ComboFix 09-06-13.03 - Sushi 06/13/2009 15:01.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1023.657 [GMT -7:00]
Running from: c:\documents and settings\Sushi\Desktop\Combo-Fix.exe
AV: avast! antivirus 4.8.1335 [VPS 090613-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Sushi\Application Data\.#
c:\program files\MicPhone
c:\program files\MicPhone\antit.dll
c:\windows\IE4 Error Log.txt
c:\windows\jestertb.dll
c:\windows\system32\_000003_.tmp.dll
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\_000012_.tmp.dll
c:\windows\system32\MSIVXcount
c:\windows\system32\MSIVXrotvjtfhmybpqrxrsirjjdokijrhntot.dll

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MSIVXSERV.SYS
-------\Service_MSIVXserv.sys


(((((((((((((((((((((((((   Files Created from 2009-05-13 to 2009-06-13  )))))))))))))))))))))))))))))))
.

2009-06-10 03:56 . 2008-04-13 18:39	14592	-c--a-w-	c:\windows\system32\dllcache\kbdhid.sys
2009-06-10 03:56 . 2008-04-13 18:39	14592	----a-w-	c:\windows\system32\drivers\kbdhid.sys
2009-06-10 03:27 . 2009-04-30 21:22	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2009-06-10 03:27 . 2009-04-30 21:22	246272	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2009-06-10 03:27 . 2009-04-30 21:22	1985024	-c----w-	c:\windows\system32\dllcache\iertutil.dll
2009-06-10 03:27 . 2009-04-30 21:22	11064832	-c----w-	c:\windows\system32\dllcache\ieframe.dll
2009-06-09 05:26 . 2009-06-09 05:26	--------	d-----w-	c:\documents and settings\Sushi\Application Data\Malwarebytes
2009-06-09 05:26 . 2009-05-26 20:20	40160	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-09 05:26 . 2009-06-09 05:26	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-09 05:26 . 2009-06-09 05:26	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2009-06-09 05:26 . 2009-05-26 20:19	19096	----a-w-	c:\windows\system32\drivers\mbam.sys
2009-06-09 03:12 . 2009-02-05 20:06	23152	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2009-06-09 03:12 . 2009-02-05 20:06	51376	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2009-06-09 03:12 . 2009-02-05 20:05	26944	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2009-06-09 03:12 . 2009-02-05 20:04	97480	----a-w-	c:\windows\system32\AvastSS.scr
2009-06-09 03:12 . 2009-02-05 20:08	93296	----a-w-	c:\windows\system32\drivers\aswmon.sys
2009-06-09 03:12 . 2009-02-05 20:08	94032	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2009-06-09 03:12 . 2009-02-05 20:07	114768	----a-w-	c:\windows\system32\drivers\aswSP.sys
2009-06-09 03:12 . 2009-02-05 20:07	20560	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2009-06-09 03:12 . 2009-02-05 20:11	1256296	----a-w-	c:\windows\system32\aswBoot.exe
2009-06-09 03:12 . 2009-06-09 03:12	--------	d-----w-	c:\program files\Alwil Software
2009-06-09 02:52 . 2009-06-09 02:52	--------	d-sh--w-	c:\windows\system32\config\systemprofile\IETldCache
2009-06-09 02:51 . 2009-06-09 02:51	--------	d-sh--w-	c:\windows\system32\config\systemprofile\PrivacIE
2009-06-04 04:35 . 2009-06-04 04:35	--------	d-----w-	c:\program files\iPod
2009-06-04 04:35 . 2009-06-04 04:35	--------	d-----w-	c:\program files\iTunes
2009-06-04 04:33 . 2009-06-04 04:33	--------	d-----w-	c:\program files\QuickTime
2009-06-04 04:29 . 2009-06-04 04:29	75048	----a-w-	c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-03 01:34 . 2009-06-03 01:38	--------	d-----w-	c:\program files\DAEMON Tools Pro
2009-06-03 01:34 . 2009-06-03 01:34	--------	d-----w-	c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-06-03 01:27 . 2009-06-03 01:27	717296	----a-w-	c:\windows\system32\drivers\sptd.sys
2009-06-03 01:27 . 2009-06-03 01:27	--------	d-----w-	c:\documents and settings\Sushi\Application Data\DAEMON Tools Pro
2009-06-02 06:05 . 2009-06-02 06:05	--------	d-----w-	c:\documents and settings\Sushi\Local Settings\Application Data\Ascaron Entertainment
2009-06-02 06:03 . 2009-06-02 06:03	--------	d--h--r-	c:\documents and settings\Sushi\Application Data\SecuROM
2009-06-02 05:26 . 2009-06-02 05:27	--------	d-----w-	c:\program files\AGEIA Technologies
2009-06-02 05:26 . 2009-06-02 05:26	--------	d-----w-	c:\windows\system32\AGEIA
2009-06-02 05:26 . 2009-06-02 05:26	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2009-05-31 06:04 . 2009-05-31 06:04	--------	d-----w-	c:\documents and settings\Sushi\Application Data\Leadertech
2009-05-31 05:59 . 2009-05-31 05:59	0	----a-w-	c:\windows\PowerReg.dat
2009-05-27 05:15 . 2009-05-27 05:15	--------	d-----w-	c:\documents and settings\Sushi\Local Settings\Application Data\Gas Powered Games
2009-05-26 15:47 . 2008-10-10 11:52	2036576	----a-w-	c:\windows\system32\D3DCompiler_40.dll
2009-05-26 15:47 . 2008-10-10 11:52	452440	----a-w-	c:\windows\system32\d3dx10_40.dll
2009-05-26 15:47 . 2008-10-10 11:52	4379984	----a-w-	c:\windows\system32\D3DX9_40.dll
2009-05-26 15:46 . 2008-10-27 17:04	514384	----a-w-	c:\windows\system32\XAudio2_3.dll
2009-05-26 15:46 . 2008-10-27 17:04	70992	----a-w-	c:\windows\system32\XAPOFX1_2.dll
2009-05-26 15:46 . 2008-10-27 17:04	235856	----a-w-	c:\windows\system32\xactengine3_3.dll
2009-05-26 15:46 . 2008-10-27 17:04	23376	----a-w-	c:\windows\system32\X3DAudio1_5.dll
2009-05-26 15:46 . 2008-07-31 17:41	68616	----a-w-	c:\windows\system32\XAPOFX1_1.dll
2009-05-26 15:46 . 2008-07-31 17:40	509448	----a-w-	c:\windows\system32\XAudio2_2.dll
2009-05-26 15:46 . 2008-07-31 17:41	238088	----a-w-	c:\windows\system32\xactengine3_2.dll
2009-05-26 15:46 . 2008-07-12 15:18	467984	----a-w-	c:\windows\system32\d3dx10_39.dll
2009-05-26 15:46 . 2008-07-12 15:18	1493528	----a-w-	c:\windows\system32\D3DCompiler_39.dll
2009-05-26 15:46 . 2008-07-12 15:18	3851784	----a-w-	c:\windows\system32\D3DX9_39.dll
2009-05-26 15:43 . 2009-05-26 15:43	--------	d-----w-	c:\documents and settings\Sushi\Application Data\Stardock
2009-05-26 15:41 . 2009-05-26 15:41	--------	d-----w-	c:\documents and settings\All Users\Application Data\Stardock
2009-05-18 19:03 . 2009-05-18 19:03	--------	d-----w-	c:\documents and settings\Sushi\Application Data\Viewpoint
2009-05-17 06:30 . 2009-05-17 06:30	--------	d-----w-	c:\documents and settings\Sushi\Local Settings\Application Data\Blizzard Entertainment

