Firefox just stops working until I shut it down?

Keep getting error messages when I scan with Nod32 at 30% I get Error popups and my computer comes to a sluggish halt...

What is wrong with this thing...I have scanned with MalwareBytes, ComboFix, Nod32 4.0.437.0..I tried uninstalling it and reinstalling it and it just doesn't work..

Please help...

Here are my error messages...

https://2img.net/r/ihimizer/img513/9669/errorekrn02.jpg

https://2img.net/r/ihimizer/img291/7137/errorekrn.jpg

please help me fix this

• Download combofix from here
  Link 1
  Link 2
  

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouse click combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 09-08-25.02 - Gus 08/25/2009 20:26.8.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1521 [GMT -7:00]
Running from: c:\documents and settings\Gus\Desktop\Combo-Fix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-07-26 to 2009-08-26 )))))))))))))))))))))))))))))))
.

2009-08-12 09:25 . 2009-08-12 09:25 -------- d-----w- c:\windows\ServicePackFiles
2009-08-11 00:42 . 2009-08-11 00:43 -------- d-----w- c:\program files\Perfect Uninstaller
2009-08-10 20:11 . 2009-08-11 21:52 -------- d-----w- c:\program files\My-Proxy
2009-08-07 01:14 . 2009-08-07 01:14 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-08-05 23:01 . 2009-08-05 23:02 -------- d-----w- c:\documents and settings\Gus\Application Data\kikin
2009-08-05 23:01 . 2009-08-05 23:02 -------- d-----w- c:\program files\kikin
2009-08-05 18:01 . 2009-08-05 18:01 104512 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2009-08-05 05:38 . 2009-08-21 18:25 -------- d-----w- c:\program files\Accessdiver
2009-07-27 11:44 . 2002-01-05 22:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-07-27 11:43 . 2009-08-10 20:22 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-07-27 11:43 . 2009-07-27 11:43 -------- d-----w- c:\program files\DVDVideoSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-26 03:22 . 2007-11-06 00:44 169936 ----a-w- c:\documents and settings\Gus\Application Data\Mozilla\Firefox\Profiles\hmfnv7n5.default\FlashGot.exe
2009-08-26 03:07 . 2007-11-06 01:07 -------- d-----w- c:\documents and settings\Gus\Application Data\uTorrent
2009-08-26 02:01 . 2007-11-05 10:01 -------- d-----w- c:\documents and settings\Gus\Application Data\DMCache
2009-08-25 10:41 . 2007-11-06 01:59 -------- d-----w- c:\documents and settings\Gus\Application Data\Vso
2009-08-25 07:57 . 2009-07-11 18:44 -------- d-----w- c:\documents and settings\Gus\Application Data\vlc
2009-08-24 19:35 . 2008-02-15 11:53 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-24 01:32 . 2009-04-07 20:22 117760 ----a-w- c:\documents and settings\Gus\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-08-21 18:22 . 2007-11-05 10:01 -------- d-----w- c:\documents and settings\Gus\Application Data\IDM
2009-08-21 18:09 . 2007-12-14 02:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-08-18 23:05 . 2008-01-03 05:34 -------- d-----w- c:\documents and settings\Gus\Application Data\dvdcss
2009-08-15 05:33 . 2009-07-22 23:33 -------- d-----w- c:\program files\DVDFab 6
2009-08-11 09:13 . 2007-12-18 20:15 -------- d-----w- c:\documents and settings\Gus\Application Data\mIRC
2009-08-11 06:27 . 2007-12-18 20:15 -------- d-----w- c:\program files\mIRC
2009-08-11 00:49 . 2008-08-17 17:22 -------- d-----w- c:\program files\GhostSecuritySuite
2009-08-11 00:45 . 2007-11-06 01:59 -------- d-----w- c:\program files\VSO
2009-08-08 07:16 . 2008-05-30 09:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-08 07:16 . 2008-05-30 09:40 3942048 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-08-05 09:11 . 2004-08-04 00:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 00:52 . 2008-11-30 00:00 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM
2009-08-03 20:36 . 2008-08-08 21:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 20:36 . 2008-05-30 09:39 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-24 08:52 . 2007-11-07 04:29 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2009-07-24 08:47 . 2009-07-24 08:47 -------- d-----w- c:\program files\DVD2one V2
2009-07-22 02:07 . 2008-10-11 08:30 -------- d-----w- c:\program files\iTunes
2009-07-22 02:06 . 2008-10-11 08:30 -------- d-----w- c:\program files\iPod
2009-07-22 02:06 . 2007-11-05 11:09 -------- d-----w- c:\program files\Common Files\Apple
2009-07-22 02:00 . 2009-07-22 02:00 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-21 09:32 . 2009-07-21 09:32 75520 ----a-w- c:\windows\system32\drivers\cmdmon.sys
2009-07-20 19:15 . 2009-04-24 04:43 -------- d-----w- c:\program files\Movavi VideoSuite 6
2009-07-17 18:55 . 2004-08-04 00:56 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 06:43 . 2004-08-04 00:56 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-12 06:22 . 2008-02-09 10:39 -------- d-----w- c:\documents and settings\Gus\Application Data\gtk-2.0
2009-07-12 06:20 . 2008-02-09 10:38 -------- d-----w- c:\program files\Avidemux 2.4
2009-07-08 09:47 . 2009-07-08 09:47 -------- d-----w- c:\program files\Trader's Little Helper
2009-07-03 19:14 . 2007-12-14 02:28 -------- d-----w- c:\program files\AIM6
2009-07-03 19:12 . 2009-07-03 19:12 -------- d-----w- c:\documents and settings\All Users\Application Data\acccore
2009-07-03 19:11 . 2008-04-16 20:14 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads
2009-07-02 19:57 . 2007-12-30 22:02 -------- d-----w- c:\program files\ESET
2009-07-01 22:50 . 2009-07-01 18:18 -------- d-----w- c:\program files\Team Fortress 2
2009-06-26 15:59 . 2004-08-04 00:56 668160 ------w- c:\windows\system32\wininet.dll
2009-06-26 15:59 . 2004-08-04 00:56 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-06-25 18:36 . 2004-08-04 00:56 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:36 . 2004-08-04 00:56 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:36 . 2004-08-04 00:56 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:36 . 2004-08-04 00:56 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:36 . 2004-08-04 00:56 471552 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:36 . 2004-08-04 00:56 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:36 . 2004-08-04 00:56 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:36 . 2004-08-04 00:56 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:36 . 2004-08-04 00:56 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:36 . 2004-08-04 00:56 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:36 . 2004-08-04 00:56 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-25 18:36 . 2004-08-04 00:56 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 08:44 . 2004-08-04 00:56 59392 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:44 . 2004-08-04 00:56 56320 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:44 . 2004-08-04 00:56 168448 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:44 . 2004-08-04 00:56 724480 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:44 . 2004-08-04 00:56 298496 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:44 . 2004-08-04 00:56 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-22 11:49 . 2004-08-04 00:56 19968 ----a-w- c:\windows\system32\mqbkup.exe
2009-06-22 11:49 . 2004-08-04 00:56 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49 . 2004-08-04 00:56 4608 ----a-w- c:\windows\system32\mqsvc.exe
2009-06-22 11:48 . 2004-08-03 22:58 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-06-22 11:34 . 2004-08-03 22:59 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:55 . 2004-08-04 00:56 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:55 . 2001-08-23 14:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-12 11:50 . 2004-08-04 00:56 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 11:50 . 2004-08-04 00:56 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:21 . 2004-08-04 00:56 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:58 . 2009-06-10 06:57 2926768 ----a-w- c:\documents and settings\Gus\Application Data\IDM\idmupdt.exe
2009-06-10 06:32 . 2004-08-04 00:56 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-05 07:42 . 2007-11-05 01:03 655872 ----a-w- c:\windows\system32\mstscax.dll
2009-06-03 19:27 . 2004-08-04 00:56 1290752 ----a-w- c:\windows\system32\quartz.dll
2009-05-29 20:36 . 2009-03-27 02:25 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-05-29 20:36 . 2007-11-07 23:49 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-05-29 19:15 . 2009-05-29 19:15 15398880 ----a-w- c:\documents and settings\Gus\Application Data\IDM\X64\setup.exe
2009-05-29 19:15 . 2009-05-29 19:15 14757488 ----a-w- c:\documents and settings\Gus\Application Data\IDM\X86\setup.exe
2006-05-03 09:06 . 2008-01-14 23:07 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 . 2008-01-14 23:07 31232 --sha-r- c:\windows\system32\msfDX.dll

