ComboFix 10-02-22.07 - jurriejaan 23-02-2010  17:27:13.4.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.191.76 [GMT 1:00]
Running from: i:\programas\combofix\ComboFix.exe
.

(((((((((((((((((((((((((   Files Created from 2010-01-23 to 2010-02-23  )))))))))))))))))))))))))))))))
.

2010-02-23 16:23 . 2010-02-23 16:23	--------	d-----w-	c:\documents and settings\jurriejaan\Application Data\AVG8
2010-02-22 19:48 . 2010-02-22 19:48	25992	----a-w-	c:\windows\system32\pgdfgsvc.exe
2010-02-22 19:35 . 2010-02-22 19:35	--------	d-----w-	c:\documents and settings\jurriejaan\Application Data\OpenOffice.org
2010-02-22 19:16 . 2010-02-22 19:16	--------	d-----w-	c:\documents and settings\All Users\Application Data\Zylom
2010-02-22 17:40 . 2010-02-22 17:49	--------	d-----w-	C:\9627f740b0d98dce56470be7439f2f
2010-02-22 17:05 . 2010-02-22 17:05	--------	d-----w-	c:\windows\system32\XPSViewer
2010-02-22 17:05 . 2010-02-22 17:05	--------	d-----w-	c:\program files\MSBuild
2010-02-22 17:05 . 2010-02-22 17:05	--------	d-----w-	c:\program files\Reference Assemblies
2010-02-22 17:04 . 2008-07-06 12:06	89088	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-22 17:02 . 2008-07-06 12:06	89088	-c----w-	c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-22 17:02 . 2008-07-06 12:06	117760	------w-	c:\windows\system32\prntvpt.dll
2010-02-22 17:02 . 2008-07-06 10:50	597504	-c----w-	c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-22 17:02 . 2008-07-06 10:50	597504	------w-	c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-22 17:02 . 2008-07-06 12:06	575488	-c----w-	c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-22 17:02 . 2008-07-06 12:06	575488	------w-	c:\windows\system32\xpsshhdr.dll
2010-02-22 17:02 . 2008-07-06 12:06	1676288	-c----w-	c:\windows\system32\dllcache\xpssvcs.dll
2010-02-22 17:02 . 2008-07-06 12:06	1676288	------w-	c:\windows\system32\xpssvcs.dll
2010-02-22 17:02 . 2010-02-22 17:04	--------	d-----w-	C:\26c95f2f6a14beed329bc112379a93
2010-02-22 14:58 . 2010-02-22 14:58	--------	d-----w-	c:\program files\C-Media 3D Audio
2010-02-22 14:58 . 2003-08-05 13:23	266240	----a-w-	c:\windows\CMIUninstall.exe
2010-02-22 14:58 . 2003-07-22 10:15	225280	----a-w-	c:\windows\CmiRmRedundDir.exe
2010-02-22 14:58 . 2002-10-18 14:56	28672	----a-w-	c:\windows\CMIRmDriver.dll
2010-02-22 14:58 . 2010-02-22 14:58	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-02-22 14:57 . 2010-02-22 14:57	--------	d-----w-	c:\program files\Common Files\InstallShield
2010-02-21 23:12 . 2010-02-21 23:12	--------	d-----w-	c:\windows\system32\wbem\Repository
2010-02-21 20:03 . 2010-02-21 23:11	--------	d-----w-	c:\windows\system32\GroupPolicy
2010-02-21 17:55 . 2010-02-21 23:12	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-02-21 16:21 . 2010-02-21 16:21	12464	----a-w-	c:\windows\system32\avgrsstx(2).dll
2010-02-21 16:20 . 2010-02-21 22:29	--------	d-----w-	c:\windows\system32\drivers\Avg(2)
2010-02-21 16:20 . 2010-02-21 16:20	--------	d-----w-	c:\program files\AVG
2010-02-17 20:42 . 2010-02-17 20:42	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-02-17 17:16 . 2010-02-17 17:16	--------	d-----w-	c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-02-16 17:41 . 2008-04-14 00:12	221184	----a-w-	c:\windows\system32\wmpns.dll
2010-02-16 17:20 . 2010-02-16 17:20	--------	d-----w-	c:\documents and settings\jurriejaan\Application Data\TuneUp Software
2010-02-16 17:17 . 2010-02-17 17:38	--------	d-----w-	c:\program files\TuneUp Utilities 2010
2010-02-16 17:16 . 2010-02-17 17:40	--------	d-----w-	c:\documents and settings\All Users\Application Data\TuneUp Software
2010-02-16 17:14 . 2010-02-16 17:14	--------	d-sh--w-	c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-02-15 12:16 . 2009-08-06 18:23	274288	----a-w-	c:\windows\system32\mucltui.dll
2010-02-15 12:16 . 2009-08-06 18:23	215920	----a-w-	c:\windows\system32\muweb.dll
