'Hijack this' log for checking

[Monkton]

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-29 17:27 . 2009-11-13 22:15 -------- d-----w- c:\program files\Symantec AntiVirus
2010-01-29 13:14 . 2009-11-13 23:54 -------- d-----w- c:\documents and settings\Michael\Application Data\FileZilla
2010-01-29 12:50 . 2009-11-15 16:27 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-01-27 19:29 . 2009-12-22 13:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-26 22:15 . 2009-11-15 15:47 -------- d-----w- c:\program files\FileZilla FTP Client
2010-01-25 20:47 . 2009-11-30 10:27 -------- d-----w- c:\documents and settings\Michael\Application Data\.purple
2010-01-22 23:15 . 2009-11-16 09:07 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-22 22:59 . 2009-11-13 23:40 -------- d-----w- c:\program files\Common Files\Java
2010-01-22 13:19 . 2009-12-04 09:07 118576 ----a-w- c:\documents and settings\Michael\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-22 11:19 . 2009-11-13 21:16 80943 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-01-20 13:00 . 2010-01-20 11:36 114688 ----a-w- c:\windows\system32\OpenAL32.dll
2010-01-20 13:00 . 2009-11-13 22:56 409600 ----a-w- c:\windows\system32\wrap_oal.dll
2010-01-20 11:40 . 2009-11-13 21:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-20 10:51 . 2009-11-14 00:11 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 20:42 . 2009-12-15 12:10 -------- d--h--w- c:\documents and settings\All Users\Application Data\catalog.wci
2010-01-14 09:28 . 2009-11-13 23:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-07 16:07 . 2009-12-22 13:17 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 16:07 . 2009-12-22 13:17 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 18:06 . 2009-11-13 23:37 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-29 09:26 . 2009-12-29 09:26 1691 ----a-w- c:\documents and settings\Michael\Application Data\.purple\certificates\x509\tls_peers\api.screenname.aol.com
2009-12-22 13:17 . 2009-12-22 13:17 -------- d-----w- c:\documents and settings\Michael\Application Data\Malwarebytes
2009-12-22 13:17 . 2009-12-22 13:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-22 13:00 . 2009-12-22 13:00 -------- d-----w- c:\program files\Trend Micro
2009-12-21 19:14 . 2009-11-13 21:58 916480 ------w- c:\windows\system32\wininet.dll
2009-12-21 10:15 . 2009-12-21 10:14 -------- d-----w- c:\program files\Roxio
2009-12-21 10:15 . 2009-12-21 10:13 -------- d-----w- c:\program files\Common Files\Adaptec Shared
2009-12-21 10:15 . 2002-12-17 12:29 25898 ----a-w- c:\windows\system32\drivers\Dvd_2k.sys
2009-12-21 10:15 . 2002-12-17 12:29 30630 ----a-w- c:\windows\system32\drivers\Mmc_2k.sys
2009-12-21 10:15 . 2002-12-17 12:29 143834 ----a-w- c:\windows\system32\drivers\pwd_2K.sys
2009-12-21 10:15 . 2002-12-17 12:27 206464 ----a-w- c:\windows\system32\drivers\udfreadr_xp.sys
2009-12-21 10:15 . 2009-12-21 10:15 57344 ----a-w- c:\windows\uneng.exe
2009-12-15 22:21 . 2009-12-11 15:59 -------- d-----w- c:\documents and settings\Michael\Application Data\Trados
2009-12-15 12:10 . 2009-12-15 12:08 -------- d-----w- c:\program files\SmarThru Office
2009-12-15 12:09 . 2009-12-15 12:09 -------- d-----w- c:\documents and settings\Michael\Application Data\Samsung
2009-12-15 12:09 . 2009-12-15 12:09 -------- d-----w- c:\program files\Common Files\SRC Shared
2009-12-15 12:09 . 2009-11-17 21:33 -------- d-----w- c:\program files\Readiris10
2009-12-15 11:58 . 2009-11-17 21:30 -------- d-----w- c:\program files\SAMSUNG
2009-12-15 11:38 . 2009-12-15 11:38 -------- d-----w- c:\documents and settings\All Users\Application Data\SSScanAppDataDir
2009-12-15 11:38 . 2009-12-15 11:38 -------- d-----w- c:\documents and settings\All Users\Application Data\MSScanAppDataDir
