Google redirect

I am having a problem with Google redirects. Almost everytime I do a google search, when I click on a search result, I get redirected to another site. There are numerous different sites that pop up, it is different every time. Each time I have to click the result and click the back button, click the result again, back button again, and the third time the correct site will come up. I'm sure this must be some type of spyware. I have ran adaware, spybot and spycatcher with no success. I have followed some advice given to others on this board, with no success. Please help!
The next post is my HiJackThis log

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:57:43, on 9/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -

{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common

Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper -

{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live

Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -

C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI

Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program

Files\ATI\ATICustomerCare\ATICustomerCare.exe "
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program

Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe"

/background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US

ee://aol/imApp
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe

-silent
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program

Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN

Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN

Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program

Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -

http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) -

C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program

Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program

Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner -

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -

C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel

32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service

(LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common

Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero

BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common

Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) -

CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 6165 bytes

 

Welcome to WindowsBBS xlent00

• Download RSIT by random/random and save it to your desktop.
• Double click RSIT.exe to start the tool.
• At the disclaimer, please use the drop down box to select 3 months for the file/folder search, then click Continue.
• When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
• Please post the contents of log.txt here in your next reply.

 

Here ya go, gotta post it in 3 parts

Part 1

Logfile of random's system information tool 1.02 (written by random/random)
Run by TdizzlE at 2008-09-24 23:23:02
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 21 GB (28%) free of 76 GB
Total RAM: 1535 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:23:03, on 9/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\TdizzlE\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\TdizzlE.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 5463 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll [2006-11-09 440056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcxMonitor "=C:\WINDOWS\ALCXMNTR.EXE [2004-09-07 57344]
"SoundMan "=C:\WINDOWS\SOUNDMAN.EXE [2006-06-21 577536]
"LVCOMSX "=C:\WINDOWS\system32\LVCOMSX.EXE [2004-10-08 221184]
"StartCCC "=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"TkBellExe "=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-08-13 185632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6 "=C:\Program Files\AIM6\aim6.exe [2006-11-07 50736]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]
"Yahoo! Pager "=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-27 4670704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
C:\Program Files\AIM6\aim6.exe [2006-11-07 50736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiSpyGolden 4.8]
C:\Program Files\AntiSpyGolden 4.8\AntiSpyGolden 4.8.exe /h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiVermeans]
C:\Program Files\AntiVermeans\AntiVermeans.exe /h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-04-03 165784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ddxgb]
C:\Program Files\ddxgb.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe [2008-06-13 2752512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-01-18 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
C:\Program Files\Logitech\Video\ISStart.exe [2005-01-18 458752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe [2005-01-18 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lphcvccj0el7n]
C:\WINDOWS\system32\lphcvccj0el7n.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
C:\Program Files\MySpace\IM\MySpaceIM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe [2007-04-05 684118]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
Rundll32 P17.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2007-06-29 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeekmoOE]
C:\Program Files\Seekmo\bin\10.0.341.0\OEAddOn.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeekmoSA]
C:\Program Files\Seekmo\bin\10.0.370.0\SeekmoSA.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMrhcrccj0el7n]
C:\Program Files\rhcrccj0el7n\rhcrccj0el7n.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2007-08-31 1460560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe [2006-11-09 49263]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-03 1576176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-08-13 185632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
C:\Program Files\Save\Save.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-27 4670704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2007-10-28 450560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TdizzlE^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
C:\PROGRA~1\LimeWire\LimeWire.exe [2008-06-05 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TdizzlE^Start Menu^Programs^Startup^VirtuaGirl HD.LNK]
C:\Program Files\vghd\vghd.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-08-20 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TDSSserv.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDSSserv.sys]

 

