Hi, I'm new to the forums and this is my first post. I did everything that was listed in the "Before you post a HijackThis Log". All of the logs are enclosed below. A while ago, I downloaded some programs and had CA EZ Internet Suite at the time, it came back that my computer was infected with a bunch of different Trojan programs. I think that I removed the Trojans successfully, but upon doing a recent TrendMicro Housecall scan, it came up that I was infected with the Adware Best Offers Network, and I cannot seem to get rid of it. I don't know if there are anymore infections on my system, but I will post the logs and hopefully you guys can advise what to do. Thanks in advance.

Malwarebytes' Anti-Malware 1.11
Database version: 699

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 114613
Time elapsed: 1 hour(s), 10 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/03/2008 at 10:16 AM

Application Version : 4.0.1154

Core Rules Database Version : 3450
Trace Rules Database Version: 1442

Scan type : Complete Scan
Total Scan Time : 01:11:11

Memory items scanned : 480
Memory threats detected : 0
Registry items scanned : 4705
Registry threats detected : 0
File items scanned : 81338
File threats detected : 49

Adware.Tracking Cookie
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@nextag[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@casalemedia[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@edge.ru4[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adopt.euroclick[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@serving-sys[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adultfriendfinder[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ad.yieldmanager[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@burstnet[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@tribalfusion[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@revsci[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@advertising[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@tacoda[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adultadworld[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@eas.apm.emediate[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@clicktorrent[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@roiservice[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@network.realmedia[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ads.revsci[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ad2.doublepimp[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ads.addynamix[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@doubleclick[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@richmedia.yahoo[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@bluestreak[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@bs.serving-sys[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@sales.liveperson[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@sales.liveperson[3].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@trafficmp[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@server.iad.liveperson[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adopt.specificclick[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@media.adrevolver[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@imrworldwide[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@apmebf[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@mediaplex[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@charmingshoppes.112.2o7[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@partner2profit[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ad2.clickhype[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@2o7[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@bp.specificclick[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@atdmt[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@fastclick[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adrevolver[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@statse.webtrendslive[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@zedo[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@specificclick[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@collective-media[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@247realmedia[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@msnportal.112.2o7[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@realmedia[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ehg-lowermybills.hitbox[1].txt


;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-05-03 11:19:15
PROTECTIONS: 1
MALWARE: 3
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
AVG Internet Security 8.0 Yes Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@mediaplex[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@ads.pointroll[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@questionmarket[1].txt
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location zu
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description zu
;===============================================================================
=================================================================================
===================
182048 HIGH MS07-069 zu
176382 HIGH MS07-057 zu
170907 HIGH MS07-046 zu
170906 HIGH MS07-045 zu
170904 HIGH MS07-043 zu
164913 HIGH MS07-033 zu
160623 HIGH MS07-027 zu
150253 HIGH MS07-016 zu
108742 MEDIUM MS06-006 zu
;===============================================================================
=================================================================================
===================


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:23:19 AM, on 5/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\DISC\DiscGui.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fisher-Price\Easy-Link internet launch pad\Easy-Link internet launch pad.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [eligmini] C:\Program Files\Fisher-Price\Easy-Link internet launch pad\Easy-Link internet launch pad.exe 0
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209514737046
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

--
End of file - 8315 bytes

Welcome to GTG.

Does TrendMicro indicate what file is infected?

1. Download combofix at http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe or http://download.bleepingcomputer.com/sUBs/ComboFix.exe
2. Double-click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply.

Note:
Do not click on combofix's window while it's running. That may cause it to stall.

Hi Greyknight, thanks for answering. TrendMicro does not indicate which file is infected, otherwise I would've tried to remove it on my own. Thanks for your help. Here is the Combofix log requested:

ComboFix 08-05-01.3 - Compaq_Administrator 2008-05-03 21:24:35.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.523 [GMT -4:00]
Running from: C:\Documents and Settings\Compaq_Administrator\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\Compaq_Administrator\Application Data\inst.exe
C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-04-04 to 2008-05-04 )))))))))))))))))))))))))))))))
.