2010-02-14 21:07 . 2010-02-14 21:07	--------	d-----w-	c:\documents and settings\All Users\Application Data\Messenger Plus!
2010-02-14 19:05 . 2010-02-14 19:06	--------	d-----w-	c:\documents and settings\jurriejaan\Local Settings\Application Data\Temp
2010-02-14 19:05 . 2010-02-22 16:02	--------	d-----w-	c:\documents and settings\jurriejaan\Local Settings\Application Data\Google
2010-02-14 17:57 . 2010-02-14 17:57	--------	d-----w-	c:\program files\Trend Micro
2010-02-14 17:42 . 2010-02-14 17:42	--------	d-----w-	c:\documents and settings\jurriejaan\Application Data\Malwarebytes
2010-02-14 17:42 . 2010-02-14 17:42	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2010-02-14 17:33 . 2010-02-14 17:33	--------	d-----w-	c:\program files\MSECache
2010-02-14 17:25 . 2010-02-14 17:26	--------	d-----w-	c:\program files\OpenOffice.org 3
2010-02-14 17:10 . 2010-02-14 17:10	--------	d-----w-	c:\program files\CCleaner
2010-02-14 17:07 . 2010-02-14 21:19	--------	d-----w-	c:\documents and settings\jurriejaan\Application Data\vlc
2010-02-14 17:06 . 2010-02-14 17:06	--------	d-----w-	c:\program files\VideoLAN
2010-02-14 17:02 . 2010-02-14 17:02	--------	d-----w-	c:\program files\Messenger Plus! Live
2010-02-14 16:53 . 2010-02-23 16:22	--------	d-----w-	c:\documents and settings\jurriejaan\Tracing
2010-02-14 16:52 . 2010-02-22 17:51	--------	d-----w-	c:\program files\Microsoft
2010-02-14 16:51 . 2010-02-14 16:52	--------	d-----w-	c:\program files\Windows Live
2010-02-14 16:49 . 2010-02-14 16:49	--------	d-----w-	c:\program files\Common Files\Windows Live
2010-02-14 16:46 . 2010-02-14 16:46	61440	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1e5b7878-n\decora-sse.dll
2010-02-14 16:46 . 2010-02-14 16:46	503808	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1c406ad3-n\msvcp71.dll
2010-02-14 16:46 . 2010-02-14 16:46	348160	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1c406ad3-n\msvcr71.dll
2010-02-14 16:46 . 2010-02-14 16:46	12800	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1e5b7878-n\decora-d3d.dll
2010-02-14 16:46 . 2010-02-14 16:46	499712	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1c406ad3-n\jmc.dll
2010-02-14 16:46 . 2010-02-14 16:46	--------	d-----w-	c:\program files\Common Files\Java
2010-02-14 16:46 . 2010-02-22 17:26	664	----a-w-	c:\windows\system32\d3d9caps.dat
2010-02-14 16:46 . 2010-02-14 16:45	411368	----a-w-	c:\windows\system32\deploytk.dll
2010-02-14 16:45 . 2010-02-14 16:45	--------	d-----w-	c:\program files\Java
2010-02-14 15:52 . 2010-02-14 15:52	--------	d-----w-	c:\windows\system32\scripting
2010-02-14 15:52 . 2010-02-14 15:52	--------	d-----w-	c:\windows\l2schemas
2010-02-14 15:52 . 2010-02-14 15:52	--------	d-----w-	c:\windows\system32\en
2010-02-14 15:52 . 2010-02-14 15:52	--------	d-----w-	c:\windows\system32\bits
2010-02-14 15:35 . 2010-02-14 15:35	--------	d-sh--w-	c:\documents and settings\jurriejaan\IECompatCache
2010-02-14 15:33 . 2010-02-14 15:33	--------	d-sh--w-	c:\documents and settings\jurriejaan\PrivacIE
2010-02-14 15:29 . 2010-02-14 15:29	--------	d-sh--w-	c:\documents and settings\jurriejaan\IETldCache
2010-02-14 15:22 . 2009-12-11 08:38	69120	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2010-02-14 15:22 . 2010-02-16 17:39	--------	d-----w-	c:\windows\ie8updates
2010-02-14 15:21 . 2009-12-21 19:14	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2010-02-14 15:21 . 2009-12-21 19:14	594432	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2010-02-14 15:21 . 2009-12-21 19:14	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-14 15:21 . 2009-12-21 19:14	246272	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2010-02-14 15:21 . 2009-12-21 19:14	1985536	-c----w-	c:\windows\system32\dllcache\iertutil.dll
2010-02-14 15:21 . 2009-12-21 19:14	11070464	-c----w-	c:\windows\system32\dllcache\ieframe.dll
2010-02-14 15:20 . 2010-02-14 15:21	--------	dc-h--w-	c:\windows\ie8

