Inactive [InActive] Hijacking of Google search links

I have been having a problem with Google as well as Yahoo! in regards to when I do a search all the links go to ads or something completely unrelated to the title that is describing the link. I have resolved the main issue by reading an earlier post and using ComboFix. I am attaching the info.txt file generated by RSIT. I will post the log.txt from RSIT and ComboFix.txt file for review in another post on this topic since it seems to make this posting to big.

Here is the info.txt information:
info.txt logfile of random's system information tool 1.04 2008-12-10 15:08:04

======Uninstall list======

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
Acronis*True*Image-->C:\Program Files\Acronis\TrueImage\uninstall.exe
ActiveState Komodo Professional 2.5.1-->MsiExec.exe /I{5050F957-038C-40BE-8C30-ED84F73EF51F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Advanced Query Tool V8.2.4-->MsiExec.exe /I{DE34894A-8ECA-4DBF-BE01-46EC44982B90}
Amazing Adventures Around the World-->C:\Program Files\Amazing Adventures Around the World\uninstall.exe
AOLIcon-->MsiExec.exe /I{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}
Apogee--> "C:\Program Files\Apogee\RockSim\UninstallerData\Uninstall Apogee Components RockSim.exe "
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoBase 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}\setup.exe" -l0x9 -uninst
ArcSoft PhotoStudio 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}\setup.exe" -l0x9 -uninst
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Camtasia Studio 4-->MsiExec.exe /I{1C6D9FD0-8BE2-4226-8D9F-4929CBC1C396}
Canon Camera Access Library--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CAL\Uninst.ini "
Canon Camera Support Core Library--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CSCLIB\Uninst.ini "
Canon Camera Window DC_DV 5 for ZoomBrowser EX--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC\Uninst.ini "
Canon Camera Window DC_DV 6 for ZoomBrowser EX--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini "
Canon Camera Window MC 6 for ZoomBrowser EX--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowMC\Uninst.ini "
Canon CanoScan Toolbox 4.0-->C:\WINDOWS\IsUninst.exe -f "C:\Program Files\Canon\CanoScan Toolbox Ver4.0\Uninst.isu" -c "C:\Program Files\Canon\CanoScan Toolbox Ver4.0\uninst.dll "
Canon G.726 WMP-Decoder--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini "
Canon MovieEdit Task for ZoomBrowser EX--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini "
Canon RAW Image Task for ZoomBrowser EX--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini "
Canon RemoteCapture Task for ZoomBrowser EX--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini "
Canon Utilities EOS Utility--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini "
Canon Utilities PhotoStitch--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini "
Canon Utilities ZoomBrowser EX--> "C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini "
CanoScan LiDE20,30 Manual-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B360A8E5-C171-4AAE-9777-65B3CDB0072C}\setup.exe" -l0x9
Canvas X-->MsiExec.exe /I{7D87B924-ECA2-40BB-8788-689B6B790469}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Crystal Reports Basic for Visual Studio 2008-->MsiExec.exe /X{AA467959-A1D6-4F45-90CD-11DC57733F32}
DataFit 8.0-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\DataFit\ST6UNST.LOG"
Dell CinePlayer-->MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell Digital Jukebox Driver-->C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Support 3.2.1-->MsiExec.exe /X{CEE2252C-4035-4B27-8EC6-0B085DD3A413}
Dell Support Center (Support Software)-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
DellConnect-->MsiExec.exe /X{52D56C42-8C69-4882-A661-39695537C9CF}
Digital Content Portal-->MsiExec.exe /I{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}
Documentation & Support Launcher-->MsiExec.exe /X{B0DF58A2-40DF-4465-AA56-38623EC9938C}
DVD-CLONER V5.60 Build 973--> "C:\Program Files\Dvd-cloner\unins000.exe "
EC Software TNT Screen Capture 2.0 (EVALUATION VERSION)--> "C:\Program Files\TNT\unins000.exe "
EducateU-->MsiExec.exe /I{A683A2C0-821C-486F-858C-FA634DB5E864}
ELIcon-->MsiExec.exe /I{4667B940-BB01-428B-986E-A0CC46497BF7}
ESPNMotion-->C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
Fisher-Price Petshop-->C:\WINDOWS\UninstPetshop.exe
Games, Music, & Photos Launcher-->MsiExec.exe /X{B6884A07-0305-47AE-9969-8F26FADC17DE}
GDR 3068 for SQL Server Database Services 2005 ENU (KB948109)-->C:\WINDOWS\SQL9_KB948109_ENU\Hotfix.exe /Uninstall
GDR 3068 for SQL Server Tools and Workstation Components 2005 ENU (KB948109)-->C:\WINDOWS\SQLTools9_KB948109_ENU\Hotfix.exe /Uninstall
GemMaster Mystic--> "C:\Program Files\GemMaster\uninstallgemmaster.exe "
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll "
Google Updater--> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB952241)-->C:\WINDOWS\system32\msiexec.exe /package {D7DAD1E4-45F4-3B2B-899A-EA728167EC4F} /uninstall {DC93B23E-0882-46A9-B45F-3B6F279EFB39} /qb+ REBOOTPROMPT=" "
Hotfix for Windows Internet Explorer 7 (KB947864)--> "C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe "
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 10 (KB903157)--> "C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 11 (KB939683)--> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB915800-v4)--> "C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
hp photosmart printer series (Remove only)-->C:\Program Files\hp photosmart\printer\hphuni03.exe
Intel(R) Matrix Storage Manager-->C:\WINDOWS\System32\Imsmudlg.exe
Intel(R) Quick Resume Technology Drivers-->C:\WINDOWS\System32\Elusetup.exe
Intel® Viivâ„¢ Software-->MsiExec.exe /X{7EAB1D85-7BA3-47C1-BBF7-A0EBC241DB94}
Intelinet 3.1.0--> "C:\Program Files\Intelinet\unins000.exe "
Internet Service Offers Launcher-->MsiExec.exe /X{E42BD75A-FC23-4E3F-9F91-2658334C644F}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Jewel Quest Mysteries - Curse of the Emerald Tear-->C:\Program Files\Jewel Quest Mysteries - Curse of the Emerald Tear\uninstall.exe
JpegSizer 6.0.5--> "C:\Program Files\JpegSizer 6\unins000.exe "
KineticaRT.Controls.XYGraph.Demonstration-->MsiExec.exe /I{471C7D04-9E99-484F-868F-D98DB97B8AB4}
Mahjong Escape - Ancient Japan-->C:\Program Files\Mahjong Escape - Ancient Japan\uninstall.exe
Microsoft .NET Framework 1.1 Hotfix (KB928366)--> "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp "
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Compression Client Pack 1.0 for Windows XP--> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft Device Emulator version 3.0 - ENU-->MsiExec.exe /X{B32E7732-B2FB-3FD0-81AC-6025B1104C66}
Microsoft Document Explorer 2005-->C:\Program Files\Common Files\Microsoft Shared\Help 8\Microsoft Document Explorer 2005\install.exe
Microsoft Document Explorer 2005-->MsiExec.exe /X{44D4AF75-6870-41F5-9181-662EA05507E1}
Microsoft Document Explorer 2008-->C:\Program Files\Common Files\Microsoft Shared\Help 9\Microsoft Document Explorer 2008\install.exe
Microsoft Document Explorer 2008-->MsiExec.exe /X{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Visual Web Developer 2007-->MsiExec.exe /X{90120000-0021-0000-0000-0000000FF1CE}
Microsoft Office Visual Web Developer MUI (English) 2007-->MsiExec.exe /X{90120000-0021-0409-0000-0000000FF1CE}
Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools-->MsiExec.exe /X{1389C6A4-4965-4AEC-9175-08B54A10FA48}
Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server 2005--> "C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Compact 3.5 Design Tools ENU-->MsiExec.exe /X{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}
Microsoft SQL Server Compact 3.5 ENU-->MsiExec.exe /I{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}
Microsoft SQL Server Compact 3.5 for Devices ENU-->MsiExec.exe /I{241F2BF7-69EB-42A4-9156-96B2426C7504}
Microsoft SQL Server Database Publishing Wizard 1.2-->MsiExec.exe /X{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}
Microsoft SQL Server Native Client-->MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft User-Mode Driver Framework Feature Pack 1.0--> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual J# 2.0 Redistributable Package-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {D93F9C7C-AB57-44C8-BAD6-1494674BCAF7} /package {437AB8E0-FB69-4222-B280-A64F3DE22591}
Microsoft Visual Studio 2005 Professional Edition - ENU-->C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Studio 2005 Professional Edition - ENU\setup.exe
Microsoft Visual Studio 2005 Tools for Office Runtime-->MsiExec.exe /X{388E4B09-3E71-4649-8921-F44A3A2954A7}
Microsoft Visual Studio 2008 Professional Edition - ENU-->C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Studio 2008 Professional Edition - ENU\setup.exe
Microsoft Visual Studio Web Authoring Component--> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISUALWEBDEVELOPER /dll OSETUP.DLL
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools-->MsiExec.exe /X{05EC21B8-4593-3037-A781-A6B5AFFCB19D}
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries-->MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense-->MsiExec.exe /X{64c5b887-b5ee-42b8-8596-78905a6b5f1f}
Microsoft Windows SDK for Visual Studio 2008 Tools-->MsiExec.exe /X{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools-->MsiExec.exe /X{B268E9A1-04A9-40D0-9866-846BE2B74BA7}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
MobileMe Control Panel-->MsiExec.exe /I{6DA9102E-199F-43A0-A36B-6EF48081A658}
MSDN Library for Visual Studio 2008 - ENU-->C:\Program Files\MSDN\MSDN9.0\MSDN Library for Visual Studio 2008 - ENU\setup.exe
MSDN Library for Visual Studio 2008 - ENU-->MsiExec.exe /X{3A762A82-618D-3CAA-B847-D074ABFA0B2E}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Musicmatch® Jukebox-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst
MySQL Connector Net 5.1.2-->MsiExec.exe /I{5FD88490-011C-4DF1-B886-F298D955171B}
MySQL Connector/Net 1.0.10.1--> "C:\Program Files\MySQL\MySQL Connector Net 1.0.10.1\unins000.exe "
MySQL Server 5.0-->MsiExec.exe /I{8AA037A8-E104-493A-A962-8D58535A0198}
Mythic Mahjong-->C:\Program Files\Mythic Mahjong\uninstall.exe
Netflix Movie Viewer-->MsiExec.exe /X{BCE72AED-3332-4863-9567-C5DCB9052CA2}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OmniPage SE-->MsiExec.exe /I{6249C22D-E6A8-407B-BA8B-40298848ED94}
Open XML Editor 1.4-->MsiExec.exe /I{723A71DF-141B-48D7-AB57-6116C54E4C4B}
Otto--> "C:\Program Files\EnglishOtto\uninstallotto.exe "
PowerDVD--> "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x000409 /z-uninstall
PrimoPDF Redistribution Package-->MsiExec.exe /I{885744A4-1A01-44B0-858A-0AE6738CBCF7}
PrimoPDF--> "C:\WINDOWS\PrimoPDF\uninstall.exe" "/U:C:\Program Files\activePDF\PrimoPDF\Uninstall\uninstall.xml "
ProEssentials v6-->C:\PROESS~1\VB\UNWISE.EXE C:\PROESS~1\VB\INSTALL.LOG
Protected Music Converter 0.99b--> "C:\Program Files\WMA-MP3.com\Protected Music Converter\unins000.exe "
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
RASAero-->MsiExec.exe /I{94A718E4-117A-4BB5-A375-948A588D7727}
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Safari-->MsiExec.exe /I{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}
SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0021-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0021-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0021-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB937061)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {94E2AAC1-CAE5-4F73-B0D1-C471BA1F8E2A} /package {437AB8E0-FB69-4222-B280-A64F3DE22591}
Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB947738)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {66DA9ADD-B1C4-4891-84D6-706E216B411B} /package {437AB8E0-FB69-4222-B280-A64F3DE22591}
Security Update for Windows Internet Explorer 7 (KB933566)--> "C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB937143)--> "C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB938127)--> "C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB939653)--> "C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB942615)--> "C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB944533)--> "C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB950759)--> "C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB953838)--> "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB958215)--> "C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe "
Security Update for Windows Media Player (KB952069)--> "C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB917734)--> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe "
Security Update for Windows Media Player 10 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB954154)--> "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950760)--> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376)--> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953839)--> "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954459)--> "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954600)--> "C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956802)--> "C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
Skypeâ„¢ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sonic Activation Module-->MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Switch-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
UltraEdit-32--> "C:\Program Files\IDM Computer Solutions\UltraEdit-32\Uninstall.exe" "C:\Program Files\IDM Computer Solutions\UltraEdit-32\ueinstall.log" -u
UltraVNC 1.0.5--> "C:\Program Files\UltraVNC\unins001.exe "
UltraVNC v1.0.2--> "C:\Program Files\UltraVNC\unins000.exe "
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0021-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Windows Media Player 10 (KB913800)--> "C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe "
Update for Windows Media Player 10 (KB926251)--> "C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe "
Update for Windows XP (KB943729)--> "C:\WINDOWS\$NtUninstallKB943729$\spuninst\spuninst.exe "
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
Update for Windows XP (KB955839)--> "C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe "
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll "
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Visual Studio 2005 Tools for Office Second Edition Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\8.0\Microsoft Visual Studio 2005 Tools for Office Runtime\install.exe
Visual Studio Tools for the Office system 3.0 Runtime-->C:\Program Files\Common Files\Microsoft Shared\VSTO\9.0\Visual Studio Tools for the Office system 3.0 Runtime\install.exe
Visual Studio Tools for the Office system 3.0 Runtime-->MsiExec.exe /X{8FB53850-246A-3507-8ADE-0060093FFEA6}
Windows Imaging Component--> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll ",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]-->C:\WINDOWS\$NtUninstallEmeraldQFE2$\spuninst\spuninst.exe
Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
Windows Mobile 5.0 SDK R2 for Pocket PC-->MsiExec.exe /I{6C9F6D23-E9AD-43C9-B43A-011562AAF876}
Windows Mobile 5.0 SDK R2 for Smartphone-->MsiExec.exe /I{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}
Windows Search 4.0--> "C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe "
Windows XP Media Center Edition 2005 KB908246--> "C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe "
Windows XP Media Center Edition 2005 KB925766--> "C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
WinZip--> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail-->C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Security center information======

