BleepingComputer.com: Winfix And Em.gad-network

Hi all.

In the last few days i have been apparantly infected with the above which is driving me mad

em.gad seems to be the worst but i am also get the winfix installer regualarly also.

I have run all the suggested programmes, each saying i am clean but alass not....

I am on Xp home,IE7 and use NOD32.....

I have ran combofix and the following is the result....

Any help would be greatly appreciated...

user - 06-11-05 8:27:25.07 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\user\Desktop"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\scvhost.exe


((((((((((((((((((((((((((((((( Files Created from 2006-10-05 to 2006-11-05 ))))))))))))))))))))))))))))))))))


2006-11-04 09:22 502,368 --a------ C:\WINDOWS\system32\drivers\amon.sys
2006-11-04 09:22 274,432 --a------ C:\WINDOWS\system32\imon.dll
2006-11-04 01:28 50,688 --a------ C:\WINDOWS\system32\wbhelp2.dll
2006-11-04 01:28 28,160 --a------ C:\WINDOWS\system32\anim.dll
2006-11-04 01:28 258,352 --a------ C:\WINDOWS\system32\unicows.dll
2006-10-29 22:59 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2006-10-29 15:13 145,408 --a------ C:\WINDOWS\CustoMess_Uninstall.exe
2006-10-17 13:33 6,049,280 --------- C:\WINDOWS\system32\ieframe.dll
2006-10-17 13:33 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-10-17 13:33 458,752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-10-17 13:33 180,736 --------- C:\WINDOWS\system32\ieui.dll
2006-10-17 13:05 206,336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:58 61,952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 12:58 12,288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 12:57 266,752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 12:27 380,928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-16 18:22 81,920 --a------ C:\WINDOWS\system32\W32N50.dll
2006-10-16 18:22 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll
2006-10-16 18:22 17,134 --a------ C:\WINDOWS\system32\PCANDIS5.sys
2006-10-14 12:18 2,180,096 --a------ C:\WINDOWS\system32\drivers\lvsvf2.sys
2006-10-14 12:13 53,248 -ra------ C:\WINDOWS\system32\InstMed.exe
2006-10-14 12:13 462,848 --a------ C:\WINDOWS\system32\LCamCpl.dll
2006-10-14 12:13 22,016 --a------ C:\WINDOWS\system32\drivers\LVUSBSta.sys
2006-10-14 12:13 215,552 --a------ C:\WINDOWS\system32\Lvkrn12n.dll
2006-10-14 12:13 211,712 --a------ C:\WINDOWS\system32\drivers\LV561AV.SYS
2006-10-14 12:13 204,800 --a------ C:\WINDOWS\system32\LVCodec2.dll
2006-10-14 12:13 106,496 --a------ C:\WINDOWS\system32\lvcoinst.dll
2006-10-14 12:12 90,112 --a------ C:\WINDOWS\system32\LQCUI2.dll
2006-10-14 12:12 856,064 --a------ C:\WINDOWS\system32\Ltwvc12n.dll
2006-10-14 12:12 78,336 --a------ C:\WINDOWS\system32\lffax12n.dll
2006-10-14 12:12 466,944 --a------ C:\WINDOWS\system32\QCUI2.dll
2006-10-14 12:12 406,016 --a------ C:\WINDOWS\system32\ltkrn12n.dll
2006-10-14 12:12 328,704 --a------ C:\WINDOWS\system32\LFCMP12n.DLL
2006-10-14 12:12 30,720 --a------ C:\WINDOWS\system32\lfbmp12n.dll
2006-10-14 12:12 259,072 --a------ C:\WINDOWS\system32\LTDIS12n.dll
2006-10-14 12:12 207,872 --a------ C:\WINDOWS\system32\ltefx12n.dll
2006-10-14 12:12 164,864 --a------ C:\WINDOWS\system32\ltimg12n.dll
2006-10-14 12:12 141,312 --a------ C:\WINDOWS\system32\lftif12n.dll
2006-10-14 12:12 131,072 --a------ C:\WINDOWS\system32\ltfil12n.DLL
2006-10-13 16:55 5,632 --a------ C:\WINDOWS\system32\drivers\fixustor.sys
2006-10-13 16:53 89,057 --a------ C:\WINDOWS\system32\tppun.exe
2006-10-13 16:53 43,269 --a------ C:\WINDOWS\system32\drivers\tpp725.sys
2006-10-13 16:53 35,541 --a------ C:\WINDOWS\system32\drivers\tpp200.sys
2006-10-13 16:53 33,669 --a------ C:\WINDOWS\system32\drivers\tpp300.sys
2006-10-13 16:53 212,992 --a------ C:\WINDOWS\tppnttry.exe
2006-10-13 16:53 17,077 --a------ C:\WINDOWS\system32\tppui32.dll
2006-10-13 16:53 118,784 --a------ C:\WINDOWS\tppaldr.exe
2006-10-13 05:02 372,736 --a------ C:\WINDOWS\system32\LVUI2RC.dll
2006-10-13 05:02 204,800 --a------ C:\WINDOWS\system32\LVUI2.dll
2006-10-12 16:26 144 ---hs---- C:\WINDOWS\WSYS049.SYS