------- Sigcheck -------

[7] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[7] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2004-08-03 23:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB917953$\tcpip.sys
[7] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys
[7] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
[-] 2008-12-17 07:02 360320 3ADCE4790F591BF160A94F6F08039577 c:\windows\system32\dllcache\TCPIP.SYS
[-] 2008-12-17 07:02 360320 3ADCE4790F591BF160A94F6F08039577 c:\windows\system32\drivers\TCPIP.SYS
.
((((((((((((((((((((((((((((( SnapShot_2009-08-14_07.20.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-16 20:06 . 2009-08-16 20:06 16384 c:\windows\temp\Perflib_Perfdata_7bc.dat
+ 2009-05-14 22:49 . 2009-05-14 22:49 94360 c:\windows\system32\drivers\epfwtdir.sys
+ 2004-08-04 00:56 . 2009-06-25 08:44 59392 c:\windows\system32\dllcache\wdigest.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 56320 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-03 22:59 . 2009-06-22 11:34 92544 c:\windows\system32\dllcache\ksecdd.sys
+ 2009-08-23 23:02 . 2009-08-23 23:02 10134 c:\windows\Installer\{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}\callmsi.exe
+ 2008-08-14 18:46 . 2008-02-22 09:33 139264 c:\windows\system32\javaws.exe
- 2008-08-14 18:46 . 2008-06-10 09:32 139264 c:\windows\system32\javaws.exe
+ 2008-08-14 18:46 . 2008-02-22 08:23 135168 c:\windows\system32\javaw.exe
- 2008-08-14 18:46 . 2008-06-10 08:21 135168 c:\windows\system32\javaw.exe
+ 2008-08-14 18:46 . 2008-02-22 08:23 135168 c:\windows\system32\java.exe
- 2008-08-14 18:46 . 2008-06-10 08:21 135168 c:\windows\system32\java.exe
+ 2009-05-14 22:47 . 2009-05-14 22:47 107256 c:\windows\system32\drivers\ehdrv.sys
+ 2009-05-14 22:41 . 2009-05-14 22:41 114472 c:\windows\system32\drivers\eamon.sys
+ 2004-08-04 00:56 . 2009-06-25 08:44 168448 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 133632 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 724480 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 298496 c:\windows\system32\dllcache\kerberos.dll
+ 2009-08-23 23:02 . 2009-08-23 23:02 101480 c:\windows\Installer\{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}\egui.exe
+ 2009-08-23 23:02 . 2009-08-23 23:02 1129472 c:\windows\Installer\6b0c7.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2009-05-20 04:26 429800 ----a-w- c:\program files\kikin\ie_kikin.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-06-09 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2007-11-08 1115728]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-14 177472]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"NodEnabler"="c:\program files\ESET\NodEnabler\NodEnabler.exe" [2009-04-08 357521]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0autocheck lsdelete\0autocheck lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GammaTray.lnk]
backup=c:\windows\pss\GammaTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Gus^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wwEngineSvc"=2 (0x2)
"Viewpoint Manager Service"=2 (0x2)
"MagicTuneEngine"=2 (0x2)
"IDriverT"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Adobe Version Cue CS2"=3 (0x3)
"aawservice"=2 (0x2)
"a2AntiMalware"=2 (0x2)
"upnphost"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Alias\\Maya8.0\\bin\\maya.exe"=
"c:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"47386:TCP"= 47386:TCP:uTorrent

