Here is the combofix log...
ComboFix 08-05-09.1 - Admin 2008-05-11 11:51:31.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1095 [GMT -5:00]
Running from: C:\Users\Admin\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\ShoppingReport
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\ProgramData\HotbarSA
C:\ProgramData\HotbarSA\HotbarSA.dat
C:\ProgramData\HotbarSA\HotbarSAAbout.mht
C:\ProgramData\HotbarSA\HotbarSAEULA.mht
C:\Users\Admin\AppData\Roaming\Hotbar
C:\Users\Admin\AppData\Roaming\macromedia\Flash Player\#SharedObjects\KG2LRYBM\www.broadcaster.com
C:\Users\Admin\AppData\Roaming\macromedia\Flash Player\#SharedObjects\KG2LRYBM\www.broadcaster.com\played_list.sol
C:\Users\Admin\AppData\Roaming\macromedia\Flash Player\#SharedObjects\KG2LRYBM\www.broadcaster.com\video_queue.sol
C:\Users\Admin\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Users\Admin\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Users\Admin\AppData\Roaming\WeatherDPA
C:\Users\Admin\AppData\Roaming\WeatherDPA\Weather\WeatherStartup.xml
C:\Users\Admin\FAVORI~1\Online Security Test.url
C:\Users\Admin\Favorites\Online Security Test.url
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-04-11 to 2008-05-11 )))))))))))))))))))))))))))))))
.
2008-05-11 10:40 . 2008-05-11 10:40 <DIR> d-------- C:\_OTMoveIt
2008-05-10 11:30 . 2008-05-10 12:01 <DIR> d-------- C:\Users\All Users\Google
2008-05-10 11:29 . 2008-05-10 12:56 <DIR> d-------- C:\Users\All Users\Google Updater
2008-05-10 11:29 . 2008-05-10 12:56 <DIR> d-------- C:\ProgramData\Google Updater
2008-05-09 08:06 . 2008-05-09 08:06 1,048,576 --ahs---- C:\Users\Admin\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.2.regtrans-ms
2008-05-09 08:06 . 2008-05-09 08:06 1,048,576 --ahs---- C:\Users\Admin\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.1.regtrans-ms
2008-05-09 08:06 . 2008-05-09 08:06 1,048,576 --ahs---- C:\Users\Admin\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.0.regtrans-ms
2008-05-09 08:06 . 2008-05-09 08:06 65,536 --ahs---- C:\Users\Admin\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.blf
2008-04-28 23:00 . 2008-04-28 23:00 <DIR> d-------- C:\Program Files\Audacity
2008-04-19 17:07 . 2008-04-19 17:07 103,232 --a------ C:\Users\Admin\AppData\Roaming\GDIPFONTCACHEV1.DAT
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-10 17:54 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-10 17:50 --------- d-----w C:\Program Files\Google
2008-05-10 17:38 --------- d-----w C:\Users\Admin\AppData\Roaming\ComcastToolbar
2008-05-10 16:19 --------- d-----w C:\Program Files\Common Files\Blizzard Entertainment
2008-05-10 03:29 --------- d-----w C:\Users\Admin\AppData\Roaming\uTorrent
2008-05-10 02:43 --------- d-----w C:\Program Files\World of Warcraft
2008-04-22 03:16 --------- d-----w C:\Program Files\McAfee
2008-04-09 08:12 --------- d-----w C:\Program Files\Windows Mail
2008-04-06 03:11 --------- d-----w C:\Program Files\Phun
2008-03-26 13:35 --------- d-----w C:\ProgramData\Microsoft Help
2008-03-26 02:15 4,137,312 ----a-w C:\Windows\system32\drivers\RTKVAC.SYS
2008-03-26 01:35 --------- d-----w C:\Users\Admin\AppData\Roaming\yahoo!