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-05 08:27 276918 --a------ C:\Program Files\combofix.exe
2006-11-05 08:12 -------- d-------- C:\Documents and Settings\user\Application Data\uTorrent
2006-11-05 08:11 -------- d-------- C:\Program Files\Common Files
2006-11-05 08:09 -------- d-------- C:\Program Files\RegDoctor
2006-11-04 12:57 -------- d-------- C:\Program Files\ESET
2006-11-04 09:21 11336512 --a------ C:\Program Files\nentenst.exe
2006-11-04 01:43 1904544 --a------ C:\Program Files\XoftSpySE429_209.exe
2006-11-04 01:40 212849 --a------ C:\Program Files\hijackthis.zip
2006-11-04 01:33 -------- d-------- C:\Program Files\All in one Cleaner
2006-11-04 01:30 -------- d-------- C:\Documents and Settings\user\Application Data\LimeWire
2006-11-04 01:30 -------- d-------- C:\Documents and Settings\user\Application Data\Azureus
2006-11-04 01:22 -------- d-------- C:\Program Files\Adware Spyware Be Gone
2006-11-03 20:34 -------- d-------- C:\Program Files\LimeWire
2006-11-03 19:40 -------- d-------- C:\Program Files\STOPzilla!
2006-11-03 19:12 -------- d-------- C:\Program Files\MessengerSkinner
2006-11-03 19:07 -------- d-------- C:\Program Files\Common Files\iS3
2006-11-03 19:05 66984 --a------ C:\Program Files\STOPzilla_Setup.exe
2006-10-31 22:13 942093 --a------ C:\Program Files\messengerskinner.exe
2006-10-31 21:41 -------- d-------- C:\Documents and Settings\user\Application Data\MessengerSkinner
2006-10-31 02:07 -------- d-------- C:\Program Files\Internet Explorer
2006-10-30 17:31 -------- d-------- C:\Documents and Settings\user\Application Data\AdobeUM
2006-10-29 22:58 4583258 --a------ C:\Program Files\rwsb3000.exe
2006-10-29 21:46 1496208 --a------ C:\Program Files\ccsetup134.exe
2006-10-29 19:44 -------- d-------- C:\Documents and Settings\user\Application Data\Adobe
2006-10-29 19:38 -------- d-------- C:\Program Files\Paltalk Messenger
2006-10-29 19:28 20794 --a------ C:\Program Files\MsgrEx.zip
2006-10-29 19:28 -------- d-------- C:\Program Files\MsgrEx
2006-10-29 15:26 9261824 --a------ C:\Program Files\pal_install_qt_a105_r42158_p115.exe
2006-10-29 15:14 -------- d-------- C:\Program Files\customess1.0-rc2(www.mess.be)
2006-10-29 15:13 132847 --a------ C:\Program Files\customess1.0-rc2(www.mess.be).zip
2006-10-28 18:45 -------- d---s---- C:\Documents and Settings\user\Application Data\Microsoft
2006-10-22 09:16 -------- d-------- C:\Documents and Settings\user\Application Data\Registry Booster
2006-10-17 18:43 888832 --a------ C:\Program Files\tedv075.exe
2006-10-17 17:54 752340 --a------ C:\Program Files\TVTAD-2.00-w32install.exe
2006-10-17 13:33 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-10-17 13:33 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-10-17 13:33 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-10-17 13:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 13:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 13:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 13:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 13:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 13:01 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-10-17 13:01 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-10-17 13:01 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-10-17 13:01 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-10-17 13:01 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-10-17 13:01 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-10-17 13:00 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-10-17 13:00 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-10-17 13:00 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-10-17 12:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 12:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 12:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 12:23 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-10-16 19:41 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-16 19:41 -------- d-------- C:\Program Files\Thomson
2006-10-16 17:53 -------- d-------- C:\Program Files\Adobe
2006-10-15 15:51 5359064 --a------ C:\Program Files\RecoverMyFiles-Setup.exe
2006-10-14 12:35 -------- d-------- C:\Program Files\MSXML 4.0
2006-10-14 12:13 -------- d-------- C:\Program Files\Common Files\Logitech
2006-10-14 12:10 34556560 --a------ C:\Program Files\qc848enu.exe
2006-10-13 22:14 -------- d-------- C:\Program Files\Windows Desktop Search
2006-10-13 22:07 7177578 --a------ C:\Program Files\OOCleverCache6ProfessionalEnu.exe
2006-10-13 21:52 4276048 --a------ C:\Program Files\AWCSetup.exe
2006-10-13 21:52 -------- d-------- C:\Program Files\IObit