Part 2

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispScrSavPage "=0
"DisableTaskMgr "=0
"DisableCMD "=0
"NoDispCPL "=0
"NoDispAppearancePage "=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Azureus\Azureus.exe "= "C:\Program Files\Azureus\Azureus.exe:*isabled:Azureus "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\World of Warcraft\WoW-1.12.0-enUS-downloader.exe "= "C:\Program Files\World of Warcraft\WoW-1.12.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader "
"C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe "= "C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-enUS-patch-downloader.exe:*:Enabled:Blizzard Downloader "
"C:\Program Files\World of Warcraft\WoW-2.0.3-enUS-downloader.exe "= "C:\Program Files\World of Warcraft\WoW-2.0.3-enUS-downloader.exe:*:Enabled:Blizzard Downloader "
"C:\ijji\ENGLISH\Golf\DangGol.exe "= "C:\ijji\ENGLISH\Golf\DangGol.exe:*:EnabledangGol "
"C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.6.6337-enUS-downloader.exe "= "C:\Program Files\World of Warcraft\WoW-2.0.3.6299-to-2.0.6.6337-enUS-downloader.exe:*:Enabled:Blizzard Downloader "
"C:\Program Files\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe "= "C:\Program Files\World of Warcraft\WoW-2.0.6.6337-to-2.0.7.6383-enUS-downloader.exe:*:Enabled:Blizzard Downloader "
"C:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe "= "C:\Program Files\World of Warcraft\WoW-2.0.7.6383-to-2.0.8.6403-enUS-downloader.exe:*:Enabled:Blizzard Downloader "
"C:\Program Files\Common Files\AOL\Loader\aolload.exe "= "C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader "
"C:\StubInstaller.exe "= "C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer "
"C:\Program Files\LimeWire\LimeWire.exe "= "C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe "= "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger "
"C:\Program Files\Yahoo!\Messenger\YServer.exe "= "C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server "
"C:\Program Files\Messenger\msmsgs.exe "= "C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger "
"C:\Program Files\MSN Messenger\msnmsgr.exe "= "C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 "
"C:\Program Files\MSN Messenger\livecall.exe "= "C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "
"C:\Documents and Settings\TdizzlE\Local Settings\Temp\.ttD.tmp "= "C:\Documents and Settings\TdizzlE\Local Settings\Temp\.ttD.tmp:*:Enabled:enable "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\MSN Messenger\msnmsgr.exe "= "C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 "
"C:\Program Files\MSN Messenger\livecall.exe "= "C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "

======List of files/folders created in the last 3 months======

2008-09-24 23:20:38 ----D---- C:\rsit
2008-09-24 12:12:49 ----D---- C:\Documents and Settings\TdizzlE\Application Data\ATI
2008-09-24 12:12:49 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2008-09-24 12:03:05 ----D---- C:\WINDOWS\system32\XPSViewer
2008-09-24 12:03:00 ----D---- C:\Program Files\MSBuild
2008-09-24 12:02:50 ----D---- C:\Program Files\Reference Assemblies
2008-09-24 12:02:28 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2008-09-24 12:02:28 ----N---- C:\WINDOWS\system32\prntvpt.dll
2008-09-24 12:02:27 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2008-09-24 12:02:27 ----D---- C:\8baf6aa800e630b0e9dc2313
2008-09-24 12:00:14 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-09-24 12:00:08 ----D---- C:\Program Files\MSXML 6.0
2008-09-24 10:41:24 ----D---- C:\Documents and Settings\TdizzlE\Application Data\Malwarebytes
2008-09-24 10:41:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-24 10:41:20 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-23 17:16:00 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-09-23 17:15:55 ----D---- C:\Program Files\SUPERAntiSpyware
2008-09-23 17:15:55 ----D---- C:\Documents and Settings\TdizzlE\Application Data\SUPERAntiSpyware.com
2008-09-23 16:22:50 ----D---- C:\Program Files\Enigma Software Group
2008-09-23 16:14:35 ----A---- C:\WINDOWS\QH32.INI
2008-09-23 15:52:33 ----D---- C:\Program Files\ATI
2008-09-23 15:17:01 ----A---- C:\WINDOWS\system32\SETA.tmp
2008-09-23 15:17:01 ----A---- C:\WINDOWS\system32\SET7.tmp
2008-09-23 14:32:30 ----A---- C:\WINDOWS\wwwbatch.ini
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\swxcacls.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\swsc.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\swreg.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\Process.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-23 14:22:19 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-09-18 14:13:12 ----D---- C:\ProgramData
2008-09-18 13:52:02 ----D---- C:\Program Files\Electronic Arts
2008-09-18 13:51:53 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-09-18 13:51:53 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-09-18 13:51:52 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-09-18 13:51:52 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-09-18 13:51:51 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-09-18 13:51:51 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-09-18 13:51:51 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-09-18 13:51:50 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-09-18 13:51:50 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-09-18 13:51:49 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-09-18 13:51:49 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-09-18 13:51:49 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-09-18 13:51:48 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-09-18 13:51:48 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-09-18 13:51:47 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-09-18 13:51:47 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-09-18 13:51:47 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-09-18 13:51:46 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-09-18 13:51:46 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-09-18 13:51:45 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-09-18 13:51:45 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-09-18 13:51:45 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-09-18 13:51:45 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-09-18 13:51:44 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-09-18 13:51:44 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-09-18 13:51:44 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-09-18 13:51:41 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-09-18 13:51:38 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-09-18 13:51:38 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-09-18 13:51:34 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-09-18 13:51:06 ----D---- C:\WINDOWS\Logs