2009-12-15 09:03 . 2009-11-15 18:27 -------- d-----w- c:\program files\ClipCount 2.0
2009-12-11 18:26 . 2009-11-20 00:10 86860 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-11 15:59 . 2009-11-15 19:55 -------- d-----w- c:\documents and settings\All Users\Application Data\SDL International
2009-12-09 23:17 . 2009-11-13 23:32 -------- d-----w- c:\program files\MSECache
2009-12-03 23:14 . 2009-11-18 08:59 -------- d-----w- c:\program files\Logitech
2009-11-30 10:28 . 2009-11-30 10:28 2141 ----a-w- c:\documents and settings\Michael\Application Data\.purple\certificates\x509\tls_peers\omega.contacts.msn.com
2009-11-30 10:28 . 2009-11-30 10:28 2095 ----a-w- c:\documents and settings\Michael\Application Data\.purple\certificates\x509\tls_peers\login.live.com
2009-11-21 15:51 . 2003-07-16 16:17 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-17 17:13 . 2009-11-17 17:13 82944 ----a-w- c:\windows\system32\usbkt1x1.dll
2009-11-17 17:13 . 2009-11-17 17:13 22304 ----a-w- c:\windows\system32\drivers\usbkt1x1.sys
2009-11-17 17:13 . 2009-11-17 17:13 13504 ----a-w- c:\windows\system32\drivers\uks11ldr.sys
2009-11-17 17:13 . 2009-11-17 17:14 724992 ----a-w- c:\windows\iun6002.exe
2009-11-16 09:07 . 2009-11-16 09:07 152576 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-16 09:06 . 2009-11-16 09:06 79488 ----a-w- c:\documents and settings\Michael\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-15 16:55 . 2009-11-15 16:52 28424003 ----a-w- C:\Wimtrad NG 3.10.13b.ZIP
2009-11-15 16:53 . 2009-11-15 16:52 6447991 ----a-w- C:\MOD_MU90_NEW_2009-10-28_11-07.zip
2009-11-13 21:13 . 2009-11-13 21:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-11-13 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-09-27 125168]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Acrobat Assistant 8.0"="c:\program files\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"STO Backup Service"="c:\program files\SmarThru Office\BackUpSvr.exe" [2009-07-17 86016]
"STO Launcher Service"="c:\program files\SmarThru Office\LegacyLauncher.exe" [2009-07-17 77824]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2006-08-16 503808]
"CTSysVol"="c:\program files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 49152]
"CTDVDDet"="c:\program files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 45056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
SDL Trados 2007 Speed Launcher.lnk - c:\program files\SDL International\SDL Trados Synergy 2007\Synergy.exe [2007-12-18 765952]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [15/01/2010 20:05 102448]
R3 USBKT1X1;M-Audio USB Keystation;c:\windows\system32\drivers\usbkt1x1.sys [17/11/2009 17:13 22304]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [27/09/2006 20:33 116464]
S3 UKS11LDR;M-Audio USB Keystation Loader;c:\windows\system32\drivers\uks11ldr.sys [17/11/2009 17:13 13504]
S3 ZD1211BU(3COM Corporation);3Com OfficeConnect Wireless 54Mbps 11g Compact USB Adapter(3COM Corporation);c:\windows\system32\drivers\ZD1211BU.sys [13/11/2009 22:12 477696]
S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\drivers\ZD1211BU.sys [13/11/2009 22:12 477696]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-29 17:29
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\docume~1\Michael\LOCALS~1\Temp\CTTB8.tmp 0 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(5724)
c:\windows\system32\WININET.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Analog Devices\SoundMAX\spkrmon.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Completion time: 2010-01-29 17:38:48 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-29 17:38
ComboFix2.txt 2010-01-28 14:52
ComboFix3.txt 2010-01-27 17:31

Pre-Run: 60,126,425,088 bytes free
Post-Run: 60,098,265,088 bytes free

- - End Of File - - 3A637FF88470BD8673D39AA8CE2BD851