2006-10-13 21:45 -------- d-------- C:\Program Files\CachemanXP
2006-10-13 21:41 1313028 --a------ C:\Program Files\cmxp112.exe
2006-10-13 19:54 -------- d-------- C:\Documents and Settings\user\Application Data\Windows Live Safety Center
2006-10-13 18:25 -------- d-------- C:\Program Files\Windows Live Safety Center
2006-10-13 18:02 -------- d-------- C:\Program Files\Windows Live Toolbar
2006-10-13 18:02 -------- d-------- C:\Program Files\Windows Live Favorites
2006-10-13 17:58 1365280 --a------ C:\Program Files\WLToolbarSetup_en.exe
2006-10-13 17:33 -------- d-------- C:\Program Files\MSN Messenger
2006-10-13 17:32 16332072 --a------ C:\Program Files\Install_Messenger_nous.exe
2006-10-13 17:28 -------- d-------- C:\Program Files\Messenger Plus! Live
2006-10-13 16:54 58880 --a------ C:\Program Files\13280_02.exe
2006-10-13 16:51 1641472 --a------ C:\Program Files\13278_01.exe
2006-10-13 00:22 -------- d-------- C:\Program Files\Logitech
2006-10-06 18:15 1158670 --a------ C:\Program Files\sarsfx.exe
2006-10-02 20:00 -------- d-------- C:\Program Files\NewsLeecher
2006-10-02 19:55 4806034 --a------ C:\Program Files\nl_setup_beta.exe
2006-10-02 19:30 4037653 --a------ C:\Program Files\nl_setup.exe
2006-10-01 21:13 869110 --a------ C:\Program Files\frui.exe
2006-09-29 01:29 -------- d-------- C:\Documents and Settings\user\Application Data\Uniblue
2006-09-28 21:42 -------- d-------- C:\Program Files\Windows Media Player
2006-09-25 21:59 5037072 --a------ C:\Program Files\spybotsd14.exe
2006-09-25 21:44 1493848 --a------ C:\Program Files\ccsetup133.exe
2006-09-25 21:44 -------- d-------- C:\Program Files\Yahoo!
2006-09-24 18:55 -------- d-------- C:\Program Files\AutoIt3
2006-09-24 18:53 -------- d-------- C:\Program Files\PartyGaming
2006-09-24 13:24 -------- d-------- C:\Documents and Settings\user\Application Data\Palo Alto Software
2006-09-24 13:19 -------- d-------- C:\Program Files\Common Files\Intuit
2006-09-21 08:01 2229 --a------ C:\Program Files\sg_backup_2006-09-21-0901.spg
2006-09-21 08:01 2229 --a------ C:\Program Files\FirstBackup.spg
2006-09-21 08:00 610304 --a------ C:\Program Files\TCPOptimizer.exe
2006-09-20 22:41 34308 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-09-20 22:02 -------- d-------- C:\Program Files\utorrent
2006-09-20 22:00 228647 --a------ C:\Program Files\webui_v0.300_beta_1.zip
2006-09-20 21:53 891224 --a------ C:\Program Files\optimize-setup-0003.exe
2006-09-18 17:13 359808 --a------ C:\WINDOWS\system32\drivers\TCPIP.SYS
2006-09-18 17:11 39957 --a------ C:\Program Files\EvID4226Patch223d-en.zip
2006-09-18 17:11 -------- d-------- C:\Program Files\EvID4226Patch223d-en
2006-09-18 16:51 -------- d-------- C:\Program Files\Java
2006-09-18 16:48 -------- d-------- C:\Program Files\Common Files\Java
2006-09-17 17:44 103 --a------ C:\Program Files\AddInFeatureEnabled.reg
2006-09-17 17:16 -------- d-------- C:\Program Files\Common Files\Real
2006-09-17 16:22 -------- d-------- C:\Documents and Settings\user\Application Data\Pokerwize
2006-09-17 07:33 -------- d-------- C:\Program Files\WinAce
2006-09-17 07:27 3800811 --a------ C:\Program Files\wace265i.exe
2006-09-16 18:00 4270672 --a------ C:\Program Files\logitechvcinstall_enu.exe
2006-09-16 17:35 81920 -r------- C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2006-09-16 08:42 -------- d-------- C:\Program Files\Messenger
2006-09-16 07:45 -------- d-------- C:\Program Files\Microsoft Office
2006-09-16 07:45 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-09-15 21:31 -------- d-------- C:\Documents and Settings\user\Application Data\Grisbi
2006-09-15 20:15 4548184 --a------ C:\Program Files\MsgPlusLive-401.exe
2006-09-15 19:23 -------- d-------- C:\Documents and Settings\user\Application Data\Sun
2006-09-15 16:19 -------- d-------- C:\Program Files\OfficeUpdate11
2006-09-15 14:06 -------- d-------- C:\Program Files\Windows Media Connect 2
2006-09-15 14:01 23608632 --a------ C:\Program Files\wmp11-windowsxp-x86-enu.exe
2006-09-14 22:00 -------- d-------- C:\Program Files\CCleaner
2006-09-14 21:59 1468464 --a------ C:\Program Files\ccsetup132.exe
2006-09-14 21:36 13912 --a------ C:\Program Files\setie7defaultsearch.exe
2006-09-14 18:43 -------- d--h----- C:\Program Files\Uninstall Information
2006-09-14 18:29 15302448 --a------ C:\Program Files\IE7RC1-WindowsXP-x86-enu.exe
2006-09-14 15:13 -------- d-------- C:\Program Files\Common Files\AOL
2006-09-14 15:09 -------- d-------- C:\Program Files\Outlook Express
2006-09-14 15:09 -------- d-------- C:\Program Files\Common Files\System
2006-09-14 14:54 -------- d-------- C:\Program Files\Ahead