2008-09-10 14:48:21 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-08-22 19:53:24 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-08-20 21:19:26 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2008-08-20 20:23:32 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2008-08-20 20:18:16 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2008-08-20 20:17:29 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2008-08-17 14:40:58 ----A---- C:\WINDOWS\system32\ptpusb.dll
2008-08-17 14:40:56 ----A---- C:\WINDOWS\system32\ptpusd.dll
2008-08-13 03:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-12 17:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-12 17:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-12 17:53:21 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-12 17:53:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-12 17:53:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-12 17:52:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-11 03:13:56 ----D---- C:\Program Files\Microsoft Silverlight
2008-08-10 04:40:15 ----D---- C:\Program Files\ASIO4ALL v2
2008-08-10 04:40:08 ----D---- C:\Program Files\VstPlugins
2008-08-10 04:40:08 ----A---- C:\WINDOWS\system32\rewire.dll
2008-08-10 04:39:05 ----D---- C:\Program Files\Outsim
2008-08-10 04:36:55 ----D---- C:\Program Files\Image-Line
2008-08-05 16:14:13 ----A---- C:\WINDOWS\system32\ATIBRTMON.EXE
2008-08-05 02:44:16 ----D---- C:\WINDOWS\Applian FLV Player
2008-08-05 02:44:16 ----D---- C:\Program Files\FLV Player
2008-08-05 02:44:12 ----A---- C:\WINDOWS\Applian FLV Player Setup Log.txt
2008-07-29 21:10:04 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2008-07-29 21:10:04 ----A---- C:\WINDOWS\system32\evr.dll
2008-07-29 21:10:04 ----A---- C:\WINDOWS\system32\dxva2.dll
2008-07-29 20:35:46 ----A---- C:\WINDOWS\system32\PresentationHost.exe
2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\PresentationHostProxy.dll
2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2008-07-29 19:24:50 ----A---- C:\WINDOWS\system32\infocardapi.dll
2008-07-29 19:24:50 ----A---- C:\WINDOWS\system32\icardres.dll
2008-07-29 19:24:50 ----A---- C:\WINDOWS\system32\icardagt.exe
2008-07-29 05:49:58 ----A---- C:\WINDOWS\system32\icardres.dll.mui
2008-07-25 11:17:02 ----A---- C:\WINDOWS\system32\netfxperf.dll
2008-07-25 11:16:58 ----A---- C:\WINDOWS\system32\mscories.dll
2008-07-25 11:16:58 ----A---- C:\WINDOWS\system32\mscorier.dll
2008-07-25 11:16:58 ----A---- C:\WINDOWS\system32\mscoree.dll
2008-07-25 11:16:46 ----A---- C:\WINDOWS\system32\dfshim.dll
2008-07-10 03:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-07-05 00:47:33 ----RHD---- C:\Documents and Settings\TdizzlE\Application Data\SecuROM
2008-07-05 00:47:33 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-07-05 00:46:55 ----AC---- C:\WINDOWS\system32\SHW32.DLL
2008-07-05 00:46:55 ----A---- C:\WINDOWS\system32\vp6vfw.dll
2008-07-05 00:25:08 ----AC---- C:\WINDOWS\system32\xactengine2_6.dll
2008-07-05 00:25:08 ----AC---- C:\WINDOWS\system32\xactengine2_5.dll
2008-07-05 00:25:07 ----AC---- C:\WINDOWS\system32\xactengine2_4.dll
2008-07-05 00:25:07 ----AC---- C:\WINDOWS\system32\d3dx9_32.dll
2008-07-05 00:25:07 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-07-05 00:25:07 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-07-05 00:25:06 ----AC---- C:\WINDOWS\system32\xinput1_2.dll
2008-07-05 00:25:06 ----AC---- C:\WINDOWS\system32\xinput1_1.dll
2008-07-05 00:25:06 ----AC---- C:\WINDOWS\system32\xactengine2_3.dll
2008-07-05 00:25:06 ----AC---- C:\WINDOWS\system32\xactengine2_2.dll
2008-07-05 00:25:06 ----AC---- C:\WINDOWS\system32\d3dx9_31.dll
2008-07-05 00:25:05 ----AC---- C:\WINDOWS\system32\xactengine2_1.dll
2008-07-05 00:25:04 ----AC---- C:\WINDOWS\system32\xactengine2_0.dll
2008-07-05 00:25:04 ----AC---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-07-05 00:25:04 ----AC---- C:\WINDOWS\system32\d3dx9_29.dll
2008-07-05 00:25:03 ----AC---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-07-05 00:25:03 ----AC---- C:\WINDOWS\system32\d3dx9_27.dll
2008-07-05 00:25:03 ----AC---- C:\WINDOWS\system32\d3dx9_26.dll
2008-07-05 00:25:03 ----AC---- C:\WINDOWS\system32\d3dx9_25.dll
2008-07-05 00:24:59 ----AC---- C:\WINDOWS\system32\d3dx9_24.dll
2008-07-03 13:06:58 ----D---- C:\Program Files\2Wire

