Thanks again steamwiz.
Here are the contents of Combofix.txt & uninstall_list.txt.
ComboFix 08-03-30.1 - Arun 2008-04-02 15:30:29.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.150 [GMT 5.5:30]
Running from: C:\Documents and Settings\Arun\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Arun\Desktop\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!FILE ::
C:\WINDOWS\system32\826O.dat
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\826O.dat
.
((((((((((((((((((((((((( Files Created from 2008-03-02 to 2008-04-02 )))))))))))))))))))))))))))))))
.
2008-03-30 12:56 . 2008-03-30 12:56 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-03-30 12:56 . 2008-03-30 12:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-30 10:18 . 2008-03-30 10:18 <DIR> d-------- C:\Program Files\Trend Micro
2008-03-29 17:28 . 2008-03-29 17:28 <DIR> d-------- C:\Documents and Settings\Arun\Application Data\Grisoft
2008-03-29 17:27 . 2008-03-29 17:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-29 17:27 . 2007-05-30 17:40 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-03-22 15:00 . 2008-03-22 15:00 <DIR> d-------- C:\tally
2008-03-22 12:09 . 2008-03-22 12:09 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Talkback
2008-03-22 12:06 . 2008-03-22 12:06 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Tenebril
2008-03-16 10:54 . 2008-03-16 10:54 <DIR> d-------- C:\Documents and Settings\Arun\Application Data\Tenebril
2008-03-16 10:47 . 2008-03-16 10:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Tenebril
2008-03-16 10:46 . 2008-03-16 10:46 <DIR> d-------- C:\WINDOWS\system32\tenarchlib
2008-03-16 10:46 . 2008-03-16 10:46 <DIR> d-------- C:\Program Files\SpyCatcher
2008-03-16 10:46 . 2007-05-07 11:39 1,103,944 --a-s---- C:\WINDOWS\system32\Protector.dll
2008-03-16 10:46 . 2005-10-12 23:10 180,224 --a-s---- C:\WINDOWS\system32\archlib.dll
2008-03-16 10:46 . 2007-05-07 11:39 169,544 --a-s---- C:\WINDOWS\system32\SecuLoad.dll
2008-03-16 10:46 . 2007-05-07 11:42 40,960 --a-s---- C:\WINDOWS\system32\ProcessKiller.dll
2008-03-14 16:48 . 2008-03-15 10:20 <DIR> d-------- C:\Program Files\InternetProgram
2008-03-14 16:48 . 2008-03-28 10:23 <DIR> d-------- C:\Program Files\FBrowsingAdvisor
2008-03-14 16:48 . 2008-03-14 16:48 <DIR> d-------- C:\Program Files\FBrowserAdvisor
2008-03-11 13:25 . 2008-03-11 13:25 <DIR> d-------- C:\Program Files\iPod
2008-03-11 13:24 . 2008-03-11 13:25 <DIR> d-------- C:\Program Files\iTunes
2008-03-11 13:23 . 2008-03-11 13:23 <DIR> d-------- C:\Program Files\Bonjour
2008-03-11 13:20 . 2008-03-11 13:20 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-11 13:20 . 2008-03-11 13:20 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-03-11 13:20 . 2008-03-11 13:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-03-11 13:05 . 2008-04-02 11:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-11 13:05 . 2008-03-11 13:05 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-14 11:20 --------- d-----w C:\Program Files\LimeWire
2008-03-11 07:53 --------- d-----w C:\Program Files\QuickTime
2008-03-11 07:51 --------- d-----w C:\Program Files\Apple Software Update
2008-03-05 12:08 --------- d-----w C:\Documents and Settings\Arun\Application Data\Canon
2007-01-03 06:51 18,408 ----a-w C:\Documents and Settings\Arun\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((( snapshot@2008-03-30_15.32.47.88 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-02 05:53:05 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_570.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 21:54 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:26 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-27 05:45 98304]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-27 05:45 536576]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-10-30 14:16 155648]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-10-30 14:03 118784]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-04-30 10:32 208958]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-04-30 13:50 274432]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [2005-04-13 03:48 36975]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 18:30 79224]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152]
"OPSE reminder"="C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" [2003-07-07 09:29 729088]
"YeppStudioAgent"="C:\Program Files\Samsung\SamsungMediaStudio4.1\SamsungMediaStudioAgent.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
"SpyCatcher Reminder"="C:\Program Files\SpyCatcher\SpyCatcher.exe" [2007-10-16 12:05 103864]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 14:55 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-24 02:48 443968]
C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Scheduler.lnk - C:\Program Files\SpyCatcher\Scheduler daemon.exe [2008-03-16 10:46:26 86133]
C:\Documents and Settings\Arun\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]
Scheduler.lnk - C:\Program Files\SpyCatcher\Scheduler daemon.exe [2008-03-16 10:46:26 86133]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
SpyCatcher Protector.lnk - C:\Program Files\SpyCatcher\Protector.exe [2008-03-16 10:46:26 91576]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=secuload.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
S2 Tally License Server;Tally License Server (NT);C:\Tally\tallylicserver.exe []
.
Contents of the 'Scheduled Tasks' folder
"2008-03-11 07:51:21 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-04-02 15:31:31
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????r?e??????????? ???B???????????????B? ??????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-04-02 15:32:03
ComboFix-quarantined-files.txt 2008-04-02 10:01:54
ComboFix2.txt 2008-03-30 10:03:11
Pre-Run: 12,008,058,880 bytes free
Post-Run: 11,997,245,440 bytes free
.
2008-03-15 13:12:53 --- E O F ---
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 7.0.9
Adobe Stock Photos 1.0
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
avast! Antivirus
AVG Anti-Spyware 7.5
Bonjour
Broadcom 802.11 Driver
Canon Camera Support Core Library
Canon Camera Window for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator 2.0
Canon MP150
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint
Canon Utilities PhotoStitch 3.1
Canon Utilities ZoomBrowser EX
ClinicGate Basic
Conexant AC-Link Audio
DIGM
Easy-WebPrint
FBrowsingAdvisor
Google Earth
HijackThis 2.0.2
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Intel® Extreme Graphics 2 Driver
InternetProgram
InterVideo WinDVD
iTunes
J2SE Runtime Environment 5.0 Update 3
Java 2 Runtime Environment, SE v1.4.2_03
Kaspersky Online Scanner
Lame ACM MP3 Codec
LimeWire 4.16.6
Macromedia Dreamweaver 8
Macromedia Extension Manager
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage
Mozilla Firefox (2.0.0.13)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
OmniPage SE 2.0
Picasa 2
Pinnacle Hollywood FX for Studio
Quick Launch Buttons 5.00 A5
QuickTime
REALTEK Gigabit and Fast Ethernet NIC Driver
RecordNow!
SamsungMediaStudio
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
SmartSound Quicktracks Plugin
SoftV92 Data Fax Modem with SmartCP
Sonic Update Manager
SpyCatcher Express 2007
Synaptics Pointing Device Driver
Teton Viewer
Textbook of Dermatology
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
XviD MPEG-4 Video Codec