ComboFix 08-07-24.1 - Kelly 2008-07-24 18:20:22.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.581 [GMT -5:00]
Running from: C:\Documents and Settings\Kelly\Desktop\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((   Files Created from 2008-06-24 to 2008-07-24  )))))))))))))))))))))))))))))))
.

2008-07-22 20:51 . 2008-07-22 20:51	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-07-19 14:37 . 2008-07-18 19:15	36,472	--a------	C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-17 21:50 . 2008-07-17 21:51	<DIR>	d--------	C:\Program Files\FlySim
2008-07-15 09:08 . 2008-07-15 09:08	<DIR>	d--------	C:\Program Files\Kaspersky Lab
2008-07-15 09:08 . 2008-07-24 17:44	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-07-15 09:08 . 2008-07-24 18:22	8,899,104	--ahs----	C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-15 09:08 . 2008-07-24 17:41	119,756	--ahs----	C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-15 09:08 . 2008-07-24 18:22	102,176	--ahs----	C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-15 09:08 . 2008-07-24 08:58	96,559	--a------	C:\WINDOWS\system32\drivers\klin.dat
2008-07-15 09:08 . 2008-07-24 08:58	87,855	--a------	C:\WINDOWS\system32\drivers\klick.dat
2008-07-15 09:08 . 2008-07-24 17:41	10,340	--ahs----	C:\WINDOWS\system32\drivers\fidbox2.idx
2008-07-15 09:06 . 2008-07-15 09:06	<DIR>	d--------	C:\kav
2008-07-13 15:00 . 2008-07-13 15:00	313	--a------	C:\avexport.bat
2008-07-11 10:24 . 2008-07-11 10:24	<DIR>	d--------	C:\Documents and Settings\Kelly\Application Data\abelhadigital.com
2008-07-11 10:24 . 2008-07-11 10:24	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\abelhadigital.com
2008-07-11 10:21 . 2008-07-13 15:00	6,735,942	--a------	C:\backup.reg
2008-07-09 19:58 . 2008-07-24 17:13	19,286	--a------	C:\cleanup.exe
2008-07-09 19:58 . 2008-07-24 17:13	574	--a------	C:\cleanup.bat
2008-07-09 18:45 . 2008-07-09 18:45	<DIR>	d--------	C:\Program Files\Tall Emu
2008-07-09 18:45 . 2008-07-24 18:16	<DIR>	d--------	C:\Documents and Settings\Kelly\Application Data\OnlineArmor
2008-07-09 18:45 . 2008-07-24 18:08	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\OnlineArmor
2008-07-09 18:45 . 2008-07-09 19:05	75,776	--a------	C:\WINDOWS\system32\drivers\OADriver.sys
2008-07-09 18:45 . 2008-04-17 05:22	28,872	--a------	C:\WINDOWS\system32\drivers\oanet.sys
2008-07-09 18:45 . 2008-07-09 19:05	25,600	--a------	C:\WINDOWS\system32\drivers\OAmon.sys
2008-07-09 09:55 . 2008-06-20 06:51	361,600	---------	C:\WINDOWS\system32\drivers\tcpip.sys
2008-07-09 09:55 . 2008-06-20 06:08	225,856	---------	C:\WINDOWS\system32\drivers\tcpip6.sys
2008-07-09 09:55 . 2008-06-20 06:40	138,496	---------	C:\WINDOWS\system32\drivers\afd.sys
2008-07-04 14:02 . 2008-07-04 14:02	<DIR>	d--------	C:\Program Files\HostsMan
2008-07-03 22:34 . 2008-07-03 22:34	<DIR>	d--------	C:\Program Files\HD Tune
2008-07-01 01:04 . 2008-07-01 01:04	<DIR>	d--------	C:\WINDOWS\system32\scripting
2008-07-01 01:04 . 2008-07-01 01:04	<DIR>	d--------	C:\WINDOWS\system32\en
2008-07-01 01:04 . 2008-07-01 01:04	<DIR>	d--------	C:\WINDOWS\system32\bits
2008-07-01 01:04 . 2008-07-01 01:04	<DIR>	d--------	C:\WINDOWS\l2schemas
2008-07-01 01:02 . 2008-07-01 01:04	<DIR>	d--------	C:\WINDOWS\ServicePackFiles
2008-07-01 00:48 . 2008-04-13 19:11	1,888,992	---------	C:\WINDOWS\system32\ati3duag.dll
2008-06-28 14:40 . 2008-06-28 14:40	<DIR>	d--------	C:\Program Files\ESET
2008-06-28 14:40 . 2008-06-28 14:40	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\ESET
2008-06-28 11:59 . 2008-06-28 11:59	39,424	--a------	C:\WINDOWS\zipinst.exe
2008-06-27 23:32 . 2008-06-27 23:32	<DIR>	d--------	C:\Program Files\Common Files\Java
2008-06-27 23:32 . 2008-06-10 02:32	73,728	--a------	C:\WINDOWS\system32\javacpl.cpl