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [5/14/2009 3:47 PM 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [5/14/2009 3:49 PM 94360]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/28/2008 10:33 AM 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/28/2008 10:33 AM 55024]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [5/14/2009 3:47 PM 731840]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [7/27/2005 5:25 PM 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [7/27/2005 5:25 PM 36352]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [7/27/2005 5:25 PM 77056]
S3 mam4410c;mam4410c;c:\windows\system32\drivers\mam4410c.sys [5/30/2008 2:53 PM 24784]
S3 mam4410m;mam4410m;c:\windows\system32\drivers\mam4410m.sys [5/30/2008 2:53 PM 25044]
S3 mam4410u;mam4410u;c:\windows\system32\drivers\mam4410u.sys [5/30/2008 2:53 PM 52565]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/28/2008 10:33 AM 7408]
S3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [1/5/2009 7:39 AM 103936]
S3 SDTHOOK;SDTHOOK;c:\windows\system32\drivers\SDTHOOK.SYS [1/15/2008 12:14 AM 44928]
S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [4/16/2008 12:46 PM 16896]
S4 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe --> c:\program files\Webroot\Washer\WasherSvc.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{621FCD24-4498-4324-A81E-07D331376EDF}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder

2009-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]

2009-08-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1767777339-839522115-1003Core.job
- c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-09 20:41]

2009-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1767777339-839522115-1003UA.job
- c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-09 20:41]
.
.

------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
FF - ProfilePath - c:\documents and settings\Gus\Application Data\Mozilla\Firefox\Profiles\hmfnv7n5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\documents and settings\Gus\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\documents and settings\Gus\Application Data\Mozilla\Firefox\Profiles\hmfnv7n5.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07075003.dll
FF - plugin: c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbyond.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-25 20:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2000478354-1767777339-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:36,80,52,87,67,8d,3a,2a,e0,63,1c,1d,59,73,63,5b,0f,5b,8b,53,93,16,85,
09,21,6b,1e,37,44,cc,25,a4,d9,a5,22,86,07,d0,66,d8,81,13,b8,e9,b6,b7,b4,74,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50

[HKEY_USERS\S-1-5-21-2000478354-1767777339-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:d0,36,fc,95,6f,f6,2e,53,71,a7,33,1d,b2,6e,4e,a0,3b,30,1d,8c,f0,
6f,ae,94,74,05,44,10,58,68,d5,2b,7c,f0,49,6e,bc,67,97,b4,9f,b7,3b,f2,ec,0f,\
"rkeysecu"=hex:33,02,bd,07,eb,6b,14,8a,03,7a,1e,09,f6,94,3e,a4

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):fc,08,ce,fa,52,47,26,8d,1a,27,1f,ee,df,8c,dd,63,32,f6,a6,b5,d7,
be,88,59,29,ce,31,62,93,5c,19,de,79,d0,53,a6,e6,6e,fe,19,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):3b,cc,7e,a5,62,6a,68,7b,51,00,a1,2d,ce,0c,7f,ae,f3,76,1b,ed,69,
d3,cf,39,c6,cd,16,8f,bd,51,c0,db,b6,6d,4f,19,6d,ca,aa,75,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{994d1d4b-8133-48b6-ad7c-e17ee05c3a3b}]
@Denied: (Full) (Everyone)
"Model"=dword:00000162
"Therad"=dword:00000025
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,05,e2,1b,2b,9a,65,e8,ec,16,73,9f,4f,94,a3,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f58c4ed1-f8ac-4df7-a027-b35a1ead5e60}]
@Denied: (Full) (Everyone)
"Model"=dword:00000046
"Therad"=dword:00000016
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,3b,8a,0a,32,11,89,01,b5,6d,31,5c,83,bc,5f,58,b1,7a,34,ad,44,f4,57,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3600)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-08-26 20:31
ComboFix-quarantined-files.txt 2009-08-26 03:30
ComboFix2.txt 2009-08-26 03:22
ComboFix3.txt 2009-08-14 07:22
ComboFix4.txt 2009-07-20 19:44
ComboFix5.txt 2009-08-26 03:25

Pre-Run: 49,940,660,224 bytes free
Post-Run: 49,922,506,752 bytes free

351 --- E O F --- 2009-08-18 10:00

I see you are running a cracked version of ESET Nod32, the error messages you are getting are due to the fact that ESET can't update itself since you are using a cracked version, if you see your error message picture ti will say it has an error with ekrn.exe which is NOD32's update assistant. If you do not remove this cracked version I will not help you, an alternative to Nod32 would be Avira free, you can download it here:

http://free-av.com


Please download Revo Uninstall from here: Revo Uinstaller

1. Download and run the setup file for Revo Uninstaller.
   
2. Once setup, run Revo Uninstaller.
   
3. Select the following item for removal by clicking on it once.
   
   ESET Nod32
   
   
4. Then hit the "Uninstall" button at the top.
   
5. Close Revo Uninstaller.
   

I don't think it is a cracked version, but I will get the trial from the main site and try it again

You are unfortunately,



That right there is a crack.