2008-05-03 18:39 . 2008-05-03 18:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-05-03 17:47 . 2008-05-03 17:47 <DIR> d-------- C:\Program Files\DVDFab HD Decrypter 4
2008-05-03 17:44 . 2008-05-03 17:44 <DIR> d-------- C:\Program Files\vso
2008-05-03 17:06 . 2008-05-03 17:06 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\AdobeUM
2008-05-03 16:42 . 2008-05-03 16:42 <DIR> d-------- C:\temp
2008-05-03 11:22 . 2008-05-03 11:22 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-01 23:03 . 2008-05-01 23:03 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-05-01 22:21 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-05-01 22:21 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-05-01 22:21 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-05-01 22:21 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2008-04-30 19:20 . 2008-04-30 19:20 <DIR> d-------- C:\Program Files\Panda Security
2008-04-30 10:49 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-04-30 10:49 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-04-29 22:58 . 2008-04-30 00:55 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-04-29 22:58 . 2008-04-29 22:58 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-29 22:58 . 2008-04-29 22:58 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\SUPERAntiSpyware.com
2008-04-29 22:58 . 2008-04-29 22:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-29 22:31 . 2008-04-29 22:31 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-29 22:31 . 2008-04-29 22:31 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
2008-04-29 22:31 . 2008-04-29 22:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-29 22:29 . 2008-04-29 22:29 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-04-29 21:06 . 2008-04-29 21:06 <DIR> d-------- C:\kav
2008-04-29 20:58 . 2008-04-29 20:58 <DIR> d-------- C:\Program Files\CCleaner
2008-04-29 20:53 . 2008-04-29 20:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SlySoft
2008-04-29 20:53 . 2008-05-03 21:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy
2008-04-29 20:52 . 2008-04-29 20:52 <DIR> d-------- C:\Program Files\LG Software Innovations
2008-04-29 20:52 . 2008-05-03 17:44 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Vso
2008-04-29 20:52 . 2008-04-29 20:52 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-04-29 20:52 . 2008-04-29 20:52 47,360 --a------ C:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.sys
2008-04-29 20:51 . 2008-04-29 20:51 <DIR> d-------- C:\Program Files\SlySoft
2008-04-29 20:51 . 2008-04-29 20:51 0 ---hs---- C:\WINDOWS\SA67EF421.tmp
2008-04-29 20:20 . 2008-04-29 20:20 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-29 19:55 . 2007-03-08 01:10 991,232 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-29 19:55 . 2008-03-01 09:06 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-29 19:55 . 2008-03-01 09:06 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-29 19:55 . 2008-03-01 09:06 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-29 19:55 . 2008-02-22 06:00 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-29 19:54 . 2008-03-01 09:06 6,066,176 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-29 19:54 . 2007-04-17 05:32 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-29 19:54 . 2008-03-01 09:06 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-29 19:54 . 2008-03-01 09:06 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-29 19:29 . 2008-04-29 19:29 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-04-29 19:18 . 2006-03-20 23:23 23,040 --------- C:\WINDOWS\kb913800.exe
2008-04-29 13:38 . 2008-04-29 13:38 <DIR> d-------- C:\Program Files\Fisher-Price
2008-04-29 13:37 . 2008-04-29 13:37 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-04-29 09:14 . 2004-08-03 22:58 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-29 09:14 . 2004-08-03 22:58 14,848 --a------ C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-04-29 09:14 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-04-29 09:14 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys
2008-04-29 09:13 . 2008-04-29 09:13 <DIR> d-------- C:\Program Files\Logitech
2008-04-29 09:13 . 2008-04-29 09:13 <DIR> d-------- C:\Program Files\Common Files\Logitech
2008-04-29 09:13 . 2004-04-14 11:08 44,064 --a------ C:\WINDOWS\system32\drivers\WmXlCore.sys
2008-04-29 09:13 . 2004-04-14 11:08 21,280 --a------ C:\WINDOWS\system32\drivers\WmFilter.sys
2008-04-29 09:13 . 2004-04-14 11:08 10,144 --a------ C:\WINDOWS\system32\drivers\WmBEnum.sys
2008-04-29 09:13 . 2004-04-14 11:08 5,600 --a------ C:\WINDOWS\system32\drivers\WmVirHid.sys
2008-04-29 09:04 . 2008-05-03 18:19 <DIR> d-------- C:\Program Files\Juno
2008-04-29 09:04 . 1998-02-06 21:43 9,728 --a------ C:\WINDOWS\system32\rnaph.dll
2008-04-29 09:04 . 1998-08-24 20:03 4,608 --a------ C:\WINDOWS\system32\rnasmm.dll
2008-04-29 09:04 . 2008-05-03 18:29 488 --a------ C:\WINDOWS\JUNO.INI
2008-04-29 04:56 . 2008-05-03 20:05 182 --a------ C:\WINDOWS\system\hpsysdrv.DAT
2008-04-29 04:27 . 2008-05-03 21:24 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG
2008-04-29 03:56 . 2008-04-29 19:46 <DIR> d--hs---- C:\Documents and Settings\All Users\DRM
2008-04-29 03:56 . 2008-04-29 03:56 333 --a------ C:\WINDOWS\system32\$ncsp$.inf
2008-04-29 03:56 . 2008-04-29 03:56 61 --a------ C:\WINDOWS\smscfg.ini
2008-04-29 03:55 . 2004-08-04 01:59 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2008-04-29 03:55 . 2004-08-04 01:59 5,504 --a------ C:\WINDOWS\system32\dllcache\intelide.sys
2008-04-29 03:55 . 2004-08-04 01:59 5,376 --a------ C:\WINDOWS\system32\drivers\viaide.sys
2008-04-29 03:55 . 2004-08-04 01:59 5,376 --a------ C:\WINDOWS\system32\dllcache\viaide.sys
2008-04-29 03:43 . 2008-04-29 01:20 <DIR> d-------- C:\Program Files\Symantec
2008-04-29 03:43 . 2008-04-29 01:20 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-29 03:43 . 2008-04-29 01:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-04-29 03:39 . 2008-04-29 01:20 <DIR> d-------- C:\Program Files\Google
2008-04-29 03:35 . 2008-04-29 04:17 <DIR> d-------- C:\Program Files\PC-Doctor for DOS
2008-04-29 03:35 . 2008-04-29 04:17 <DIR> d-------- C:\Program Files\PC-Doctor 5 for Windows
2008-04-29 03:35 . 2005-11-18 15:51 28,848 --a------ C:\WINDOWS\system32\drivers\USBkey.sys
2008-04-29 03:35 . 2005-11-18 15:58 13,440 --a------ C:\WINDOWS\system32\drivers\pcdrndisuio.sys
2008-04-29 03:35 . 2002-12-06 15:10 2,238 --a------ C:\WINDOWS\system32\doc.ico
2008-04-29 03:33 . 2005-07-13 14:48 29,926 --a------ C:\WINDOWS\hsc.ico
2008-04-29 03:32 . 2008-04-29 01:04 <DIR> d-a------ C:\WINDOWS\system32\pcintro