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-24 23:06	---------	d---a-w	C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-24 03:19	---------	d-----w	C:\Program Files\SpywareGuard
2008-07-24 03:19	---------	d-----w	C:\Program Files\SpywareBlaster
2008-07-21 15:14	---------	d-----w	C:\Program Files\Lavasoft
2008-07-21 15:11	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-19 19:38	---------	d-----w	C:\Program Files\Malwarebytes' Anti-Malware
2008-07-19 00:15	17,144	----a-w	C:\WINDOWS\system32\drivers\mbam.sys
2008-07-16 10:29	118,784	----a-w	C:\WINDOWS\SeaMonkeyUninstall.exe
2008-07-16 10:29	118,784	----a-w	C:\WINDOWS\GREUninstall.exe
2008-07-15 14:16	112,144	----a-w	C:\WINDOWS\system32\drivers\kl1.sys
2008-07-14 16:08	---------	d-----w	C:\Program Files\Java
2008-07-10 02:00	---------	d-----w	C:\Program Files\HP
2008-07-10 01:52	---------	d-----w	C:\Program Files\kontiki
2008-07-10 01:52	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Kontiki
2008-07-04 15:59	---------	d-----w	C:\Program Files\SpeedFan
2008-07-02 16:12	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-02 16:05	---------	d-----w	C:\Program Files\Spybot - Search & Destroy
2008-06-29 23:15	---------	d-----w	C:\Program Files\Napster
2008-06-29 16:16	---------	d-----w	C:\Documents and Settings\All Users\Application Data\RunOff
2008-06-29 15:55	---------	d-----w	C:\Program Files\MSECache
2008-06-28 22:03	---------	d-----w	C:\Program Files\Yahoo!
2008-06-28 22:03	---------	d-----w	C:\Program Files\SureThing
2008-06-28 22:03	---------	d-----w	C:\Program Files\QuickTime
2008-06-28 22:03	---------	d-----w	C:\Program Files\OpenTalk
2008-06-28 22:02	---------	d--h--w	C:\Program Files\InstallShield Installation Information
2008-06-28 22:02	---------	d-----w	C:\Program Files\Logitech
2008-06-28 22:02	---------	d-----w	C:\Program Files\Hewlett-Packard
2008-06-28 22:02	---------	d-----w	C:\Program Files\GemMaster
2008-06-28 22:02	---------	d-----w	C:\Program Files\Common Files\aolshare
2008-06-28 22:02	---------	d-----w	C:\Program Files\Common Files\AOL
2008-06-28 22:02	---------	d-----w	C:\Program Files\CD to MP3 Freeware
2008-06-28 22:02	---------	d-----w	C:\Program Files\BitComet
2008-06-28 22:02	---------	d-----w	C:\Program Files\Audible
2008-06-28 19:34	---------	d-----w	C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com
2008-06-28 19:24	---------	d-----w	C:\Program Files\DrWeb
2008-06-28 17:09	---------	d-----w	C:\Program Files\WinUpdatesList
2008-06-28 05:19	---------	d-----w	C:\Program Files\Microsoft ActiveSync
2008-06-24 23:57	---------	d-----w	C:\Program Files\Shockwave.com
2008-06-20 17:46	245,248	----a-w	C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:46	245,248	------w	C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:46	147,968	------w	C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 11:51	361,600	------w	C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 11:40	138,496	------w	C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 11:08	225,856	------w	C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-16 20:01	2,869,536	----a-w	C:\spywareblastersetup41.exe
2008-06-16 02:31	---------	d-----w	C:\Program Files\SUPERAntiSpyware