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-13 20:39 . 2008-01-08 02:11	--------	d-----w-	c:\documents and settings\Sushi\Application Data\uTorrent
2009-06-12 15:37 . 2009-01-29 00:31	--------	d-----w-	c:\program files\AIM6
2009-06-12 15:37 . 2009-01-29 00:32	--------	d-----w-	c:\documents and settings\All Users\Application Data\Viewpoint
2009-06-12 15:36 . 2009-06-12 15:36	--------	d-----w-	c:\documents and settings\All Users\Application Data\AOL Downloads
2009-06-09 05:51 . 2008-03-12 22:30	--------	d-----w-	c:\program files\MAME32k
2009-06-09 05:50 . 2008-03-04 02:16	--------	d-----w-	c:\program files\Java
2009-06-09 05:48 . 2008-11-23 06:14	--------	d-----w-	c:\program files\GGPO
2009-06-09 05:47 . 2008-01-07 05:46	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-06-09 04:33 . 2004-08-12 12:00	2864	----a-w-	c:\windows\system32\winsock.dll
2009-06-09 03:10 . 2008-04-29 15:40	--------	d---a-w-	c:\documents and settings\All Users\Application Data\TEMP
2009-06-07 20:07 . 2008-01-08 02:10	--------	d-----w-	c:\program files\PeerGuardian2
2009-06-05 04:23 . 2008-01-09 01:40	56936	----a-w-	c:\documents and settings\Sushi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-04 04:35 . 2008-01-09 01:33	--------	d-----w-	c:\program files\Common Files\Apple
2009-06-02 06:00 . 2008-05-24 23:13	413696	----a-w-	c:\windows\system32\wrap_oal.dll
2009-06-02 06:00 . 2008-05-24 23:13	110592	----a-w-	c:\windows\system32\OpenAL32.dll
2009-05-29 20:36 . 2009-03-13 15:39	2060288	----a-w-	c:\windows\system32\usbaaplrc.dll
2009-05-29 20:36 . 2008-01-09 01:34	39424	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2009-05-29 15:28 . 2009-01-01 23:22	--------	d-----w-	c:\documents and settings\Sushi\Application Data\LimeWire
2009-05-25 19:04 . 2008-02-29 06:37	--------	d-----w-	c:\documents and settings\Sushi\Application Data\Orbit
2009-05-19 08:36 . 2009-06-12 15:36	2884832	----a-w-	c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4426\vwpt.exe
2009-05-19 08:36 . 2009-06-12 15:36	28	----a-w-	c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4426\unregister.bat
2009-05-19 08:36 . 2009-06-12 15:36	97072	----a-w-	c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4426\bsetutil.exe
2009-05-19 08:36 . 2009-06-12 15:36	25	----a-w-	c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4426\register.bat
2009-05-19 08:36 . 2009-06-12 15:36	1484856	----a-w-	c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4426\toolbar.exe
2009-05-19 08:36 . 2009-06-12 15:36	142040	----a-w-	c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4426\alsetup.exe
2009-05-19 08:36 . 2009-06-12 15:36	30512	----a-w-	c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4426\Uninstaller.exe
2009-05-19 08:36 . 2009-06-12 15:36	111920	----a-w-	c:\documents and settings\All Users\Application Data\AOL Downloads\SUD4426\AOLSearch.dll
2009-05-13 05:15 . 2004-08-12 12:00	915456	----a-w-	c:\windows\system32\wininet.dll
2009-05-07 15:32 . 2004-08-12 12:00	345600	----a-w-	c:\windows\system32\localspl.dll
2009-04-21 05:06 . 2009-04-21 05:06	152576	----a-w-	c:\documents and settings\Sushi\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-17 12:26 . 2004-08-12 12:00	1847168	----a-w-	c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2004-08-12 12:00	585216	----a-w-	c:\windows\system32\rpcrt4.dll
2009-03-22 23:47 . 2008-04-13 23:43	81992	----a-w-	c:\windows\War3Unin.dat
2009-03-20 03:02 . 2009-03-20 03:01	37514	----a-w-	c:\windows\scunin.dat
2009-03-20 03:02 . 2009-03-20 03:01	967	----a-w-	c:\windows\ScUnin.pif
2009-03-20 03:02 . 2009-03-20 03:01	94208	----a-w-	c:\windows\ScUnin.exe
2009-03-19 23:32 . 2009-03-19 23:32	23400	----a-w-	c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 23:32 . 2008-01-29 19:01	23400	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2008-04-14 00:11 . 2004-08-12 12:00	13626368	--sh--w-	c:\windows\system32\icm64.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerGuardian"="c:\program files\PeerGuardian2\pg2.exe" [2005-09-19 1421824]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"CurseClient"="c:\program files\Curse\CurseClient.exe" [2009-06-09 1934336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13574144]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-23 81920]
"awxDTools"="c:\progra~1\arniWORX\AWXDTO~1\awxDTools.dll" [2005-03-17 126976]
"DT HPW"="c:\program files\Portrait Displays\HP My Display\DTHtml.exe" [2007-04-25 280064]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-14 177472]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-18 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-27 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-05-30 292136]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" - c:\windows\system32\Hdaudpropshortcut.exe [2004-08-13 61952]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-09-18 1657376]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-10-21 77824]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2004-10-22 2744832]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-02-29 76304]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-02-29 76304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2007-12-19 8720384]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-9-6 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 09:42	72208	----a-w-	c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6/8/2009 8:12 PM 114768]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [4/23/2007 4:03 AM 82200]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/8/2009 8:12 PM 20560]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/28/2009 5:32 PM 24652]
R2 wmcmgc;Windows Management Configuration;c:\windows\System32\svchost.exe -k netsvcs [8/12/2004 5:00 AM 14336]
S2 NetCM;Network Connection Manager;c:\program files\NetMeeting\Netsh.exe [7/4/2007 12:10 PM 417280]
S4 prtgwatchservice;PRTG Watchdog;c:\program files\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe --> c:\program files\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - PGFILTER

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
wmcmgc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder

2009-06-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]

2009-06-13 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-05-12 05:18]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Aim6 - (no file)
HKU-Default-Run-shv - c:\program files\MicPhone\antit.exe


.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {933598CB-8FC4-4983-8C1B-E1C84FD51B2C} = 192.168.1.1,207.141.24.1
FF - ProfilePath - 
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-13 15:15
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ef,f0,a5,36,1c,7b,a3,44,89,5b,fd,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ef,f0,a5,36,1c,7b,a3,44,89,5b,fd,\

[HKEY_USERS\S-1-5-21-1645522239-1897051121-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:98,05,b5,5b,06,56,86,43,db,b8,b1,2b,83,78,b9,21,19,b3,f1,31,bf,
   1c,82,bb,48,60,73,87,c4,71,ec,c4,8c,8e,5b,37,b4,83,b3,16,23,25,57,e1,6b,64,\
"rkeysecu"=hex:70,62,aa,28,9b,ab,b4,a1,af,35,ff,39,b4,f9,79,bc
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(796)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll

- - - - - - - > 'explorer.exe'(3360)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\NetLimiter 2 Pro\nlsvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\NetLimiter 2 Pro\NLClient.exe
c:\windows\system32\CF23736.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Portrait Displays\Shared\HookManager.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
.
**************************************************************************
.
Completion time: 2009-06-13 15:20 - machine was rebooted
ComboFix-quarantined-files.txt  2009-06-13 22:20

Pre-Run: 14,627,074,048 bytes free
Post-Run: 15,610,601,472 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

293	--- E O F ---	2009-06-10 10:03