Look at it now...

ComboFix 09-08-30.01 - Gus 08/30/2009 12:28.9.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1540 [GMT -7:00]
Running from: c:\documents and settings\Gus\Desktop\Combo-Fix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
ADS - windows: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-30 )))))))))))))))))))))))))))))))
.

2009-08-30 09:10 . 2009-08-30 09:10 -------- d-----w- c:\program files\VS Revo Group
2009-08-26 20:11 . 2009-08-26 20:11 -------- d-sh--w- c:\documents and settings\Gus\IECompatCache
2009-08-26 20:10 . 2009-08-26 20:10 -------- d-sh--w- c:\documents and settings\Gus\PrivacIE
2009-08-26 19:55 . 2009-08-26 19:55 -------- d-sh--w- c:\documents and settings\Gus\IETldCache
2009-08-26 19:39 . 2009-08-07 08:48 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-08-26 19:39 . 2009-08-26 19:39 -------- d-----w- c:\windows\ie8updates
2009-08-26 19:39 . 2009-07-03 17:09 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-08-26 19:39 . 2009-07-03 17:09 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-08-26 19:39 . 2009-07-03 17:09 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-08-26 19:39 . 2009-07-03 17:09 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-08-26 19:39 . 2009-07-03 17:09 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-08-26 19:39 . 2009-07-20 01:48 11067392 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-08-26 19:38 . 2009-08-26 19:38 -------- dc-h--w- c:\windows\ie8
2009-08-12 09:25 . 2009-08-12 09:25 -------- d-----w- c:\windows\ServicePackFiles
2009-08-11 00:42 . 2009-08-11 00:43 -------- d-----w- c:\program files\Perfect Uninstaller
2009-08-10 20:11 . 2009-08-11 21:52 -------- d-----w- c:\program files\My-Proxy
2009-08-07 01:14 . 2009-08-07 01:14 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-08-05 23:01 . 2009-08-05 23:02 -------- d-----w- c:\documents and settings\Gus\Application Data\kikin
2009-08-05 23:01 . 2009-08-05 23:02 -------- d-----w- c:\program files\kikin
2009-08-05 18:01 . 2009-08-05 18:01 104512 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2009-08-05 05:38 . 2009-08-21 18:25 -------- d-----w- c:\program files\Accessdiver