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-22 17:21 . 2010-02-14 09:14	17864	----a-w-	c:\documents and settings\jurriejaan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-14 15:57 . 2010-02-14 09:05	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-14 09:19 . 2010-02-14 09:19	--------	d-----w-	c:\program files\Alwil Software
2010-02-14 09:07 . 2010-02-14 09:07	--------	d-----w-	c:\program files\microsoft frontpage
2010-02-14 09:03 . 2010-02-14 09:03	21640	----a-w-	c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-04 12:00	353792	----a-w-	c:\windows\system32\drivers\srv.sys
2009-12-22 05:35 . 2009-12-22 05:35	81920	------w-	c:\windows\system32\ieencode.dll
2009-12-21 19:14 . 2004-08-04 12:00	916480	------w-	c:\windows\system32\wininet.dll
2009-12-16 18:43 . 2010-02-14 09:02	343040	----a-w-	c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2004-08-04 12:00	33280	----a-w-	c:\windows\system32\csrsrv.dll
2009-12-08 19:27 . 2004-08-04 12:00	2189184	------w-	c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 2004-08-03 22:59	2066048	------w-	c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2004-08-04 12:00	455424	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:11 . 2004-08-04 12:00	1291776	----a-w-	c:\windows\system32\quartz.dll
2009-11-27 17:11 . 2004-08-04 00:56	17920	----a-w-	c:\windows\system32\msyuv.dll
2009-11-27 16:07 . 2004-08-04 12:00	28672	----a-w-	c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2001-08-17 22:36	8704	----a-w-	c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2004-08-04 12:00	84992	----a-w-	c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2004-08-04 12:00	11264	----a-w-	c:\windows\system32\msrle32.dll
2009-11-27 16:07 . 2004-08-04 00:56	48128	----a-w-	c:\windows\system32\iyuv_32.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.nl/
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-23 17:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(612)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2010-02-23  17:34:36
ComboFix-quarantined-files.txt  2010-02-23 16:34
ComboFix2.txt  2010-02-22 20:16

Pre-Run: 67.660.468.224 bytes free
Post-Run: 67.656.323.072 bytes free

- - End Of File - - E9415B30074369463D1A85F9077C4E6E