2008-06-16 02:31	---------	d-----w	C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-13 11:05	272,128	------w	C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 11:05	272,128	------w	C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-12 20:36	---------	d-----w	C:\Program Files\iTunes
2008-06-12 20:36	---------	d-----w	C:\Documents and Settings\Kelly\Application Data\Apple Computer
2008-06-12 20:35	---------	d-----w	C:\Program Files\iPod
2008-06-12 20:35	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-12 20:29	---------	d-----w	C:\Program Files\Apple Software Update
2008-06-12 20:29	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Apple
2008-06-06 13:57	---------	d-----w	C:\Program Files\Common Files\Adobe
2008-06-06 13:55	23,454,528	----a-w	C:\AdbeRdr812_en_US.exe
2008-06-06 04:32	---------	d-----w	C:\Documents and Settings\Kelly\Application Data\Malwarebytes
2008-06-06 04:32	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-06 04:30	1,756,760	----a-w	C:\mbam-setup.exe
2008-06-05 00:37	---------	d-----w	C:\Program Files\Trend Micro
2008-06-05 00:25	---------	d-----w	C:\Program Files\7-Zip
2008-06-04 19:37	142,096	----a-w	C:\WINDOWS\system32\drivers\tmcomm.sys
2008-05-29 04:22	---------	d-----w	C:\Documents and Settings\Kelly\Application Data\AdobeUM
2008-05-28 19:39	---------	d-----w	C:\Program Files\MTV Virtual World
2008-05-16 16:58	12,632	----a-w	C:\WINDOWS\system32\lsdelete.exe
2008-05-09 10:53	90,112	----a-w	C:\WINDOWS\system32\wshext.dll
2008-05-09 10:53	90,112	------w	C:\WINDOWS\system32\dllcache\wshext.dll
2008-05-09 10:53	512,000	------w	C:\WINDOWS\system32\dllcache\jscript.dll
2008-05-09 10:53	430,080	----a-w	C:\WINDOWS\system32\vbscript.dll
2008-05-09 10:53	430,080	------w	C:\WINDOWS\system32\dllcache\vbscript.dll
2008-05-09 10:53	180,224	----a-w	C:\WINDOWS\system32\scrobj.dll
2008-05-09 10:53	180,224	------w	C:\WINDOWS\system32\dllcache\scrobj.dll
2008-05-09 10:53	172,032	----a-w	C:\WINDOWS\system32\scrrun.dll
2008-05-09 10:53	172,032	------w	C:\WINDOWS\system32\dllcache\scrrun.dll
2008-05-08 14:02	203,136	------w	C:\WINDOWS\system32\dllcache\rmcast.sys
2008-05-08 11:24	155,648	----a-w	C:\WINDOWS\system32\wscript.exe
2008-05-08 11:24	155,648	------w	C:\WINDOWS\system32\dllcache\wscript.exe
2008-05-07 09:07	135,168	----a-w	C:\WINDOWS\system32\cscript.exe
2008-05-07 09:07	135,168	------w	C:\WINDOWS\system32\dllcache\cscript.exe
2008-05-07 05:12	1,288,192	------w	C:\WINDOWS\system32\quartz.dll
2008-05-07 05:12	1,288,192	------w	C:\WINDOWS\system32\dllcache\quartz.dll
2008-04-24 03:16	3,591,680	----a-w	C:\WINDOWS\system32\dllcache\mshtml.dll
2007-12-17 15:57	1,646	----a-w	C:\Documents and Settings\Kayla\Application Data\wklnhst.dat
2007-10-10 00:49	251	----a-w	C:\Program Files\wt3d.ini
2006-11-28 05:00	22	-csha-w	C:\WINDOWS\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 19:12 1695232]
"HostsMan"="C:\Program Files\HostsMan\hm.exe" [2008-06-16 04:19 2847232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartDefrag"="C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [2006-11-20 23:59 3920384]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-05-09 17:50 7311360]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 16:24 54840]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"OnlineArmor GUI"="C:\Program Files\Tall Emu\Online Armor\oaui.exe" [2008-04-17 05:22 5606464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-13 19:12 53760 C:\WINDOWS\system32\narrator.exe]