AV: AVG Anti-Virus Free

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Intel\DMIX;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\ActiveState Komodo 2.5;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\IDM Computer Solutions\UltraEdit-32;C:\Program Files\QuickTime\QTSystem
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=6
"PROCESSOR_IDENTIFIER "=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION "=0f06
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"SonicCentral "=C:\Program Files\Common Files\Sonic Shared\Sonic Central\
"VS80COMNTOOLS "=C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\
"VS90COMNTOOLS "=C:\Program Files\Microsoft Visual Studio 9.0\Common7\Tools\
"CLASSPATH "=.;C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip
"QTJAVA "=C:\Program Files\Java\jre1.5.0_06\lib\ext\QTJava.zip

-----------------EOF-----------------

 

Here is the log.txt file:
Logfile of random's system information tool 1.04 (written by random/random)
Run by William Beggs at 2008-12-10 15:07:55
Microsoft Windows XP Professional Service Pack 3
System drive C: has 185 GB (79%) free of 234 GB
Total RAM: 3070 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:08:02 PM, on 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Magic Touch USB\tsmapper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Intelinet\intelin2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\William Beggs\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\William Beggs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/ymj/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Suggest - {5A263CF7-56A6-4D68-A8CF-345BE45BC911} - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Acronis*True*Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe "
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe "
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [TS_Mapper] C:\Program Files\Magic Touch USB\tsmapper.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TouchScreen] C:\Program Files\Magic Touch USB\touchusb.exe /c
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe "
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe "
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe "
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Intelinet] C:\Program Files\Intelinet\Intelinet.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Amazing%20Adventures%20Around%20the%20World/Images/stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} (SkillGam Control) - http://www.worldwinner.com/games/v47/skillgam/skillgam.cab
O16 - DPF: {1B635021-8269-11D8-9E2B-004005A9ABD2} (TX - Text Control) - https://sp.phs.org/prx/000/http/softmedweb1/esaweb/TX.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1199908254765
O16 - DPF: {80DC1772-21EF-11D4-B9DE-0008C7CB5F59} (WebRTFProj.WebRTF) - https://sp.phs.org/prx/000/http/softmedweb1/esaweb/WebRTF.CAB
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: IntelinetSecure - Unknown owner - C:\Program Files\Intelinet\intelin2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