2008-03-26 01:35 --------- d-----w C:\ProgramData\Yahoo! Companion
2008-03-25 23:52 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-03-01 00:28 262,144 ----a-w C:\ProgramData\ntuser.dat
2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll
2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe
2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe
2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-27 19:29 691,200 ----a-w C:\Windows\System32\RtkPgExt.dll
2008-02-22 00:45 2,159,104 ----a-w C:\Windows\System32\RtkAPO.dll
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-19 05:10 620,088 ----a-w C:\Windows\System32\ci.dll
2008-02-14 23:19 944,184 ----a-w C:\Windows\System32\winload.exe
2008-02-13 09:20 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 09:10 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 09:10 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 09:10 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 09:10 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 09:10 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 09:09 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 09:09 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 09:09 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 09:09 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-13 09:09 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 09:09 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 09:09 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2007-09-05 05:01 174 --sha-w C:\Program Files\desktop.ini
2007-03-03 00:35 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-03-03 00:35 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-03-03 00:35 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2007-12-03 06:22 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012007120320071204\index.dat
.
------- Sigcheck -------
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 04:02 1232896]
"Steam"="" []
"Aim6"="" []
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 07:35 125440]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-07-16 15:17 4670704]
"b84f2466"="C:\Users\Admin\AppData\Local\Temp\qperxaai.dll" [2008-05-11 10:46 91712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-04-11 20:31 1006264]
"MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe" [2007-01-17 18:30 152144]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-02-13 13:29 35328]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 08:23 132624]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 14:11 267048]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-12-11 11:56 286720]
"SoundMan"="SOUNDMAN.EXE" [2007-03-09 16:28 598016 C:\Windows\SOUNDMAN.EXE]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-05-10 11:29:53 124400]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-05-13 02:07:27 67128]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2008-02-05 15:29:20 54512]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 16:51 192512]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ZDSV"= scrvid.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B2835840-8130-41F9-B44D-F965A081C4F3}"= UDP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{DC467060-1D51-44DA-8488-730BD72C6A15}"= TCP:C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{CB542D07-6F27-4862-B90E-D6DD8C80ED78}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{D18B17ED-A527-4545-9086-A6FF3AE8927F}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{4DEB7B99-D661-4A67-82C0-068A4881B9AE}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{468F6D1B-791E-40D7-AB1E-690E9DCDE566}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{A565C1FA-1F6E-4522-9075-C7D06AFF72F2}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player
"{9B78049C-517F-499F-80CB-603F7970F453}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player
"{56363470-ED9A-4156-B25B-08A0121C8254}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{B19C85AE-BDD9-4262-BD86-C98AA5A2271B}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{06EE6B72-0BE5-4853-B1C3-30EE0A0CBEC1}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{9D222F48-6499-4882-A361-8D404476412A}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{4BFB3269-0B2C-402D-9ACA-993D59957CCD}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{B6E16510-25C4-4B7E-AEBD-9DE6BA4A451C}C:\\program files\\playonline\\squareenix\\playonlineviewer\\pol.exe"= UDP:C:\program files\playonline\squareenix\playonlineviewer\pol.exe:PlayOnline Viewer
"UDP Query User{FC15E4A6-12D5-4D86-8025-0BB14CDB0070}C:\\program files\\playonline\\squareenix\\playonlineviewer\\pol.exe"= TCP:C:\program files\playonline\squareenix\playonlineviewer\pol.exe:PlayOnline Viewer
"TCP Query User{209AAE50-D18A-4D76-BECD-7B7B4153C4E6}C:\\program files\\activision\\tony hawk's underground\\game\\thugonline.exe"= UDP:C:\program files\activision\tony hawk's underground\game\thugonline.exe:THUGonline
"UDP Query User{F2A87F51-FCAD-49B5-BF3B-A237705FB668}C:\\program files\\activision\\tony hawk's underground\\game\\thugonline.exe"= TCP:C:\program files\activision\tony hawk's underground\game\thugonline.exe:THUGonline
"TCP Query User{028C4CE2-30EA-4BE3-A893-15B331B1FD7E}C:\\program files\\playonline\\squareenix\\playonlineviewer\\polcfg\\polcfg.exe"= UDP:C:\program files\playonline\squareenix\playonlineviewer\polcfg\polcfg.exe:PlayOnline Viewer Config
"UDP Query User{73D8BA13-4787-4A67-8A05-D81998D360DA}C:\\program files\\playonline\\squareenix\\playonlineviewer\\polcfg\\polcfg.exe"= TCP:C:\program files\playonline\squareenix\playonlineviewer\polcfg\polcfg.exe:PlayOnline Viewer Config
"TCP Query User{C04D779C-8E28-4F7E-BF22-C5F8BFA76B3A}C:\\program files\\stepmania cvs\\program\\stepmania.exe"= UDP:C:\program files\stepmania cvs\program\stepmania.exe:StepMania
"UDP Query User{92DBADE7-C0EF-450C-BC4F-015D7DA0F76D}C:\\program files\\stepmania cvs\\program\\stepmania.exe"= TCP:C:\program files\stepmania cvs\program\stepmania.exe:StepMania
"TCP Query User{17A380D8-4D32-4C90-B84E-4AAE109E015F}C:\\users\\admin\\documents\\aimlogger\\o8mj8o\\t2\\game\\thug2.exe"= UDP:C:\users\admin\documents\aimlogger\o8mj8o\t2\game\thug2.exe:thug2.exe
"UDP Query User{08790C47-9C32-4AA2-9536-6D886CFFBDBD}C:\\users\\admin\\documents\\aimlogger\\o8mj8o\\t2\\game\\thug2.exe"= TCP:C:\users\admin\documents\aimlogger\o8mj8o\t2\game\thug2.exe:thug2.exe
"TCP Query User{5309CB43-F2B4-4F51-BCA8-B362EEC43450}C:\\program files\\steam\\steamapps\\mvsj500\\counter-strike\\hl.exe"= UDP:C:\program files\steam\steamapps\mvsj500\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{5B3B07EA-EB37-45BF-8485-FE59E3037E24}C:\\program files\\steam\\steamapps\\mvsj500\\counter-strike\\hl.exe"= TCP:C:\program files\steam\steamapps\mvsj500\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{C33C9DF3-1575-477A-90FF-CAF5A7809070}C:\\games\\thps_4\\game\\skate4.exe"= UDP:C:\games\thps_4\game\skate4.exe:Skate4
"UDP Query User{08FF353F-FD82-4E09-9494-8A3C37248F36}C:\\games\\thps_4\\game\\skate4.exe"= TCP:C:\games\thps_4\game\skate4.exe:Skate4
"TCP Query User{A46E97F3-F7BB-4484-9766-CE3BB8EF2371}C:\\program files\\activision\\tony hawk's underground\\game\\thug.exe"= UDP:C:\program files\activision\tony hawk's underground\game\thug.exe:THUG
"UDP Query User{B9A7E4F5-5465-4ACC-BEC5-1640A355304F}C:\\program files\\activision\\tony hawk's underground\\game\\thug.exe"= TCP:C:\program files\activision\tony hawk's underground\game\thug.exe:THUG
"TCP Query User{B3C03B19-7333-40DB-A354-9AD45A186F38}C:\\program files\\last.fm\\lastfm.exe"= UDP:C:\program files\last.fm\lastfm.exe:LastFM
"UDP Query User{570AC641-017E-4CFE-AAB6-73C2EAD062EB}C:\\program files\\last.fm\\lastfm.exe"= TCP:C:\program files\last.fm\lastfm.exe:LastFM
"{F1E11C52-5D79-412B-BC73-BAA6E10C6E55}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{E6DEFC84-F894-42B3-BE74-7E2CA9628055}C:\\users\\admin\\documents\\thug2[pc]\\tthug2\\game\\thug2.exe"= UDP:C:\users\admin\documents\thug2[pc]\tthug2\game\thug2.exe:thug2.exe
"UDP Query User{1E41220A-19A9-4ECA-B296-7FD054F04B25}C:\\users\\admin\\documents\\thug2[pc]\\tthug2\\game\\thug2.exe"= TCP:C:\users\admin\documents\thug2[pc]\tthug2\game\thug2.exe:thug2.exe