C:\Documents and Settings\Kayla\Start Menu\Programs\Startup\
PinMcLnk.lnk - C:\hp\bin\cloaker.exe [2006-07-31 20:44:35 27136]

C:\Documents and Settings\Kelly\Start Menu\Programs\Startup\
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 19:05:35 360448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates From HP.lnk]
backup=C:\WINDOWS\pss\Updates From HP.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
--------- 2006-11-23 17:12 851968 C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
--a------ 2006-02-16 00:34 249856 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
--a------ 2006-11-28 12:47 1040832 C:\Program Files\kontiki\KHost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2008-04-13 19:12 1695232 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2006-05-09 17:50 7311360 C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PwrUpTweakMe]
--a------ 2005-09-12 11:36 45056 C:\WINDOWS\system32\puxptwks.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
--a------ 2005-07-23 00:14 237568 C:\WINDOWS\SMINST\Recguard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2007-03-11 19:47 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
--------- 2005-08-03 01:19 77312 C:\WINDOWS\arpwrmsg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec Core LC"=2 (0x2)
"SPBBCSvc"=2 (0x2)
"SNDSrvc"=2 (0x2)
"SAVScan"=3 (0x3)
"NSCService"=3 (0x3)
"ccSetMgr"=2 (0x2)
"ccProxy"=2 (0x2)
"ccISPwdSvc"=3 (0x3)
"ccEvtMgr"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"C:\\Program Files\\Common Files\\AOL\\1164757353\\EE\\AOLServiceHost.exe"=
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"C:\\Program Files\\America Online 9.0a\\waol.exe"=
"C:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"C:\\Program Files\\kontiki\\KService.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20566:TCP"= 20566:TCP:BitComet 20566 TCP
"20566:UDP"= 20566:UDP:BitComet 20566 UDP

R1 OADevice;OADriver;C:\WINDOWS\system32\drivers\OADriver.sys [2008-07-09 19:05]
R1 OAmon;OAmon;C:\WINDOWS\system32\drivers\OAmon.sys [2008-07-09 19:05]
R1 OAnet;OAnet;C:\WINDOWS\system32\drivers\OAnet.sys [2008-04-17 05:22]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 13:28]
R3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 13:47]
S2 SvcOnlineArmor;Online Armor;C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2008-04-17 05:22]
S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\20.tmp []
S4 OYKNVASYNG;OYKNVASYNG;C:\DOCUME~1\Kelly\LOCALS~1\Temp\OYKNVASYNG.exe []

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-07-18 20:58:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-07-24 22:43:16 C:\WINDOWS\Tasks\SmartDefrag.job"
- C:\Program Files\IObit\IObit SmartDefrag\schedule.exeA
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-updateMgr - C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)


.
------- Supplementary Scan -------
.
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
R1 -: HKCU-Internet Settings,ProxyOverride = 127.0.0.1
O8 -: &AOL Toolbar search - C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 -: &D&ownload &with BitComet
O8 -: &D&ownload all video with BitComet
O8 -: &D&ownload all with BitComet
O8 -: &WordWeb... - C:\WINDOWS\system32\wweb32.dll/lookup.html
O8 -: Download with Star Downloader

O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd

O16 -: {127CE7BA-AD89-4108-A913-C52EFC037C36} - hxxp://kdx.omn.org/securedelivery/omn/PlayerSupport.cab
C:\WINDOWS\Downloaded Program Files\PlayerSupport.inf

 - C:\WINDOWS\Downloaded Program Files\PlayerSupport.osd

O16 -: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://download.ewido.net/ewidoOnlineScan.cab

O16 -: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} - hxxp://kdx.omn.org/securedelivery/omn/MediaPublisher.cab


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-24 18:22:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\mchInjDrv]
"ImagePath"="\??\C:\WINDOWS\TEMP\mc21.tmp"

[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\MEMSWEEP2]
"ImagePath"="\??\C:\WINDOWS\system32\20.tmp"
.
Completion time: 2008-07-24 18:24:03
ComboFix-quarantined-files.txt  2008-07-24 23:23:26

Pre-Run: 193,253,064,704 bytes free
Post-Run: 193,280,118,784 bytes free

284	--- E O F ---	2008-07-09 18:55:03