2008-04-29 03:32 . 2008-04-29 04:03 <DIR> d-------- C:\WINDOWS\HPCPCUninstall-5577497
2008-04-29 03:32 . 2008-04-29 04:10 <DIR> d-------- C:\Program Files\Compaq Connections
2008-04-29 03:32 . 2008-04-29 03:32 118,842 -ra------ C:\WINDOWS\HPCPCUninstaller-6.3.2.116-5577497.exe
2008-04-29 03:31 . 2008-04-29 03:31 667,896 --a------ C:\WINDOWS\unins000.exe
2008-04-29 03:31 . 2003-04-07 17:22 45,056 --a------ C:\WINDOWS\system32\runclose.ocx
2008-04-29 03:31 . 2002-03-20 00:05 45,056 --a------ C:\WINDOWS\system32\hpreg.dll
2008-04-29 03:31 . 2004-01-22 13:51 40,960 --a------ C:\WINDOWS\system32\omano.dll
2008-04-29 03:31 . 2005-10-28 16:30 19,736 --a------ C:\WINDOWS\system32\oemlogo.bmp
2008-04-29 03:31 . 2008-04-29 03:31 12,988 --a------ C:\WINDOWS\system32\CHODDI.SYS
2008-04-29 03:31 . 2008-04-29 03:31 1,235 --a------ C:\WINDOWS\unins000.dat
2008-04-29 03:29 . 2008-04-29 01:22 <DIR> d-------- C:\Program Files\Quicken
2008-04-29 03:29 . 2008-04-29 04:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Intuit
2008-04-29 03:29 . 2008-04-29 01:22 31 --a------ C:\WINDOWS\Quicken.ini
2008-04-29 03:28 . 2008-04-29 04:03 <DIR> d-a------ C:\WINDOWS\CREATOR
2008-04-29 03:28 . 2008-04-29 04:06 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-04-29 03:28 . 2005-06-03 18:29 266,240 --a------ C:\WINDOWS\system32\ShellvRTF64.dll
2008-04-29 03:28 . 2005-06-03 18:29 237,568 --a------ C:\WINDOWS\system32\ShellvRTF.dll
2008-04-29 03:27 . 2003-06-18 20:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-04-29 03:27 . 2008-04-29 03:27 376 --a------ C:\WINDOWS\ODBC.INI
2008-04-29 03:25 . 2008-04-29 04:13 <DIR> d-------- C:\Program Files\Microsoft Works
2008-04-29 03:23 . 2008-04-29 04:09 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-04-29 03:22 . 2008-04-29 08:39 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-04-29 03:22 . 2008-04-29 04:09 <DIR> d-a------ C:\Program Files\Common Files\LightScribe
2008-04-29 03:22 . 2008-04-29 04:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-04-29 03:22 . 2003-04-23 21:29 221,215 --a------ C:\WINDOWS\system32\Divxdec.ax
2008-04-29 03:22 . 2006-01-02 16:26 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2008-04-29 03:21 . 2008-04-29 04:10 <DIR> d-------- C:\Program Files\Common Files\TiVo Shared
2008-04-29 03:19 . 2008-04-29 04:05 <DIR> d-------- C:\WINDOWS\wt
2008-04-29 03:17 . 2008-04-29 14:15 <DIR> d-------- C:\Program Files\WildTangent
2008-04-29 03:16 . 2008-04-29 04:18 <DIR> d-------- C:\Program Files\Sonic
2008-04-29 03:16 . 2008-04-29 04:10 <DIR> d-------- C:\Program Files\Common Files\SureThing Shared
2008-04-29 03:16 . 2008-04-29 04:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-04-29 03:16 . 2008-04-29 03:21 108 --a------ C:\WINDOWS\WININIT.INI
2008-04-29 03:15 . 2008-04-29 04:15 <DIR> d-------- C:\Program Files\Netscape
2008-04-29 03:15 . 2008-04-29 04:12 <DIR> d-------- C:\Program Files\HP Rhapsody
2008-04-29 03:15 . 2005-08-18 17:33 45,929 --a------ C:\WINDOWS\NSSetDefaultBrowser.EXE
2008-04-29 03:15 . 2008-04-29 03:15 8,192 --a------ C:\WINDOWS\REGLOCS.OLD
2008-04-29 03:15 . 2005-08-11 22:25 698 --a------ C:\WINDOWS\NSSetDefaultBrowser.ini
2008-04-29 03:14 . 2008-04-29 04:18 <DIR> d-------- C:\Program Files\Real
2008-04-29 03:14 . 2008-04-29 04:14 <DIR> d-------- C:\Program Files\music_now
2008-04-29 03:14 . 2008-04-29 04:10 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-04-29 03:14 . 2008-04-29 04:09 <DIR> d-------- C:\Program Files\Common Files\Real
2008-04-29 03:13 . 2008-04-29 04:14 <DIR> d-------- C:\Program Files\MSN Encarta Standard
2008-04-29 03:13 . 2008-04-29 04:11 <DIR> d-------- C:\Program Files\DISC
2008-04-29 03:13 . 2008-04-29 04:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-29 08:24 --------- d-----w C:\Program Files\Windows Plus
2008-04-29 08:13 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-29 07:33 61,440 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
2008-04-29 07:33 45,056 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2008-04-29 07:33 44,032 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2008-04-29 07:33 40,960 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
2008-04-29 07:33 341,048 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
2008-04-29 07:33 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
2008-04-29 07:33 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
2008-04-29 07:33 217,088 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
2008-04-29 07:33 163,840 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-14 22:24 93,128 ----a-w C:\WINDOWS\system32\ElbyCDIO.dll
2008-03-01 22:36 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:55 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-29 08:55 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:32 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-16 08:59 474,112 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2008-02-16 08:59 151,040 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2008-02-16 08:59 1,494,528 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2008-02-16 08:59 1,054,208 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2008-02-16 08:59 1,023,488 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
2008-04-29 01:30 2051328 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= "C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL" [2008-04-29 01:30 2051328]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-04-29 01:30 2051328]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 00:00 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-04-11 10:42 2075584]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-04-30 00:55 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 16:56 64512]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 19:19 77312 C:\WINDOWS\arpwrmsg.exe]
"DISCover"="C:\Program Files\DISC\DISCover.exe" [2005-11-11 17:11 1064960]
"DiscUpdateManager"="C:\Program Files\DISC\DiscUpdateMgr.exe" [2005-11-11 17:10 61440]
"DMAScheduler"="c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 05:01 90112]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 18:14 237568]
"PCDrProfiler"="" []
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-09 20:29 249856]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-13 22:23 663552]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 02:11 49152]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-04-29 01:30 1177368]
"eligmini"="C:\Program Files\Fisher-Price\Easy-Link internet launch pad\Easy-Link internet launch pad.exe" [2007-03-16 16:27 487424]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440]