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-30 18:59 . 2007-11-06 00:44 169936 ----a-w- c:\documents and settings\Gus\Application Data\Mozilla\Firefox\Profiles\hmfnv7n5.default\FlashGot.exe
2009-08-30 15:00 . 2007-11-06 01:07 -------- d-----w- c:\documents and settings\Gus\Application Data\uTorrent
2009-08-30 10:15 . 2007-11-05 10:01 -------- d-----w- c:\documents and settings\Gus\Application Data\DMCache
2009-08-30 10:14 . 2007-11-06 01:59 -------- d-----w- c:\documents and settings\Gus\Application Data\Vso
2009-08-30 09:12 . 2008-02-15 11:53 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-30 08:56 . 2009-07-11 18:44 -------- d-----w- c:\documents and settings\Gus\Application Data\vlc
2009-08-24 01:32 . 2009-04-07 20:22 117760 ----a-w- c:\documents and settings\Gus\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-08-21 18:22 . 2007-11-05 10:01 -------- d-----w- c:\documents and settings\Gus\Application Data\IDM
2009-08-21 18:09 . 2007-12-14 02:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-08-18 23:05 . 2008-01-03 05:34 -------- d-----w- c:\documents and settings\Gus\Application Data\dvdcss
2009-08-15 05:33 . 2009-07-22 23:33 -------- d-----w- c:\program files\DVDFab 6
2009-08-11 09:13 . 2007-12-18 20:15 -------- d-----w- c:\documents and settings\Gus\Application Data\mIRC
2009-08-11 06:27 . 2007-12-18 20:15 -------- d-----w- c:\program files\mIRC
2009-08-11 00:49 . 2008-08-17 17:22 -------- d-----w- c:\program files\GhostSecuritySuite
2009-08-11 00:45 . 2007-11-06 01:59 -------- d-----w- c:\program files\VSO
2009-08-10 20:22 . 2009-07-27 11:43 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-08-08 07:16 . 2008-05-30 09:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-08 07:16 . 2008-05-30 09:40 3942048 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-08-05 09:11 . 2004-08-04 00:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 00:52 . 2008-11-30 00:00 -------- d-----w- c:\documents and settings\All Users\Application Data\CanonIJPLM
2009-08-03 20:36 . 2008-08-08 21:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 20:36 . 2008-05-30 09:39 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-27 11:43 . 2009-07-27 11:43 -------- d-----w- c:\program files\DVDVideoSoft
2009-07-24 08:52 . 2007-11-07 04:29 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2009-07-24 08:47 . 2009-07-24 08:47 -------- d-----w- c:\program files\DVD2one V2
2009-07-22 02:07 . 2008-10-11 08:30 -------- d-----w- c:\program files\iTunes
2009-07-22 02:06 . 2008-10-11 08:30 -------- d-----w- c:\program files\iPod
2009-07-22 02:06 . 2007-11-05 11:09 -------- d-----w- c:\program files\Common Files\Apple
2009-07-22 02:00 . 2009-07-22 02:00 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-21 09:32 . 2009-07-21 09:32 75520 ----a-w- c:\windows\system32\drivers\cmdmon.sys
2009-07-20 19:15 . 2009-04-24 04:43 -------- d-----w- c:\program files\Movavi VideoSuite 6
2009-07-17 18:55 . 2004-08-04 00:56 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 06:43 . 2004-08-04 00:56 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-12 06:22 . 2008-02-09 10:39 -------- d-----w- c:\documents and settings\Gus\Application Data\gtk-2.0
2009-07-12 06:20 . 2008-02-09 10:38 -------- d-----w- c:\program files\Avidemux 2.4
2009-07-08 09:47 . 2009-07-08 09:47 -------- d-----w- c:\program files\Trader's Little Helper
2009-07-03 19:14 . 2007-12-14 02:28 -------- d-----w- c:\program files\AIM6
2009-07-03 19:12 . 2009-07-03 19:12 -------- d-----w- c:\documents and settings\All Users\Application Data\acccore
2009-07-03 19:11 . 2008-04-16 20:14 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads
2009-07-03 17:09 . 2004-08-04 00:56 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-02 19:57 . 2007-12-30 22:02 -------- d-----w- c:\program files\ESET
2009-07-01 22:50 . 2009-07-01 18:18 -------- d-----w- c:\program files\Team Fortress 2
2009-06-25 18:36 . 2004-08-04 00:56 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:36 . 2004-08-04 00:56 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:36 . 2004-08-04 00:56 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:36 . 2004-08-04 00:56 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:36 . 2004-08-04 00:56 471552 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:36 . 2004-08-04 00:56 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:36 . 2004-08-04 00:56 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:36 . 2004-08-04 00:56 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:36 . 2004-08-04 00:56 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:36 . 2004-08-04 00:56 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:36 . 2004-08-04 00:56 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-25 18:36 . 2004-08-04 00:56 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 08:44 . 2004-08-04 00:56 59392 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:44 . 2004-08-04 00:56 56320 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:44 . 2004-08-04 00:56 168448 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:44 . 2004-08-04 00:56 724480 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:44 . 2004-08-04 00:56 298496 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:44 . 2004-08-04 00:56 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-22 11:49 . 2004-08-04 00:56 19968 ----a-w- c:\windows\system32\mqbkup.exe
2009-06-22 11:49 . 2004-08-04 00:56 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49 . 2004-08-04 00:56 4608 ----a-w- c:\windows\system32\mqsvc.exe
2009-06-22 11:48 . 2004-08-03 22:58 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-06-22 11:34 . 2004-08-03 22:59 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:55 . 2004-08-04 00:56 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:55 . 2001-08-23 14:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-12 11:50 . 2004-08-04 00:56 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 11:50 . 2004-08-04 00:56 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:21 . 2004-08-04 00:56 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:58 . 2009-06-10 06:57 2926768 ----a-w- c:\documents and settings\Gus\Application Data\IDM\idmupdt.exe
2009-06-10 06:32 . 2004-08-04 00:56 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-05 07:42 . 2007-11-05 01:03 655872 ----a-w- c:\windows\system32\mstscax.dll
2009-06-03 19:27 . 2004-08-04 00:56 1290752 ----a-w- c:\windows\system32\quartz.dll
2006-05-03 09:06 . 2008-01-14 23:07 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 . 2008-01-14 23:07 31232 --sha-r- c:\windows\system32\msfDX.dll
.

------- Sigcheck -------

[7] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[7] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2004-08-03 23:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB917953$\tcpip.sys
[7] 2006-04-20 11:51 359808 1DBF125862891817F374F407626967F4 c:\windows\$NtUninstallKB941644$\tcpip.sys
[7] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys
[-] 2008-12-17 07:02 360320 3ADCE4790F591BF160A94F6F08039577 c:\windows\system32\dllcache\TCPIP.SYS
[-] 2008-12-17 07:02 360320 3ADCE4790F591BF160A94F6F08039577 c:\windows\system32\drivers\TCPIP.SYS