--
End of file - 13124 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-03-20 803864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-11-05 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A263CF7-56A6-4D68-A8CF-345BE45BC911}]
Yahoo! IE Suggest - C:\Program Files\Yahoo!\Search\YSearchSuggest.dll [2007-02-23 140840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 198136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-09-08 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-10-09 2549368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-11 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\BAE\BAE.dll [2006-12-08 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-03-20 803864]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-10-09 2549368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray "=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"SigmatelSysTrayApp "=C:\WINDOWS\stsystra.exe [2006-07-24 282624]
"IAAnotif "=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2006-07-06 151552]
"DMXLauncher "=C:\Program Files\Dell\Media Experience\DMXLauncher.exe [2005-10-05 94208]
"ISUSPM Startup "=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]
"ISUSScheduler "=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]
"DLA "=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-09-08 122940]
"Acronis*True*Image Monitor "=C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe [2007-06-27 423258]
"Acronis Scheduler2 Service "=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-06-27 90112]
"HPDJ Taskbar Utility "=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2006-01-12 196608]
"HPHmon03 "=C:\WINDOWS\system32\hphmon03.exe [2006-01-12 311296]
"TS_Mapper "=C:\Program Files\Magic Touch USB\tsmapper.exe [2007-02-07 166912]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2007-09-17 8491008]
"nwiz "=nwiz.exe /install []
"NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2007-09-17 81920]
"TouchScreen "=C:\Program Files\Magic Touch USB\touchusb.exe [2007-02-07 281600]
"Omnipage "=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe [2002-02-20 49152]
"dscactivate "=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-10-09 16384]
"RemoteControl "=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut "=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"DellSupportCenter "=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"AppleSyncNotifier "=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-27 1261336]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSupport "=C:\Program Files\Dell Support\DSAgnt.exe [2006-08-28 395776]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"swg "=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-22 68856]
"DellSupportCenter "=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-04 1809648]
"Intelinet "=C:\Program Files\Intelinet\Intelinet.exe [2008-11-05 7382296]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-03 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"InstallVisualStyle "=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme "=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=323
"NoDrives "=0
"NoDriveAutoRun "=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=
"NoDriveAutoRun "=
"NoDriveTypeAutoRun "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe "= "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD "
"C:\Program Files\Skype\Phone\Skype.exe "= "C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Program Files\Bonjour\mDNSResponder.exe "= "C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
"C:\Program Files\UltraVNC\vncviewer.exe "= "C:\Program Files\UltraVNC\vncviewer.exe:*:Enabled:vncviewer.exe "
"C:\Program Files\AVG\AVG8\avgupd.exe "= "C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "
"C:\Program Files\iTunes\iTunes.exe "= "C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe "= "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL "
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe "= "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL "
"C:\Program Files\America Online 9.0\waol.exe "= "C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======File associations======

.ini - open - "C:\Program Files\IDM Computer Solutions\UltraEdit-32\uedit32.exe" "%1 "
.js - edit -
.js - open - "C:\Program Files\IDM Computer Solutions\UltraEdit-32\uedit32.exe" "%1 "
.txt - open - "C:\Program Files\IDM Computer Solutions\UltraEdit-32\uedit32.exe" "%1 "