C:\Documents and Settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - C:\hp\bin\CLOAKER.EXE [2006-02-06 22:46:03 27136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 2008-04-30 00:55 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\DISC\\DISCover.exe"=
"C:\\Program Files\\DISC\\DiscStreamHub.exe"=
"C:\\Program Files\\DISC\\myFTP.exe"=
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-04-29 01:30]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-04-29 01:30]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-04-29 01:30]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-04-29 01:30]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-04-29 01:30]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-04-29 01:30]
R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-04-29 01:29]
S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-04-29 01:29]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0f968846-9749-11da-95ee-0015f2a9f7da}]
\Shell\AutoRun\command - ~tmp0.1st.exe

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-03 21:26:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-03 21:26:54
ComboFix-quarantined-files.txt 2008-05-04 01:26:52

Pre-Run: 179,565,678,592 bytes free
Post-Run: 179,642,920,960 bytes free

256 --- E O F --- 2008-04-30 00:15:57

Download the Flash Disinfector at http://www.techsupportforum.com/sectools/s...Disinfector.exe and save it to your desktop. Double-click on it to run it and follow the on-screen instructions.

Open up C:\WINDOWS\WININIT.INI in notepad. Copy & Paste the contents of that file here. Then delete everything in that file and copy/paste the following two lines into it and save it:



Open up your Notepad editor (Start->Run, type in notepad and click OK). Copy the text from the quotebox below into Notepad:

Save this as CFScript.txt in the same location as the ComboFix.exe tool.
Drag the CFScript.txt into ComboFix.exe
Follow the prompts. When finished, it shall produce a log for you. Post that log in your next reply.

Note: Do not click on combofix's window while it's running. That may cause it to stall.

Is anything still detected now? How is the computer running so far?

Hi Greyknight, I did what you said and Opened up C:\WINDOWS\WININIT.INI in notepad. I can't Copy & Paste the contents of that file here because I had separate browser open and when I did the Combofix program, it shut down the browser. Here is the Combofix log:


ComboFix 08-05-01.3 - Compaq_Administrator 2008-05-04 18:03:44.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.332 [GMT -4:00]
Running from: C:\Documents and Settings\Compaq_Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Compaq_Administrator\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\WINDOWS\kb913800.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\kb913800.exe

.
((((((((((((((((((((((((( Files Created from 2008-04-04 to 2008-05-04 )))))))))))))))))))))))))))))))
.

