ImvuTools2
2007-07-10 13:14 --------- d-------- C:\Program Files\ImvuTools
2007-06-28 18:54 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-06-28 18:52 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-06-26 02:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-19 09:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-15 17:33 592 --a------ C:\WINDOWS\chgkey.vbs
2007-06-13 06:23 1033216 --a------ C:\WINDOWS\explorer.exe
2007-06-12 23:55 3785 --a------ C:\Program Files\jbac.jac
2007-05-19 19:03:33 88 --sh--r C:\WINDOWS\system32\E75CDA0AFC.sys
2007-05-19 19:21:47 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 14:47 C:\WINDOWS\ALCXMNTR.EXE]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-06-21 16:48]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-06-21 16:44]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-27 18:03]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Courtney^Start Menu^Programs^Startup^Ultra Hal Assistant 6 Startup.lnk]
path=C:\Documents and Settings\Courtney\Start Menu\Programs\Startup\Ultra Hal Assistant 6 Startup.lnk
backup=C:\WINDOWS\pss\Ultra Hal Assistant 6 Startup.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
"C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
C:\WINDOWS\system32\LVCOMSX.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecordPadRun]
"C:\Program Files\NCH Swift Sound\RecordPad\recordpad.exe" -logon
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ProtexisLicensing"=2 (0x2)
"wuauserv"=2 (0x2)
"ERSvc"=2 (0x2)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe -k netsvcs
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - ASWUPDSV
*Newly Created Service* - AVAST!_ANTIVIRUS
*Newly Created Service* - AVAST!_MAIL_SCANNER
*Newly Created Service* - AVAST!_WEB_SCANNER
Contents of the 'Scheduled Tasks' folder
2007-08-17 21:17:12 C:\WINDOWS\Tasks\1-Click Maintenance.job - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-08-22 16:27:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-22 16:28:55
C:\ComboFix-quarantined-files.txt ... 2007-08-22 16:28
--- E O F ---
Now here's the HijackThis log!
Logfile of HijackThis v1.99.1
Scan saved at 4:31:49 PM, on 8/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Courtney\Desktop\mIRC\mirc.exe
C:\Program Files\AIM95\AIM95\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\AIM95\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Courtney\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://www.pcpitstop...p/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) -
http://apps.corel.co...IEGetPlugin.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://by129fd.bay12...es/MsnPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) -
http://gamedownload....Plugin11USA.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://go.divx.com/p...owserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.mi...b?1185575831125
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://messenger.zon...ro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) -
http://messenger.zon...ot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab56907.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://www.oaserv.co...s/msnchat45.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
Anything else ya'll need?
Edited by Noekh, 21 August 2007 - 02:38 PM.
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