2006-09-14 14:52 -------- d-------- C:\Documents and Settings\user\Application Data\AOL
2006-09-13 05:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-12 16:51 1245184 --a------ C:\WINDOWS\system32\msxml4.dll
2006-09-06 17:43 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-09-05 09:23 -------- d-------- C:\Program Files\Common Files\aolback
2006-09-05 09:20 -------- d-------- C:\Program Files\Viewpoint
2006-09-05 09:20 -------- d-------- C:\Program Files\Learn2.com
2006-09-05 09:20 -------- d-------- C:\Documents and Settings\user\Application Data\You've Got Pictures Screensaver
2006-09-05 09:19 -------- d-------- C:\Program Files\QuickTime
2006-09-05 09:19 -------- d-------- C:\Program Files\Common Files\Nullsoft
2006-08-25 15:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-25 11:23 56742 --a------ C:\Program Files\vdl.dat
2006-08-25 09:38 8126 --a------ C:\Program Files\SARGUI.HLP
2006-08-25 09:38 61440 --a------ C:\Program Files\sarcli.exe
2006-08-25 09:38 5760 --a------ C:\Program Files\MEMSWEEP.sys
2006-08-25 09:38 401408 --a------ C:\Program Files\sargui.exe
2006-08-25 09:38 147456 --a------ C:\Program Files\sar2.dll
2006-08-25 09:38 126976 --a------ C:\Program Files\sar3.dll
2006-08-25 09:38 110592 --a------ C:\Program Files\sar4.dll
2006-08-25 09:37 806912 --a------ C:\Program Files\sar5.dll
2006-08-25 09:37 69632 --a------ C:\Program Files\sar6.dll
2006-08-25 09:37 35840 --a------ C:\Program Files\helper.exe
2006-08-25 09:37 15872 --a------ C:\Program Files\SophosBootTasksR.exe
2006-08-25 09:37 126976 --a------ C:\Program Files\sar1.dll
2006-08-25 09:30 452719 --a------ C:\Program Files\sarman.pdf
2006-08-25 09:28 181 --a------ C:\Program Files\sargui.cnt
2006-08-24 21:42 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-08-24 21:42 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-08-24 21:30 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-08-24 21:30 990208 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-08-24 21:30 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-08-24 21:30 8337920 --a------ C:\WINDOWS\system32\wmploc.dll
2006-08-24 21:30 790016 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-08-24 21:30 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2006-08-24 21:30 7168 --a------ C:\WINDOWS\system32\asferror.dll
2006-08-24 21:30 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-08-24 21:30 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-08-24 21:30 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-08-24 21:30 611840 --------- C:\WINDOWS\system32\wmpmde.dll
2006-08-24 21:30 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-08-24 21:30 537600 --a------ C:\WINDOWS\system32\blackbox.dll
2006-08-24 21:30 532992 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-08-24 21:30 428032 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-08-24 21:30 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-08-24 21:30 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-08-24 21:30 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-08-24 21:30 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-08-24 21:30 349184 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-08-24 21:30 347648 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-08-24 21:30 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-08-24 21:30 320512 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-08-24 21:30 316928 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-08-24 21:30 314368 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-08-24 21:30 305152 --------- C:\WINDOWS\system32\MSDelta.dll
2006-08-24 21:30 295424 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-08-24 21:30 284160 --------- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-08-24 21:30 276480 --a------ C:\WINDOWS\system32\audiodev.dll
2006-08-24 21:30 27648 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-08-24 21:30 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-08-24 21:30 2589184 --------- C:\WINDOWS\system32\WpdShext.dll
2006-08-24 21:30 258560 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-08-24 21:30 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-08-24 21:30 242176 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-08-24 21:30 228352 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-08-24 21:30 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2006-08-24 21:30 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-08-24 21:30 211968 --------- C:\WINDOWS\system32\MFPLAT.dll
2006-08-24 21:30 210432 --a------ C:\WINDOWS\system32\qasf.dll
2006-08-24 21:30 204800 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-08-24 21:30 198144 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-08-24 21:30 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-08-24 21:30 175104 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-08-24 21:30 166912 --------- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-08-24 21:30 1660416 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-08-24 21:30 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-08-24 21:30 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-08-24 21:30 1539584 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-08-24 21:30 1532416 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-08-24 21:30 1392128 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-08-24 21:30 133120 --------- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-08-24 21:30 1327616 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-08-24 21:30 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-08-24 21:30 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-08-24 21:30 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-08-24 21:30 1118208 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-08-24 21:30 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-08-24 19:31 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-08-24 19:27 249344 --------- C:\WINDOWS\system32\drmupgds.exe
2006-08-24 19:26 95288 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-08-24 19:26 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-08-24 18:19 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-08-24 18:19 145920 --------- C:\WINDOWS\system32\WudfHost.exe
2006-08-24 18:18 56320 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-08-24 18:18 168448 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-08-24 13:51 2862 --a------ C:\Program Files\readsar.txt
2006-08-21 12:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 09:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-18 12:45 43189034 --a------ C:\Program Files\PC_Suite_1.20.237.exe
2006-08-16 11:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"msnmsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\not active]
"LogitechSoftwareUpdate"="\"C:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\not active\not active]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\not active\not active\not active]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"TPP Auto Loader"="C:\\WINDOWS\\TPPALDR.EXE"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"SpeedTouch USB Diagnostics"="\"C:\\Program Files\\Thomson\\SpeedTouch USB\\Dragdiag.exe\" /icon"
"nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
"nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\not active]
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"PRONoMgr.exe"="C:\\Program Files\\Intel\\PROSetWireless\\NCS\\PROSet\\PRONoMgr.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\not active\not active]
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"LinkResolveIgnoreLinkInfo"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=dword:00000000
"NoResolveSearch"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MsnMsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoCall]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VIDEOC~1"
"hkey"="HKCU"
"command"="\"C:\\PROGRA~1\\Logitech\\VIDEOC~1\\VIDEOC~1.EXE\" -minimized"
"inimapping"="0"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A3011DBF-92AA-4308-9518-FEF801B9BFF2}.job

Completion time: 06-11-05 8:28:07.70
C:\ComboFix.txt ... 06-11-05 08:28

And other ******* pop ups!!

Hi :

WHY did you run "ComboFix" !? I did notice from its "log" that you apparently
have 1 or 2 "P2P" programs ( Limewire and/or uTorrent ) and using those
INCREASE your RISK of getting malware on your computer . You have an
Excellent antiVIRUS program; however, the only antiSPYWARE/antiTROJAN
program I saw was Spybot, which has fallen in quality recently. At a minimum,
you should use "SUPERantispyware" from http://www.superantispyware.com . It is
listed as one of the "Trustworthy Products" by antiSPYWARE Expert Eric Howes
at http://www.spywarewarrior.com/rogue_anti-s...htm#trustworthy ; you
will notice there that Spybot is listed below the "others", with "find useful" .

Your Sun Java is 3 Updates behind, a serious security problem. Should uninstall
it ASAP, then go to http://www.majorgeeks.com/download4648.html
to obtain the latest version .

Hi,

Many thanks for your reply..

Have done as you suggested but Superantispyware only found Adware tracking cookie...

??

Simon

Hi,


Could any kind person give me any further advice on this as i am still having major probelms.....!

Many thanks!