2008-05-04 16:10 . 2008-05-04 16:10 8,627 --a------ C:\WINDOWS\system32\PAV_FOG.OPC
2008-05-04 14:02 . 2008-05-04 14:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8
2008-05-04 13:07 . 2008-05-04 16:16 198,372 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-05-04 13:07 . 2008-05-04 16:15 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys
2008-05-04 13:07 . 2008-05-04 16:16 1,204 --a------ C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-05-04 13:06 . 2008-05-04 13:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\sentinel
2008-05-04 13:03 . 2008-05-04 16:16 198,372 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-05-04 13:03 . 2007-09-28 13:24 83,896 --a------ C:\WINDOWS\system32\drivers\pavdrv51.sys
2008-05-04 13:03 . 2008-05-04 16:16 1,204 --a------ C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-05-04 13:03 . 2008-05-04 13:03 261 --a------ C:\WINDOWS\system32\PavCPL.dat
2008-05-04 13:02 . 2008-05-04 13:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Backup
2008-05-04 12:59 . 2008-05-04 12:59 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2008-05-04 12:59 . 2007-07-12 13:49 178,872 --a------ C:\WINDOWS\system32\drivers\PavProc.sys
2008-05-04 12:59 . 2007-05-23 15:40 38,968 --a------ C:\WINDOWS\system32\drivers\ShlDrv51.sys
2008-05-03 18:39 . 2008-05-03 18:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-05-03 17:47 . 2008-05-03 17:47 <DIR> d-------- C:\Program Files\DVDFab HD Decrypter 4
2008-05-03 17:44 . 2008-05-03 17:44 <DIR> d-------- C:\Program Files\vso
2008-05-03 17:06 . 2008-05-03 17:06 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\AdobeUM
2008-05-03 16:42 . 2008-05-03 16:42 <DIR> d-------- C:\temp
2008-05-03 11:22 . 2008-05-03 11:22 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-01 23:03 . 2008-05-01 23:03 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-05-01 22:21 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-05-01 22:21 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-05-01 22:21 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-05-01 22:21 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2008-04-30 19:20 . 2008-05-04 13:02 <DIR> d-------- C:\Program Files\Panda Security
2008-04-30 10:49 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-04-30 10:49 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-04-29 22:58 . 2008-04-30 00:55 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-04-29 22:58 . 2008-04-29 22:58 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-29 22:58 . 2008-04-29 22:58 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\SUPERAntiSpyware.com
2008-04-29 22:58 . 2008-04-29 22:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-29 22:31 . 2008-04-29 22:31 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-29 22:31 . 2008-04-29 22:31 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Malwarebytes
2008-04-29 22:31 . 2008-04-29 22:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-29 22:29 . 2008-04-29 22:29 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2008-04-29 21:06 . 2008-04-29 21:06 <DIR> d-------- C:\kav
2008-04-29 20:58 . 2008-04-29 20:58 <DIR> d-------- C:\Program Files\CCleaner
2008-04-29 20:53 . 2008-04-29 20:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SlySoft
2008-04-29 20:53 . 2008-05-04 00:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy
2008-04-29 20:52 . 2008-04-29 20:52 <DIR> d-------- C:\Program Files\LG Software Innovations
2008-04-29 20:52 . 2008-05-03 17:44 <DIR> d-------- C:\Documents and Settings\Compaq_Administrator\Application Data\Vso
2008-04-29 20:52 . 2008-04-29 20:52 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-04-29 20:52 . 2008-04-29 20:52 47,360 --a------ C:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.sys
2008-04-29 20:51 . 2008-04-29 20:51 <DIR> d-------- C:\Program Files\SlySoft
2008-04-29 20:51 . 2008-04-29 20:51 0 ---hs---- C:\WINDOWS\SA67EF421.tmp
2008-04-29 20:20 . 2008-04-29 20:20 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-29 19:55 . 2007-03-08 01:10 991,232 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-04-29 19:55 . 2008-03-01 09:06 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-04-29 19:55 . 2008-03-01 09:06 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-04-29 19:55 . 2008-03-01 09:06 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-04-29 19:55 . 2008-02-22 06:00 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-04-29 19:54 . 2008-03-01 09:06 6,066,176 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-04-29 19:54 . 2007-04-17 05:32 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-04-29 19:54 . 2008-03-01 09:06 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-04-29 19:54 . 2008-03-01 09:06 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-04-29 19:29 . 2008-04-29 19:29 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-04-29 13:38 . 2008-04-29 13:38 <DIR> d-------- C:\Program Files\Fisher-Price
2008-04-29 13:37 . 2008-04-29 13:37 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-04-29 09:14 . 2004-08-03 22:58 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-29 09:14 . 2004-08-03 22:58 14,848 --a------ C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-04-29 09:14 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-04-29 09:14 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\dllcache\mouhid.sys
2008-04-29 09:13 . 2008-04-29 09:13 <DIR> d-------- C:\Program Files\Logitech
2008-04-29 09:13 . 2008-04-29 09:13 <DIR> d-------- C:\Program Files\Common Files\Logitech
2008-04-29 09:13 . 2004-04-14 11:08 44,064 --a------ C:\WINDOWS\system32\drivers\WmXlCore.sys
2008-04-29 09:13 . 2004-04-14 11:08 21,280 --a------ C:\WINDOWS\system32\drivers\WmFilter.sys
2008-04-29 09:13 . 2004-04-14 11:08 10,144 --a------ C:\WINDOWS\system32\drivers\WmBEnum.sys
2008-04-29 09:13 . 2004-04-14 11:08 5,600 --a------ C:\WINDOWS\system32\drivers\WmVirHid.sys
2008-04-29 09:04 . 2008-05-03 18:19 <DIR> d-------- C:\Program Files\Juno
2008-04-29 09:04 . 1998-02-06 21:43 9,728 --a------ C:\WINDOWS\system32\rnaph.dll
2008-04-29 09:04 . 1998-08-24 20:03 4,608 --a------ C:\WINDOWS\system32\rnasmm.dll