======List of files/folders modified in the last 3 months======

2008-09-24 23:20:54 ----D---- C:\WINDOWS\Prefetch
2008-09-24 23:10:28 ----D---- C:\WINDOWS\Temp
2008-09-24 21:00:04 ----D---- C:\WINDOWS\system32\CatRoot2
2008-09-24 20:54:15 ----SHD---- C:\System Volume Information
2008-09-24 20:54:15 ----D---- C:\WINDOWS\system32\Restore
2008-09-24 20:08:32 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-24 19:59:22 ----D---- C:\Documents and Settings\TdizzlE\Application Data\Real
2008-09-24 19:27:19 ----D---- C:\Program Files\World of Warcraft
2008-09-24 17:24:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-09-24 12:20:21 ----RSD---- C:\WINDOWS\assembly
2008-09-24 12:20:21 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-24 12:12:58 ----D---- C:\WINDOWS\system32\config
2008-09-24 12:09:06 ----SH---- C:\boot.ini
2008-09-24 12:09:06 ----A---- C:\WINDOWS\win.ini
2008-09-24 12:09:06 ----A---- C:\WINDOWS\system.ini
2008-09-24 12:08:31 ----SHD---- C:\WINDOWS\Installer
2008-09-24 12:07:38 ----D---- C:\WINDOWS
2008-09-24 12:03:54 ----D---- C:\WINDOWS\WinSxS
2008-09-24 12:03:37 ----D---- C:\WINDOWS\system32
2008-09-24 12:03:37 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-09-24 12:03:00 ----RD---- C:\Program Files
2008-09-24 12:02:56 ----RSD---- C:\WINDOWS\Fonts
2008-09-24 12:02:39 ----HD---- C:\WINDOWS\inf
2008-09-24 12:02:37 ----D---- C:\WINDOWS\system32\spool
2008-09-24 12:02:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-09-24 12:00:58 ----D---- C:\Program Files\Internet Explorer
2008-09-24 11:46:54 ----D---- C:\Program Files\Mozilla Firefox
2008-09-24 11:33:18 ----D---- C:\WINDOWS\system32\drivers
2008-09-24 00:43:00 ----D---- C:\WINDOWS\network diagnostic
2008-09-23 17:15:42 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-23 15:52:11 ----D---- C:\Program Files\ATI Technologies
2008-09-23 15:51:30 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-23 14:39:30 ----D---- C:\WINDOWS\pss
2008-09-23 14:29:57 ----A---- C:\rapport.txt
2008-09-23 14:29:12 ----A---- C:\WINDOWS\system32\tmp.txt
2008-09-23 14:12:47 ----AC---- C:\WINDOWS\ntbtlog.txt
2008-09-18 18:29:09 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-18 13:51:54 ----D---- C:\WINDOWS\system32\DirectX
2008-09-10 14:49:20 ----D---- C:\Program Files\Opera
2008-09-10 14:48:26 ----A---- C:\WINDOWS\imsins.BAK
2008-09-10 14:47:32 ----HD---- C:\WINDOWS\$hf_mig$
2008-09-02 12:22:23 ----HD---- C:\Documents and Settings\TdizzlE\Application Data\ijjigame
2008-09-01 14:11:59 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-08-22 20:18:50 ----D---- C:\WINDOWS\system32\CatRoot
2008-08-22 19:53:24 ----D---- C:\WINDOWS\Debug
2008-08-20 21:18:07 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-08-20 21:08:14 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2008-08-20 21:08:02 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2008-08-20 21:07:54 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2008-08-20 21:07:45 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2008-08-20 21:07:28 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2008-08-20 21:05:57 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2008-08-20 21:05:00 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2008-08-20 21:04:38 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2008-08-20 21:01:09 ----A---- C:\WINDOWS\system32\atioglxx.dll
2008-08-20 20:55:23 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-08-20 20:50:05 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2008-08-20 20:38:24 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-08-20 20:19:36 ----A---- C:\WINDOWS\system32\atikvmag.dll
2008-08-20 20:18:06 ----A---- C:\WINDOWS\system32\atitvo32.dll
2008-08-20 20:11:43 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-08-12 17:53:31 ----D---- C:\Program Files\Messenger
2008-08-07 17:19:33 ----D---- C:\WINDOWS\Help
2008-07-18 22:10:48 ----A---- C:\WINDOWS\system32\cdm.dll
2008-07-18 22:10:42 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-07-18 22:10:40 ----A---- C:\WINDOWS\system32\wups2.dll
2008-07-18 22:10:24 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-07-18 22:10:20 ----A---- C:\WINDOWS\system32\wups.dll
2008-07-18 22:09:46 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-07-18 22:08:34 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-07-18 22:07:34 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-07-18 22:07:32 ----A---- C:\WINDOWS\system32\muweb.dll
2008-07-18 22:07:32 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-07-14 06:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-07-07 15:32:22 ----A---- C:\WINDOWS\system32\es.dll
2008-07-05 00:24:20 ----D---- C:\WINDOWS\system32\Macromed

 

Part 3

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 jbridgep;jbridgep; \??\C:\WINDOWS\System32\Drivers\jbridgep.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-06-27 3972672]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-08-20 3299840]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Creative SB Audigy LS; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-02-28 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-02-28 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2006-02-28 37376]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-02-28 60800]
S3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-03 105984]
S3 ATITUNEP;ATI WDM TV Tuner; C:\WINDOWS\system32\DRIVERS\atintuxx.sys [2004-08-03 78336]
S3 ativraxx;ATI WDM Rage Theater Audio; C:\WINDOWS\system32\DRIVERS\atinraxx.sys [2004-08-03 53760]
S3 ATIXSAudio;ATI WDM TV Audio Crossbar; C:\WINDOWS\system32\DRIVERS\atinxsxx.sys [2004-08-03 64512]
S3 atuwk590;atuwk590; C:\WINDOWS\system32\drivers\atuwk590.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-03 13824]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-02-28 61824]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2006-02-28 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 32512]
S3 PCDCODEC;ATI WDM Specialized PCD Codec; C:\WINDOWS\system32\DRIVERS\atinpdxx.sys [2004-08-03 13824]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-02-28 26496]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-02-28 20480]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-10-29 587096]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-08-20 573440]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-05-15 79400]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-08-20 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2005-08-02 86016]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2006-02-28 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

 

Please open MBAM and go to the logs section. Post the contents of any logs available.

Then, download ComboFix by sUBs from here, saving the file to your desktop.


Please disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.

• Close all open programs and windows
• Double click combofix.exe and follow the prompts.
• It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log in your next reply.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall