And a ComboFix Log hope it helps.
ComboFix 08-06-06.6 - User Ben 2008-06-07 11:33:10.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.750 [GMT 1:00]
Running from: D:\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Downloaded Program Files\setup.inf
.
((((((((((((((((((((((((( Files Created from 2008-05-07 to 2008-06-07 )))))))))))))))))))))))))))))))
.
2008-06-07 11:18 . 2008-06-07 11:18 <DIR> d-------- C:\Program Files\ieSpell
2008-06-07 11:18 . 2008-06-07 11:18 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\ieSpell
2008-06-06 18:46 . 2008-06-06 18:46 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-06 18:46 . 2008-06-06 18:46 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\Malwarebytes
2008-06-06 18:46 . 2008-06-06 18:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-06 18:46 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-06 18:46 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-06 18:30 . 2008-06-06 18:30 <DIR> d-------- C:\Program Files\backups
2008-06-06 18:29 . 2008-06-06 18:27 401,720 --a------ C:\Program Files\HiJackThis.exe
2008-06-06 18:23 . 2008-06-06 18:24 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\Software Informer
2008-06-06 18:19 . 2008-06-06 18:22 <DIR> d-------- C:\Documents and Settings\User Ben\.housecall6.6
2008-06-06 18:06 . 2008-06-06 23:11 <DIR> d-------- C:\Program Files\MediaCoder iPhone Edition
2008-06-04 22:34 . 2008-06-04 22:34 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-04 22:34 . 2008-06-04 22:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-04 22:33 . 2008-06-04 22:33 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-04 12:24 . 2008-06-04 12:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-04 12:21 . 2008-06-04 12:21 <DIR> d-------- C:\Program Files\Unlocker
2008-06-04 11:49 . 2008-06-04 11:49 <DIR> d-------- C:\Program Files\CCleaner
2008-06-04 11:44 . 2008-06-04 11:52 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\Propellerhead Software
2008-06-04 11:44 . 2008-06-04 11:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
2008-06-04 11:44 . 2008-06-04 11:44 233,472 --a------ C:\WINDOWS\system32\REX Shared Library.dll
2008-06-04 11:44 . 2008-06-04 11:44 225,280 --a------ C:\WINDOWS\system32\ReWire.dll
2008-06-04 11:42 . 2008-06-04 11:42 <DIR> d-------- C:\Program Files\Propellerhead
2008-06-03 23:17 . 2008-06-03 23:17 <DIR> d-------- C:\Program Files\microKORG SoundEditor
2008-06-02 22:07 . 2008-06-04 21:33 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\uTorrent
2008-06-02 19:32 . 2008-06-02 19:32 <DIR> d-------- C:\WINDOWS\Applian FLV Player
2008-06-01 13:21 . 2008-06-01 13:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Line 6
2008-06-01 13:21 . 2008-04-02 22:16 521,088 --a------ C:\WINDOWS\system32\drivers\L6PODX3LV.sys
2008-06-01 13:21 . 2008-04-02 22:16 167,936 --a------ C:\WINDOWS\system32\l6podx3lv.dll
2008-06-01 12:55 . 2008-06-01 12:55 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-01 12:55 . 2005-06-03 03:52 49,265 --a------ C:\WINDOWS\system32\jpicpl32.cpl
2008-05-31 19:19 . 2008-05-31 19:19 <DIR> d-------- C:\Program Files\Sibelius Software
2008-05-31 19:19 . 2008-05-31 19:19 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\Sibelius Software
2008-05-31 16:59 . 2008-05-31 16:59 0 --a------ C:\WINDOWS\DMM.INI
2008-05-31 16:56 . 2008-05-31 16:56 <DIR> d-------- C:\Program Files\Sienzo
2008-05-30 22:47 . 2008-05-30 22:47 <DIR> d-------- C:\Program Files\GlobFX
2008-05-28 21:50 . 2008-05-28 21:51 <DIR> d-------- C:\Program Files\7-Zip
2008-05-28 21:41 . 2008-05-28 21:43 <DIR> d-------- C:\temp
2008-05-27 21:04 . 2008-05-27 21:04 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\InstallShield Installation Information
2008-05-27 20:55 . 2008-05-27 20:55 <DIR> d-------- C:\Program Files\SEGA
2008-05-27 20:55 . 2006-05-31 08:22 62,232 -r------- C:\WINDOWS\system32\GameuxInstallHelper.dll
2008-05-27 19:46 . 2008-05-27 19:57 <DIR> d-------- C:\Unreal Anthology
2008-05-27 19:46 . 1997-07-19 17:00 315,585 --a------ C:\WINDOWS\system32\COMCTL32.ocx
2008-05-27 19:46 . 1997-07-19 17:01 118,781 --a------ C:\WINDOWS\system32\TABCTL32.ocx
2008-05-27 19:46 . 1998-01-24 03:39 110,725 --a------ C:\WINDOWS\system32\RICHTX32.ocx
2008-05-27 19:46 . 1995-07-26 01:00 98,588 --a------ C:\WINDOWS\system32\THREED32.ocx
2008-05-27 19:46 . 2005-11-13 22:40 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-05-27 19:46 . 1997-07-19 17:00 66,924 --a------ C:\WINDOWS\system32\COMDLG32.ocx
2008-05-27 19:46 . 1995-07-26 01:00 48,640 --a------ C:\WINDOWS\system32\GRID32.ocx
2008-05-27 19:46 . 1997-01-16 10:11 44,831 --a------ C:\WINDOWS\system32\PICCLP32.ocx
2008-05-27 19:46 . 1995-07-26 01:00 43,502 --a------ C:\WINDOWS\system32\MSOUTL32.ocx
2008-05-24 21:24 . 2008-04-13 19:45 10,368 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-05-24 21:24 . 2008-04-13 19:45 10,368 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-05-24 18:47 . 2007-11-22 15:00 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx
2008-05-23 09:25 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2008-05-23 09:25 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2008-05-23 09:25 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2008-05-23 09:25 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2008-05-23 09:25 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2008-05-23 09:25 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2008-05-23 09:25 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2008-05-22 21:07 . 2008-06-07 11:04 <DIR> d-------- C:\Downloads
2008-05-22 21:06 . 2008-05-22 21:06 <DIR> d-------- C:\Program Files\Software Informer
2008-05-22 21:06 . 2008-05-22 21:07 <DIR> d-------- C:\Program Files\Free Download Manager
2008-05-22 21:06 . 2008-06-07 11:27 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\Free Download Manager
2008-05-22 21:06 . 2008-05-22 21:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-05-22 15:31 . 2008-05-28 22:03 <DIR> d-------- C:\Program Files\Paragon Software
2008-05-21 20:08 . 2008-05-21 20:08 <DIR> d-------- C:\WINDOWS\system32\Futuremark
2008-05-20 20:33 . 2008-05-20 20:33 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-05-20 15:29 . 2008-03-19 18:26 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-05-20 15:29 . 2008-03-19 18:29 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-05-18 22:16 . 2008-05-18 22:23 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\Azureus
2008-05-18 22:16 . 2008-05-18 22:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2008-05-18 13:19 . 2008-05-18 13:19 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-05-18 10:31 . 2008-05-18 10:31 <DIR> d-------- C:\Program Files\directx
2008-05-18 10:24 . 2008-05-24 22:48 <DIR> d-------- C:\UT2003
2008-05-17 22:56 . 2008-05-17 22:56 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\vlc
2008-05-17 17:48 . 2008-05-17 17:48 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\cmw
2008-05-17 17:10 . 2008-05-17 18:26 <DIR> d-------- C:\Program Files\winpwn
2008-05-17 16:21 . 2008-05-17 16:21 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\MSN6
2008-05-17 16:21 . 2008-05-17 16:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MSN6
2008-05-17 13:40 . 2008-05-17 22:56 <DIR> d-------- C:\Program Files\VideoLAN
2008-05-17 13:35 . 2008-05-17 13:35 <DIR> d-------- C:\Documents and Settings\User Ben\Shared
2008-05-17 13:35 . 2008-05-24 18:11 <DIR> d-------- C:\Documents and Settings\User Ben\Incomplete
2008-05-17 13:35 . 2008-05-17 13:43 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\FrostWire
2008-05-17 13:12 . 2008-06-01 13:20 <DIR> d-------- C:\Program Files\Line6
2008-05-17 13:12 . 2008-05-17 13:12 <DIR> d-------- C:\Program Files\Common Files\Digidesign
2008-05-17 13:12 . 2008-06-01 13:21 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\Line 6
2008-05-17 13:12 . 2008-06-01 13:21 374 --a------ C:\WINDOWS\GearBox.ini
2008-05-17 10:54 . 2008-05-17 10:54 0 --a------ C:\WINDOWS\nsreg.dat
2008-05-16 23:49 . 2008-05-24 18:42 <DIR> d-------- C:\Program Files\iLiberty
2008-05-16 22:28 . 2008-05-16 22:28 <DIR> d-------- C:\Program Files\Guitar Pro 5
2008-05-16 15:10 . 2008-06-03 23:59 4,047,853 --a------ C:\WINDOWS\pfirewall.log.old
2008-05-16 11:58 . 2008-05-16 11:58 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-05-16 10:50 . 2008-05-16 10:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
2008-05-16 10:48 . 2008-05-16 10:48 52 --a------ C:\WINDOWS\SiSAudioRack.ini
2008-05-15 23:04 . 2008-06-01 19:26 60,416 --a------ C:\WINDOWS\ALCFDRTM.VER
2008-05-15 23:04 . 2008-05-15 23:04 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2008-05-15 22:58 . 2008-05-15 22:55 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-05-15 22:57 . 2008-05-15 22:57 <DIR> d-------- C:\Program Files\Realtek AC97
2008-05-15 22:57 . 2008-05-15 22:57 <DIR> d-------- C:\Program Files\Orb Networks
2008-05-15 22:57 . 2008-05-15 22:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-05-15 22:57 . 2008-05-15 22:55 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2008-05-15 22:57 . 2008-05-15 22:55 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2008-05-15 22:23 . 2008-05-15 22:23 <DIR> d-------- C:\Program Files\WinSCP
2008-05-15 22:11 . 2008-05-15 22:11 <DIR> d-------- C:\Program Files\iTunes
2008-05-15 22:11 . 2008-05-15 22:11 <DIR> d-------- C:\Program Files\iPod
2008-05-15 22:11 . 2008-05-15 22:11 <DIR> d-------- C:\Program Files\Bonjour
2008-05-15 22:11 . 2008-05-17 18:44 <DIR> d-------- C:\Documents and Settings\User Ben\Application Data\Apple Computer
2008-05-15 22:11 . 2008-06-07 11:39 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-15 22:11 . 2008-05-15 22:11 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-15 22:10 . 2008-05-15 22:10 <DIR> d-------- C:\Program Files\QuickTime
2008-05-15 22:10 . 2008-05-15 22:10 <DIR> d-------- C:\Program Files\Apple Software Update
2008-05-15 22:10 . 2008-05-15 22:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-05-15 22:09 . 2008-06-01 13:21 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-05-15 22:09 . 2008-05-15 22:09 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-05-15 22:09 . 2008-05-15 22:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-05-15 22:09 . 2008-02-18 11:16 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2008-05-15 16:53 . 2008-05-15 16:53 <DIR> d-------- C:\WINDOWS\Performance