2008-04-29 09:04 . 2008-05-03 18:29 488 --a------ C:\WINDOWS\JUNO.INI
2008-04-29 04:56 . 2008-05-04 16:16 182 --a------ C:\WINDOWS\system\hpsysdrv.DAT
2008-04-29 04:27 . 2008-05-03 21:24 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG
2008-04-29 03:56 . 2008-04-29 19:46 <DIR> d--hs---- C:\Documents and Settings\All Users\DRM
2008-04-29 03:56 . 2008-04-29 03:56 333 --a------ C:\WINDOWS\system32\$ncsp$.inf
2008-04-29 03:56 . 2008-04-29 03:56 61 --a------ C:\WINDOWS\smscfg.ini
2008-04-29 03:55 . 2004-08-04 01:59 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2008-04-29 03:55 . 2004-08-04 01:59 5,504 --a------ C:\WINDOWS\system32\dllcache\intelide.sys
2008-04-29 03:55 . 2004-08-04 01:59 5,376 --a------ C:\WINDOWS\system32\drivers\viaide.sys
2008-04-29 03:55 . 2004-08-04 01:59 5,376 --a------ C:\WINDOWS\system32\dllcache\viaide.sys
2008-04-29 03:43 . 2008-04-29 01:20 <DIR> d-------- C:\Program Files\Symantec
2008-04-29 03:43 . 2008-04-29 01:20 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-04-29 03:43 . 2008-04-29 01:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-04-29 03:39 . 2008-04-29 01:20 <DIR> d-------- C:\Program Files\Google
2008-04-29 03:35 . 2008-04-29 04:17 <DIR> d-------- C:\Program Files\PC-Doctor for DOS
2008-04-29 03:35 . 2008-04-29 04:17 <DIR> d-------- C:\Program Files\PC-Doctor 5 for Windows
2008-04-29 03:35 . 2005-11-18 15:51 28,848 --a------ C:\WINDOWS\system32\drivers\USBkey.sys
2008-04-29 03:35 . 2005-11-18 15:58 13,440 --a------ C:\WINDOWS\system32\drivers\pcdrndisuio.sys
2008-04-29 03:35 . 2002-12-06 15:10 2,238 --a------ C:\WINDOWS\system32\doc.ico
2008-04-29 03:33 . 2005-07-13 14:48 29,926 --a------ C:\WINDOWS\hsc.ico
2008-04-29 03:32 . 2008-04-29 01:04 <DIR> d-a------ C:\WINDOWS\system32\pcintro
2008-04-29 03:32 . 2008-04-29 04:03 <DIR> d-------- C:\WINDOWS\HPCPCUninstall-5577497
2008-04-29 03:32 . 2008-04-29 04:10 <DIR> d-------- C:\Program Files\Compaq Connections
2008-04-29 03:32 . 2008-04-29 03:32 118,842 -ra------ C:\WINDOWS\HPCPCUninstaller-6.3.2.116-5577497.exe
2008-04-29 03:31 . 2008-04-29 03:31 667,896 --a------ C:\WINDOWS\unins000.exe
2008-04-29 03:31 . 2003-04-07 17:22 45,056 --a------ C:\WINDOWS\system32\runclose.ocx
2008-04-29 03:31 . 2002-03-20 00:05 45,056 --a------ C:\WINDOWS\system32\hpreg.dll
2008-04-29 03:31 . 2004-01-22 13:51 40,960 --a------ C:\WINDOWS\system32\omano.dll
2008-04-29 03:31 . 2005-10-28 16:30 19,736 --a------ C:\WINDOWS\system32\oemlogo.bmp
2008-04-29 03:31 . 2008-04-29 03:31 12,988 --a------ C:\WINDOWS\system32\CHODDI.SYS
2008-04-29 03:31 . 2008-04-29 03:31 1,235 --a------ C:\WINDOWS\unins000.dat
2008-04-29 03:29 . 2008-04-29 01:22 <DIR> d-------- C:\Program Files\Quicken
2008-04-29 03:29 . 2008-04-29 04:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Intuit
2008-04-29 03:29 . 2008-04-29 01:22 31 --a------ C:\WINDOWS\Quicken.ini
2008-04-29 03:28 . 2008-04-29 04:03 <DIR> d-a------ C:\WINDOWS\CREATOR
2008-04-29 03:28 . 2008-04-29 04:06 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-04-29 03:28 . 2005-06-03 18:29 266,240 --a------ C:\WINDOWS\system32\ShellvRTF64.dll
2008-04-29 03:28 . 2005-06-03 18:29 237,568 --a------ C:\WINDOWS\system32\ShellvRTF.dll
2008-04-29 03:27 . 2003-06-18 20:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-04-29 03:27 . 2008-04-29 03:27 376 --a------ C:\WINDOWS\ODBC.INI
2008-04-29 03:25 . 2008-04-29 04:13 <DIR> d-------- C:\Program Files\Microsoft Works
2008-04-29 03:23 . 2008-04-29 04:09 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-04-29 03:22 . 2008-04-29 08:39 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-04-29 03:22 . 2008-04-29 04:09 <DIR> d-a------ C:\Program Files\Common Files\LightScribe
2008-04-29 03:22 . 2008-04-29 04:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-04-29 03:22 . 2003-04-23 21:29 221,215 --a------ C:\WINDOWS\system32\Divxdec.ax
2008-04-29 03:22 . 2006-01-02 16:26 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2008-04-29 03:21 . 2008-04-29 04:10 <DIR> d-------- C:\Program Files\Common Files\TiVo Shared
2008-04-29 03:19 . 2008-04-29 04:05 <DIR> d-------- C:\WINDOWS\wt
2008-04-29 03:17 . 2008-04-29 14:15 <DIR> d-------- C:\Program Files\WildTangent
2008-04-29 03:16 . 2008-04-29 04:18 <DIR> d-------- C:\Program Files\Sonic
2008-04-29 03:16 . 2008-04-29 04:10 <DIR> d-------- C:\Program Files\Common Files\SureThing Shared
2008-04-29 03:16 . 2008-04-29 04:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-29 08:24 --------- d-----w C:\Program Files\Windows Plus
2008-04-29 08:13 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-29 07:33 61,440 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemutil.dll
2008-04-29 07:33 45,056 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\uninstallUI\eHelpSetup.exe
2008-04-29 07:33 44,032 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\Scripts\devcon.exe
2008-04-29 07:33 40,960 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\ScDmi.dll
2008-04-29 07:33 341,048 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\HPBasicDetection3.dll
2008-04-29 07:33 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\uploadHSC.dll
2008-04-29 07:33 32,768 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\Scom.dll
2008-04-29 07:33 217,088 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
2008-04-29 07:33 163,840 ----a-w C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\modemcheck.dll
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-14 22:24 93,128 ----a-w C:\WINDOWS\system32\ElbyCDIO.dll
2008-03-01 22:36 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:55 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-29 08:55 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:32 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-16 08:59 474,112 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2008-02-16 08:59 151,040 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2008-02-16 08:59 1,494,528 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2008-02-16 08:59 1,054,208 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2008-02-16 08:59 1,023,488 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
.