.
((((((((((((((((((((((((((((( SnapShot_2009-08-14_07.20.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-30 18:57 . 2009-08-30 18:57 16384 c:\windows\temp\Perflib_Perfdata_7ec.dat
+ 2007-07-18 12:42 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2007-11-05 01:41 . 2009-01-08 01:21 26144 c:\windows\system32\spupdsvc.exe
+ 2009-01-23 00:09 . 2009-01-08 01:20 16928 c:\windows\system32\spmsg.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 46592 c:\windows\system32\pngfilt.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 24576 c:\windows\system32\nlsdl.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 11:31 . 2009-03-08 11:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 11:31 . 2009-07-03 17:09 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 43008 c:\windows\system32\licmgr10.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 94720 c:\windows\system32\inseng.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 11:32 . 2009-03-08 11:32 36864 c:\windows\system32\ieudinit.exe
+ 2004-08-04 00:56 . 2009-03-08 11:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 26112 c:\windows\system32\idndl.dll
+ 2009-03-08 11:31 . 2009-03-08 11:31 59904 c:\windows\system32\icardie.dll
+ 2009-05-14 22:49 . 2009-05-14 22:49 94360 c:\windows\system32\drivers\epfwtdir.sys
+ 2004-08-04 00:56 . 2009-06-25 08:44 59392 c:\windows\system32\dllcache\wdigest.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 56320 c:\windows\system32\dllcache\secur32.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2004-08-04 00:56 . 2009-03-08 11:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-03 22:59 . 2009-06-22 11:34 92544 c:\windows\system32\dllcache\ksecdd.sys
+ 2004-08-04 00:56 . 2009-07-03 17:09 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2007-11-05 01:05 . 2009-03-08 11:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 18944 c:\windows\system32\corpol.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 72704 c:\windows\system32\admparse.dll
+ 2009-08-23 23:02 . 2009-08-23 23:02 10134 c:\windows\Installer\{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}\callmsi.exe
+ 2009-08-26 19:39 . 2009-03-08 11:33 12288 c:\windows\ie8updates\KB972260-IE8\xpshims.dll
+ 2009-08-26 19:39 . 2009-03-08 11:31 55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll
+ 2009-08-26 19:39 . 2009-03-08 11:33 25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll

+ 2009-08-26 19:38 . 2004-08-04 00:56 37888 c:\windows\ie8\url.dll
+ 2009-08-26 19:38 . 2009-03-08 21:23 58464 c:\windows\ie8\spuninst\iecustom.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 39424 c:\windows\ie8\pngfilt.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 96256 c:\windows\ie8\occache.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 56832 c:\windows\ie8\mshtmler.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 29184 c:\windows\ie8\mshta.exe
+ 2009-08-26 19:38 . 2004-08-04 00:56 22016 c:\windows\ie8\licmgr10.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 16384 c:\windows\ie8\jsproxy.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 96256 c:\windows\ie8\inseng.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 35840 c:\windows\ie8\imgutil.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 93184 c:\windows\ie8\iexplore.exe
+ 2009-08-26 19:38 . 2004-08-04 00:56 62976 c:\windows\ie8\iesetup.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 48640 c:\windows\ie8\iernonce.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 81920 c:\windows\ie8\ieencode.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 34304 c:\windows\ie8\ie4uinit.exe
+ 2009-08-26 19:38 . 2004-08-04 00:56 38912 c:\windows\ie8\hmmapi.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 35328 c:\windows\ie8\corpol.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 99840 c:\windows\ie8\advpack.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 61440 c:\windows\ie8\admparse.dll
+ 2009-08-26 19:39 . 2009-03-08 11:35 2048 c:\windows\ie8updates\KB973874-IE8\iecompat.dll
+ 2009-01-08 01:21 . 2009-01-08 01:21 121856 c:\windows\system32\xmllite.dll
+ 2009-03-08 11:34 . 2009-03-08 11:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-04 00:56 . 2009-03-08 11:34 236544 c:\windows\system32\webcheck.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 420352 c:\windows\system32\vbscript.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 105984 c:\windows\system32\url.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 206848 c:\windows\system32\occache.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 611840 c:\windows\system32\mstime.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 193536 c:\windows\system32\msrating.dll
+ 2001-08-23 14:00 . 2009-03-08 11:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 11:32 . 2009-07-03 17:09 594432 c:\windows\system32\msfeeds.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 265720 c:\windows\system32\msdbg2.dll
+ 2004-08-04 00:56 . 2008-02-26 11:59 294912 c:\windows\system32\msctf.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 726528 c:\windows\system32\jscript.dll
- 2008-08-14 18:46 . 2008-06-10 09:32 139264 c:\windows\system32\javaws.exe
+ 2008-08-14 18:46 . 2008-02-22 09:33 139264 c:\windows\system32\javaws.exe
+ 2008-08-14 18:46 . 2008-02-22 08:23 135168 c:\windows\system32\javaw.exe
- 2008-08-14 18:46 . 2008-06-10 08:21 135168 c:\windows\system32\javaw.exe
+ 2008-08-14 18:46 . 2008-02-22 08:23 135168 c:\windows\system32\java.exe
- 2008-08-14 18:46 . 2008-06-10 08:21 135168 c:\windows\system32\java.exe
+ 2009-03-08 11:22 . 2009-03-08 11:22 164352 c:\windows\system32\ieui.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 184320 c:\windows\system32\iepeers.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 386048 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 11:11 . 2009-03-08 11:11 445952 c:\windows\system32\ieapfltr.dll
+ 2001-08-23 14:00 . 2009-03-08 11:32 163840 c:\windows\system32\ieakui.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 229376 c:\windows\system32\ieaksie.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-04 00:56 . 2009-07-03 11:01 173056 c:\windows\system32\ie4uinit.exe
+ 2004-08-04 00:56 . 2009-03-08 11:31 216064 c:\windows\system32\dxtrans.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 348160 c:\windows\system32\dxtmsft.dll
+ 2009-05-14 22:47 . 2009-05-14 22:47 107256 c:\windows\system32\drivers\ehdrv.sys
+ 2009-05-14 22:41 . 2009-05-14 22:41 114472 c:\windows\system32\drivers\eamon.sys
+ 2004-08-04 00:56 . 2009-07-03 17:09 915456 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2007-11-05 01:05 . 2009-03-08 11:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 105984 c:\windows\system32\dllcache\url.dll
+ 2009-01-08 01:20 . 2009-01-08 01:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 168448 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 133632 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-04 00:56 . 2009-03-08 11:34 193536 c:\windows\system32\dllcache\msrating.dll
+ 2001-08-23 14:00 . 2009-03-08 11:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2004-08-04 00:56 . 2008-02-26 11:59 294912 c:\windows\system32\dllcache\msctf.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 724480 c:\windows\system32\dllcache\lsasrv.dll
+ 2004-08-04 00:56 . 2009-06-25 08:44 298496 c:\windows\system32\dllcache\kerberos.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2007-11-05 01:05 . 2009-03-08 21:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2004-08-04 00:56 . 2009-07-03 17:09 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 386048 c:\windows\system32\dllcache\iedkcs32.dll
+ 2001-08-23 14:00 . 2009-03-08 11:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-04 00:56 . 2009-03-08 11:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-04 00:56 . 2009-07-03 11:01 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-04 00:56 . 2009-03-08 11:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-04 00:56 . 2009-03-08 11:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-04 00:56 . 2009-03-08 11:32 128512 c:\windows\system32\advpack.dll
+ 2009-08-23 23:02 . 2009-08-23 23:02 101480 c:\windows\Installer\{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}\egui.exe
+ 2009-08-26 19:39 . 2008-07-08 13:02 382840 c:\windows\ie8updates\KB973874-IE8\spuninst\updspapi.dll
+ 2009-08-26 19:39 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB973874-IE8\spuninst\spuninst.exe
+ 2009-08-26 19:39 . 2009-03-08 11:34 914944 c:\windows\ie8updates\KB972260-IE8\wininet.dll
+ 2009-08-26 19:39 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll
+ 2009-08-26 19:39 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe
+ 2009-08-26 19:39 . 2009-03-08 11:34 109568 c:\windows\ie8updates\KB972260-IE8\occache.dll
+ 2009-08-26 19:39 . 2009-03-08 11:32 594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll
+ 2009-08-26 19:39 . 2009-03-08 11:33 246784 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll
+ 2009-08-26 19:39 . 2009-03-08 11:31 183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll
+ 2009-08-26 19:39 . 2009-03-08 21:09 391536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll
+ 2009-08-26 19:39 . 2009-03-08 11:32 173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe
+ 2009-08-26 19:38 . 2009-06-26 15:59 668160 c:\windows\ie8\wininet.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 276480 c:\windows\ie8\webcheck.dll
+ 2009-08-26 19:38 . 2007-06-26 15:13 851968 c:\windows\ie8\vgx.dll
+ 2009-08-26 19:38 . 2007-12-18 14:40 417792 c:\windows\ie8\vbscript.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 620032 c:\windows\ie8\urlmon.dll
+ 2009-08-26 19:38 . 2009-01-08 01:21 382496 c:\windows\ie8\spuninst\updspapi.dll
+ 2009-08-26 19:38 . 2009-01-08 01:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-08-26 19:38 . 2009-06-26 15:59 532480 c:\windows\ie8\mstime.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 146432 c:\windows\ie8\msrating.dll
+ 2009-08-26 19:38 . 2001-08-23 14:00 146432 c:\windows\ie8\msls31.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 449024 c:\windows\ie8\mshtmled.dll
+ 2009-08-26 19:38 . 2007-12-18 14:40 450560 c:\windows\ie8\jscript.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 251904 c:\windows\ie8\iepeers.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 323584 c:\windows\ie8\iedkcs32.dll
+ 2009-08-26 19:38 . 2001-08-23 14:00 221184 c:\windows\ie8\ieakui.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 216576 c:\windows\ie8\ieaksie.dll
+ 2009-08-26 19:38 . 2004-08-04 00:56 139264 c:\windows\ie8\ieakeng.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 205312 c:\windows\ie8\dxtrans.dll
+ 2009-08-26 19:38 . 2009-06-26 15:59 357888 c:\windows\ie8\dxtmsft.dll
+ 2004-08-04 00:56 . 2009-07-03 17:09 1208832 c:\windows\system32\urlmon.dll
+ 2004-08-04 00:56 . 2009-07-19 13:18 5937152 c:\windows\system32\mshtml.dll
+ 2009-03-08 11:32 . 2009-07-03 17:09 1985536 c:\windows\system32\iertutil.dll
+ 2009-02-07 04:07 . 2009-02-07 04:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2004-08-04 00:56 . 2009-07-03 17:09 1208832 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-04 00:56 . 2009-07-19 13:18 5937152 c:\windows\system32\dllcache\mshtml.dll
+ 2009-08-23 23:02 . 2009-08-23 23:02 1129472 c:\windows\Installer\6b0c7.msi
+ 2009-08-26 19:39 . 2009-03-08 11:34 1206784 c:\windows\ie8updates\KB972260-IE8\urlmon.dll
+ 2009-08-26 19:39 . 2009-03-08 11:41 5937152 c:\windows\ie8updates\KB972260-IE8\mshtml.dll
+ 2009-08-26 19:39 . 2009-03-08 11:32 1985024 c:\windows\ie8updates\KB972260-IE8\iertutil.dll
+ 2009-08-26 19:38 . 2009-07-18 16:00 3069440 c:\windows\ie8\mshtml.dll
+ 2009-03-08 11:39 . 2009-07-20 01:48 11067392 c:\windows\system32\ieframe.dll
+ 2009-08-26 19:39 . 2009-03-08 11:39 11063808 c:\windows\ie8updates\KB972260-IE8\ieframe.dll
.