"TCP Query User{1CA4CB70-1ADA-4128-ADA8-25E082D41908}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{1F70DFA4-C517-4116-8959-8589E91EDECE}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{4F84B9AA-4CB9-4F15-B282-431B0CDF5B41}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{572499FC-E05F-4C23-9BA1-F93B206F0345}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"TCP Query User{8E73C734-3A42-478E-80CF-94A724209EF6}C:\\users\\admin\\documents\\aimlogger\\o8mj8o\\thpsstuff\\thug2[pc]\\tthug2\\game\\thug2.exe"= UDP:C:\users\admin\documents\aimlogger\o8mj8o\thpsstuff\thug2[pc]\tthug2\game\thug2.exe:thug2.exe
"UDP Query User{880DBEE6-9D04-469D-9035-5A7BC478B6AE}C:\\users\\admin\\documents\\aimlogger\\o8mj8o\\thpsstuff\\thug2[pc]\\tthug2\\game\\thug2.exe"= TCP:C:\users\admin\documents\aimlogger\o8mj8o\thpsstuff\thug2[pc]\tthug2\game\thug2.exe:thug2.exe
"{2DC1B8CF-43AD-409B-8501-8A6473D131AC}"= UDP:C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:SmartFTP Client
"{BEA67264-A2B3-49CA-B098-16D668110307}"= TCP:C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:SmartFTP Client
"{37CFF4EE-A5FA-4573-BBB0-E5458CE447D0}"= UDP:C:\Program Files\Orb Networks\Orb\bin\Orb.exe:Orb
"{92EAA088-797F-4300-9787-939531FD1773}"= TCP:C:\Program Files\Orb Networks\Orb\bin\Orb.exe:Orb
"{7B3A430D-AA0F-4824-B993-70E6658D1986}"= UDP:C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{3A4208BF-69B5-437B-9C93-D09C5810375C}"= TCP:C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{83CF991B-AFE4-4FE8-944E-6D010468FA57}"= UDP:C:\Program Files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{2BE5B256-1F61-4C85-A83D-6C0A4842D489}"= TCP:C:\Program Files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{5DB170F9-A506-4E03-8B8E-3DA07D8D0FED}"= UDP:C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{BEB2E32E-73AB-4B5E-9B23-19BAA0E39C78}"= TCP:C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{B0797593-1ADD-4F40-A549-8C91F0E6B892}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{2DAB1187-FD75-4798-AEC2-C4A272094326}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{A20F6D55-56EC-4566-B22B-E16E493ECBAC}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{C40B2E47-9FAE-44EF-84AE-42C664E5E698}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"TCP Query User{9908F786-D45B-4934-A7A7-77C410328364}C:\\users\\admin\\documents\\aimlogger\\o8mj8o\\thpsstuff\\thug2[pc]\\tony hawk's underground 2\\game\\chad-thug2.exe"= UDP:C:\users\admin\documents\aimlogger\o8mj8o\thpsstuff\thug2[pc]\tony hawk's underground 2\game\chad-thug2.exe:chad-thug2.exe
"UDP Query User{C4E8F073-A501-4994-BB7A-EEC40660538D}C:\\users\\admin\\documents\\aimlogger\\o8mj8o\\thpsstuff\\thug2[pc]\\tony hawk's underground 2\\game\\chad-thug2.exe"= TCP:C:\users\admin\documents\aimlogger\o8mj8o\thpsstuff\thug2[pc]\tony hawk's underground 2\game\chad-thug2.exe:chad-thug2.exe
"TCP Query User{3143C734-A08B-45F7-B223-9F6B52EFF570}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{395C1284-9294-4A2C-8352-03F7E7A16632}C:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:C:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"{0A13CDA7-1C04-4C75-AAAF-DBCBD5A3F277}"= UDP:C:\Program Files\TVersity\Media Server\MediaServer.exe:MediaServer
"{A4168F9D-2730-4B5A-9020-594C6FF19E76}"= TCP:C:\Program Files\TVersity\Media Server\MediaServer.exe:MediaServer
"{80BF4CB5-F819-4F2A-82A0-F11795C57662}"= UDP:C:\Program Files\AIM6\aim6.exe:AIM
"{7D20A9EB-AC79-4434-815B-9B98FA333F58}"= TCP:C:\Program Files\AIM6\aim6.exe:AIM
"{AD62049D-5784-4962-8011-DF51D80CDA55}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{D8E72DC2-5140-4CB8-8FBC-563114F712C4}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{901F4846-8324-4ACC-B249-018C9575A5C7}C:\\program files\\world of warcraft\\wow-1.12.0-enus-downloader.exe"= UDP:C:\program files\world of warcraft\wow-1.12.0-enus-downloader.exe:Blizzard Downloader
"UDP Query User{934A2D6E-0F09-49E5-B041-A4F2A77CA2CC}C:\\program files\\world of warcraft\\wow-1.12.0-enus-downloader.exe"= TCP:C:\program files\world of warcraft\wow-1.12.0-enus-downloader.exe:Blizzard Downloader
"{D99DD46D-22BC-43FA-ABFA-CDADE6801853}"= UDP:C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox
"{DDB6C11A-AE16-4B14-9864-C86D42489C06}"= TCP:C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox
"TCP Query User{8D021FC4-FC50-41A2-8FA0-7637AAE31094}C:\\program files\\signal\\signal.exe"= UDP:C:\program files\signal\signal.exe:Signal
"UDP Query User{9414E88C-38A5-4B4D-913A-F6F3D02F2303}C:\\program files\\signal\\signal.exe"= TCP:C:\program files\signal\signal.exe:Signal
"TCP Query User{4665BCE8-7975-4676-BD06-5EC730991B2F}C:\\program files\\quicktime\\quicktimeplayer.exe"= UDP:C:\program files\quicktime\quicktimeplayer.exe:QuickTime Player
"UDP Query User{F9951645-5690-4400-8895-12388A868AC1}C:\\program files\\quicktime\\quicktimeplayer.exe"= TCP:C:\program files\quicktime\quicktimeplayer.exe:QuickTime Player
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"C:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe"= C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0
"C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"= C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox
R1 sdpiosys;sdpiosys;C:\Windows\system32\drivers\sdpiosys.sys [2004-11-30 13:10]
R2 gearsec;gearsec;C:\Windows\system32\gearsec.exe [2005-11-30 12:43]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ []
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 16:38]
R3 usbprint;Microsoft USB PRINTER Class;C:\Windows\system32\DRIVERS\usbprint.sys [2006-11-02 04:14]
S3 SQLWriter;SQL Server VSS Writer;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2006-04-14 10:04]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-01-05 18:28]
S3 VST_DPV;VST_DPV;C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 02:41]
S3 VSTHWBS2;VSTHWBS2;C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 02:41]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{918c2692-cf21-11db-8d78-00155834681d}]
\shell\AutoRun\command - J:\Setup\rsrc\Autorun.exe
\shell\dinstall\command - J:\Directx\dxsetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98f7b042-000a-11dc-a372-00155834681d}]
\shell\AutoRun\command - K:\Setup\rsrc\Autorun.exe
\shell\dinstall\command - K:\Directx\dxsetup.exe
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-04-15 13:55:25 C:\Windows\Tasks\McDefragTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe'
"2008-05-01 06:00:09 C:\Windows\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
"2008-05-11 15:21:25 C:\Windows\Tasks\User_Feed_Synchronization-{C57F1896-B23C-4243-AE92-8E847C782340}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-05-11 11:56:22
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2008-05-11 11:59:10
ComboFix-quarantined-files.txt 2008-05-11 16:58:06
Pre-Run: 118,364,598,272 bytes free
Post-Run: 118,482,214,912 bytes free
258 --- E O F --- 2008-05-09 00:19:47
Here is the Hijackthis log....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:31 PM, on 5/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\MTV Networks\URGE\UrgeMS.exe
c:\program files\mcafee\msc\mcuimgr.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\explorer.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.comR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: *.beatport.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplane...C_2.3.2.100.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace....ploader1005.cabO16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -
http://upload.facebo...toUploader3.cabO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
http://javadl-esd.su...ows-i586-jc.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://messenger.zon...ro.cab56649.cabO16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) -
http://a.download.to...31.3/ttinst.cabO16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) -
http://www.instantac...ad/iaplayer.cabO18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: gearsec - GEAR Software - C:\Windows\system32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TVersityMediaServer - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 10883 bytes
Is it any better? It looks like there are no pop-ups so far..
Edited by Emjayy, 11 May 2008 - 11:18 AM.