((((((((((((((((((((((((((((( snapshot@2008-05-03_21.26.45.46 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-04 00:03:35 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-04 20:14:21 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2007-02-15 23:02:20 50,736 ----a-w C:\WINDOWS\system32\avldr.dll
+ 2007-09-28 17:05:40 71,608 ----a-w C:\WINDOWS\system32\drivers\APPFLT.SYS
+ 2007-06-08 11:44:06 24,760 ----a-w C:\WINDOWS\system32\drivers\cpoint.sys
+ 2007-05-11 12:33:06 51,256 ----a-w C:\WINDOWS\system32\drivers\dsaflt.sys
+ 2007-11-14 21:48:22 21,816 ----a-w C:\WINDOWS\system32\drivers\fnetmon.sys
+ 2007-07-11 14:39:48 191,672 ----a-w C:\WINDOWS\system32\drivers\idsflt.sys
+ 2007-10-25 12:50:32 132,664 ----a-w C:\WINDOWS\system32\drivers\NETFLTDI.SYS
+ 2007-11-19 17:01:50 143,160 ----a-w C:\WINDOWS\system32\drivers\netimflt.sys
+ 2007-05-11 12:33:32 37,304 ----a-w C:\WINDOWS\system32\drivers\smsflt.sys
+ 2007-05-11 12:33:34 30,648 ----a-w C:\WINDOWS\system32\drivers\wnmflt.sys
+ 2003-10-22 21:23:18 446,464 ----a-w C:\WINDOWS\system32\HHActiveX.dll
+ 2001-07-30 20:40:12 24,576 ----a-w C:\WINDOWS\system32\msxml3a.dll
+ 2007-02-28 21:04:44 63,024 ----a-w C:\WINDOWS\system32\pavipc.dll
+ 2007-10-25 21:27:32 292,144 ----a-w C:\WINDOWS\system32\PavSHook.dll
- 2008-04-29 23:50:48 53,640 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-05-04 17:09:53 53,640 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-04-29 23:50:48 382,022 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-05-04 17:09:53 382,022 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-02-08 14:53:40 107,568 ----a-w C:\WINDOWS\system32\SYSTOOLS.DLL
+ 2007-10-16 19:37:10 161,072 ----a-w C:\WINDOWS\system32\TpUtil.dll
+ 2008-05-04 20:15:03 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_b48.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 00:00 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [2008-04-11 10:42 2075584]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-04-30 00:55 1481968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 16:56 64512]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 19:19 77312 C:\WINDOWS\arpwrmsg.exe]
"DISCover"="C:\Program Files\DISC\DISCover.exe" [2005-11-11 17:11 1064960]
"DiscUpdateManager"="C:\Program Files\DISC\DiscUpdateMgr.exe" [2005-11-11 17:10 61440]
"DMAScheduler"="c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 05:01 90112]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 18:14 237568]
"PCDrProfiler"="" []
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-09 20:29 249856]
"Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-13 22:23 663552]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 02:11 49152]
"eligmini"="C:\Program Files\Fisher-Price\Easy-Link internet launch pad\Easy-Link internet launch pad.exe" [2007-03-16 16:27 487424]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 16:44 61440]
"APVXDWIN"="C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.exe" [2007-11-23 14:33 406832]
"SCANINICIO"="C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" [2007-07-11 14:17 27952]