2008-05-15 16:52 . 2008-05-15 16:52 <DIR> d-------- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2008-05-15 16:52 . 2008-05-15 16:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Corporation
2008-05-13 14:53 . 2008-05-13 14:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-05-13 14:44 . 2008-05-13 14:44 <DIR> d-------- C:\ATI
2008-05-13 13:56 . 2008-05-13 13:56 <DIR> d-------- C:\Program Files\Common Files\ATI Technologies
2008-05-13 13:56 . 2008-03-28 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-07 10:36 --------- d-----w C:\Program Files\Symantec AntiVirus
2008-06-07 10:20 8,758 ----a-w C:\Program Files\hijackthis.log
2008-05-11 13:52 --------- d-----w C:\Program Files\Symantec
2008-05-11 13:52 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-05-11 13:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-05-11 13:42 --------- d-----w C:\Program Files\Windows Defender
2008-05-11 12:35 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-29 10:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 10:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 10:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
2008-04-14 04:42 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 04:42 11,264 ------w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 04:41 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-14 00:25 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 00:16 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 00:13 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 00:13 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 00:13 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 00:13 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll
2008-04-14 00:13 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 00:13 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 00:13 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 00:13 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 00:11 997,376 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 00:10 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 00:10 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 00:10 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-13 19:30 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:27 2,188,928 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:18 52,480 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 64,512 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ------w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ------w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 18:53 264,832 ------w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
2008-04-13 18:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
2008-04-13 18:51 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys
2008-04-13 18:46 61,696 ----a-w C:\WINDOWS\system32\drivers\ohci1394.sys
2008-04-13 18:46 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys
2008-04-13 18:46 53,376 ----a-w C:\WINDOWS\system32\drivers\1394bus.sys
2008-04-13 18:46 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys
2008-04-13 18:46 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys
2008-04-13 18:46 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-13 18:46 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-13 18:46 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
2008-04-13 18:46 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys
2008-04-13 18:46 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys
2008-04-13 18:46 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys
2008-04-13 18:44 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys
2008-04-13 18:44 799,744 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-13 18:44 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:44 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-13 18:43 9,728 ------w C:\WINDOWS\system32\comsdupd.exe
2008-04-13 18:43 14,208 ------w C:\WINDOWS\system32\drivers\wacompen.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 01:12 15360]
"fsm"="" []
"ares"="C:\Program Files\Ares\Ares.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2004-06-09 20:31 66680]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2004-10-06 17:56 161096]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SoundMan"="SOUNDMAN.EXE" [2008-05-15 22:55 577536 C:\WINDOWS\soundman.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52 36975]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 01:12 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe"=
"C:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"=
"C:\\Program Files\\SEGA\\SEGA Rally\\SEGA Rally.exe"=
"C:\\Program Files\\SEGA\\SEGA Rally\\SEGA Rally_SSE1.exe"=
"C:\\Program Files\\Sienzo\\DMM\\DMM.exe"=
"D:\\Program Files\\UnH Solutions\\New Folder\\UTORRENT.EXE"=
S3 L6PODX3LV;POD X3 Live Service;C:\WINDOWS\system32\Drivers\L6PODX3LV.sys [2008-04-02 22:16]
.
Contents of the 'Scheduled Tasks' folder
"2008-06-07 10:39:30 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-06-07 11:38:58
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-06-07 11:40:28 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-07 10:40:24
Pre-Run: 20,190,748,672 bytes free
Post-Run: 20,250,075,136 bytes free
319 --- E O F --- 2008-06-06 17:14:32
Unsolved 