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2009-05-20 04:26 429800 ----a-w- c:\program files\kikin\ie_kikin.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-06-09 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\CPF.exe" [2007-11-08 1115728]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-27 413696]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-14 177472]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0autocheck lsdelete\0autocheck lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GammaTray.lnk]
backup=c:\windows\pss\GammaTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Gus^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wwEngineSvc"=2 (0x2)
"Viewpoint Manager Service"=2 (0x2)
"MagicTuneEngine"=2 (0x2)
"IDriverT"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Adobe Version Cue CS2"=3 (0x3)
"aawservice"=2 (0x2)
"a2AntiMalware"=2 (0x2)
"upnphost"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Alias\\Maya8.0\\bin\\maya.exe"=
"c:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"47386:TCP"= 47386:TCP:uTorrent

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [5/14/2009 3:47 PM 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [5/14/2009 3:49 PM 94360]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [5/28/2008 10:33 AM 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/28/2008 10:33 AM 55024]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [5/14/2009 3:47 PM 731840]
R2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\drivers\UBSBM.sys [7/27/2005 5:25 PM 14080]
R2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\drivers\UBUMAPI.sys [7/27/2005 5:25 PM 36352]
R3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\drivers\ubohci.sys [7/27/2005 5:25 PM 77056]
S3 mam4410c;mam4410c;c:\windows\system32\drivers\mam4410c.sys [5/30/2008 2:53 PM 24784]
S3 mam4410m;mam4410m;c:\windows\system32\drivers\mam4410m.sys [5/30/2008 2:53 PM 25044]
S3 mam4410u;mam4410u;c:\windows\system32\drivers\mam4410u.sys [5/30/2008 2:53 PM 52565]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/28/2008 10:33 AM 7408]
S3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [1/5/2009 7:39 AM 103936]
S3 SDTHOOK;SDTHOOK;c:\windows\system32\drivers\SDTHOOK.SYS [1/15/2008 12:14 AM 44928]
S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [4/16/2008 12:46 PM 16896]
S4 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe --> c:\program files\Webroot\Washer\WasherSvc.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{621FCD24-4498-4324-A81E-07D331376EDF}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder

2009-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1767777339-839522115-1003Core.job
- c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-09 20:41]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1767777339-839522115-1003UA.job
- c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-09 20:41]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
FF - ProfilePath - c:\documents and settings\Gus\Application Data\Mozilla\Firefox\Profiles\hmfnv7n5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\documents and settings\Gus\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\documents and settings\Gus\Application Data\Mozilla\Firefox\Profiles\hmfnv7n5.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07075003.dll
FF - plugin: c:\documents and settings\Gus\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbyond.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-30 12:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2000478354-1767777339-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:36,80,52,87,67,8d,3a,2a,e0,63,1c,1d,59,73,63,5b,0f,5b,8b,53,93,16,85,
09,21,6b,1e,37,44,cc,25,a4,d9,a5,22,86,07,d0,66,d8,81,13,b8,e9,b6,b7,b4,74,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50

[HKEY_USERS\S-1-5-21-2000478354-1767777339-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:d0,36,fc,95,6f,f6,2e,53,71,a7,33,1d,b2,6e,4e,a0,3b,30,1d,8c,f0,
6f,ae,94,74,05,44,10,58,68,d5,2b,7c,f0,49,6e,bc,67,97,b4,9f,b7,3b,f2,ec,0f,\
"rkeysecu"=hex:33,02,bd,07,eb,6b,14,8a,03,7a,1e,09,f6,94,3e,a4

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):fc,08,ce,fa,52,47,26,8d,1a,27,1f,ee,df,8c,dd,63,32,f6,a6,b5,d7,
be,88,59,29,ce,31,62,93,5c,19,de,79,d0,53,a6,e6,6e,fe,19,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):3b,cc,7e,a5,62,6a,68,7b,51,00,a1,2d,ce,0c,7f,ae,f3,76,1b,ed,69,
d3,cf,39,c6,cd,16,8f,bd,51,c0,db,b6,6d,4f,19,6d,ca,aa,75,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{994d1d4b-8133-48b6-ad7c-e17ee05c3a3b}]
@Denied: (Full) (Everyone)
"Model"=dword:00000162
"Therad"=dword:00000025
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,05,e2,1b,2b,9a,65,e8,ec,16,73,9f,4f,94,a3,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f58c4ed1-f8ac-4df7-a027-b35a1ead5e60}]
@Denied: (Full) (Everyone)
"Model"=dword:00000046
"Therad"=dword:00000016
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,3b,8a,0a,32,11,89,01,b5,6d,31,5c,83,bc,5f,58,b1,7a,34,ad,44,f4,57,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2284)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-08-30 12:38
ComboFix-quarantined-files.txt 2009-08-30 19:38
ComboFix2.txt 2009-08-26 03:31
ComboFix3.txt 2009-08-26 03:22
ComboFix4.txt 2009-08-14 07:22
ComboFix5.txt 2009-08-30 19:26

Pre-Run: 58,175,655,936 bytes free
Post-Run: 58,126,114,816 bytes free

511 --- E O F --- 2009-08-26 19:40

Hello.
The crack is gone, or at least the run value by the looks of it.

I would also uninstall uTorrent, had another user lately where torrent program was causing problems for them.

Let me know how it goes.

So your not seeing any viruses or malware

Hello.
Not really.

That kikin BHO looks a little weird to me, BHO/toolbars can do what they say they do and more. I can't find much on the kikin stuff other than one scan that doesn't find any malware, but I still wouldn't trust it.