C:\Documents and Settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - C:\hp\bin\CLOAKER.EXE [2006-02-06 22:46:03 27136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 2008-04-30 00:55 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\DISC\\DISCover.exe"=
"C:\\Program Files\\DISC\\DiscStreamHub.exe"=
"C:\\Program Files\\DISC\\myFTP.exe"=
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-09-28 13:05]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 08:33]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-11-14 17:48]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 10:39]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-10-25 08:50]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-05-23 15:40]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 08:33]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 08:33]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2007-06-08 07:44]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 13:49]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys []
R3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\system32\DRIVERS\COMFiltr.sys [2008-05-04 16:15]
R3 NETIMFLT01050097;PANDA NDIS IM Filter Miniport v1.5.0.97;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-11-19 13:01]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys []
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0f968846-9749-11da-95ee-0015f2a9f7da}]
\Shell\AutoRun\command - ~tmp0.1st.exe

*Newly Created Service* - COMFILTR
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-04 18:06:05
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwEnumerateKey, ZwClose, ZwEnumerateValueKey, ZwQueryValueKey, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-04 18:07:10
ComboFix-quarantined-files.txt 2008-05-04 22:07:05
ComboFix2.txt 2008-05-04 21:45:24
ComboFix3.txt 2008-05-04 01:26:55

Pre-Run: 179,329,597,440 bytes free
Post-Run: 179,319,033,856 bytes free

280 --- E O F --- 2008-04-30 00:15:57


Hope this helps.

You may just erase the contents inside the C:\WINDOWS\WININIT.INI file and copy/paste the lines I mentioned earlier.

Good job. Your log is clean.

To help prevent future spyware infections, read the Anti-Spyware Tutorial and use the tools provided.

Are there any problems now? If none, go to Start->Run, copy/paste in combofix /u and hit OK to remove it. You should be set to go.