======List of files/folders created in the last 3 months======

2008-12-10 15:07:55 ----D---- C:\rsit
2008-12-10 13:32:28 ----A---- C:\ComboFix.txt
2008-12-10 13:03:09 ----A---- C:\Boot.bak
2008-12-10 13:02:51 ----D---- C:\cmdcons
2008-12-10 13:01:32 ----A---- C:\WINDOWS\zip.exe
2008-12-10 13:01:32 ----A---- C:\WINDOWS\VFIND.exe
2008-12-10 13:01:32 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-10 13:01:32 ----A---- C:\WINDOWS\SWSC.exe
2008-12-10 13:01:32 ----A---- C:\WINDOWS\SWREG.exe
2008-12-10 13:01:32 ----A---- C:\WINDOWS\sed.exe
2008-12-10 13:01:32 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-10 13:01:32 ----A---- C:\WINDOWS\grep.exe
2008-12-10 13:01:32 ----A---- C:\WINDOWS\fdsv.exe
2008-12-10 13:01:27 ----D---- C:\WINDOWS\ERDNT
2008-12-10 13:01:27 ----D---- C:\Qoobox
2008-12-10 12:36:22 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-10 12:33:47 ----D---- C:\WINDOWS\pss
2008-12-09 13:22:15 ----D---- C:\Program Files\Intelinet
2008-12-09 12:45:50 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-09 12:42:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-09 12:42:27 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-09 12:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-09 11:14:23 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-09 11:14:11 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-09 11:14:11 ----D---- C:\Documents and Settings\William Beggs\Application Data\SUPERAntiSpyware.com
2008-12-09 11:13:48 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-09 10:13:09 ----D---- C:\Program Files\iPod
2008-12-09 10:13:05 ----D---- C:\Program Files\iTunes
2008-12-09 10:13:05 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-16 17:22:35 ----D---- C:\Documents and Settings\William Beggs\Application Data\SpinTop Games
2008-11-16 17:22:17 ----D---- C:\Program Files\Amazing Adventures Around the World
2008-11-16 16:06:46 ----D---- C:\Documents and Settings\William Beggs\Application Data\iWin
2008-11-16 16:06:02 ----D---- C:\Program Files\Jewel Quest Mysteries - Curse of the Emerald Tear
2008-11-15 13:41:50 ----D---- C:\Program Files\Mythic Mahjong
2008-11-13 18:38:01 ----D---- C:\Documents and Settings\All Users\Application Data\JollyBear
2008-11-13 18:37:26 ----D---- C:\Program Files\Mahjong Escape - Ancient Japan
2008-11-13 18:37:26 ----D---- C:\Documents and Settings\William Beggs\Application Data\SpinTop
2008-11-12 09:20:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 09:20:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-12 09:18:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-06 15:53:37 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2008-11-06 08:56:16 ----D---- C:\Program Files\Adobe
2008-11-05 11:21:14 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-11-05 11:20:54 ----D---- C:\Program Files\AVG
2008-10-30 15:02:13 ----D---- C:\_Projects_10232008
2008-10-27 08:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-23 22:39:03 ----HD---- C:\$AVG8.VAULT$
2008-10-23 21:40:16 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-20 15:54:14 ----D---- C:\Documents and Settings\William Beggs\Application Data\Windows Search
2008-10-20 15:53:05 ----D---- C:\Documents and Settings\William Beggs\Application Data\Windows Desktop Search
2008-10-20 15:52:33 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-10-20 15:52:33 ----D---- C:\Program Files\Windows Desktop Search
2008-10-20 15:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2008-10-20 15:52:09 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-10-20 09:06:58 ----D---- C:\TopClassII_Project
2008-10-18 19:19:42 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-10-18 19:19:24 ----D---- C:\Program Files\Common Files\iS3
2008-10-18 19:19:23 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-10-18 17:40:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-18 17:40:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-18 17:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-18 17:39:06 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-18 17:38:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-05 16:34:50 ----A---- C:\WINDOWS\system32\mv2.dll
2008-10-01 17:17:34 ----A---- C:\WINDOWS\SIERRA.INI
2008-10-01 17:17:27 ----A---- C:\WINDOWS\UninstPetshop.exe
2008-10-01 17:17:26 ----D---- C:\Program Files\Fisher-Price®
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-09-30 14:12:49 ----D---- C:\Program Files\RASAero
2008-09-30 06:20:02 ----A---- C:\WINDOWS\PUZZLES.INI
2008-09-24 21:52:33 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-09-19 12:15:02 ----D---- C:\Program Files\Safari
2008-09-19 12:05:29 ----D---- C:\Program Files\Bonjour
2008-09-12 16:02:37 ----A---- C:\WINDOWS\CSTBox.INI
2008-09-11 22:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-11 22:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-11 15:00:17 ----D---- C:\_CLU

======List of files/folders modified in the last 3 months======

2008-12-10 15:08:02 ----D---- C:\WINDOWS\Temp
2008-12-10 15:07:57 ----D---- C:\WINDOWS\Prefetch
2008-12-10 13:32:34 ----D---- C:\WINDOWS\system32
2008-12-10 13:32:33 ----D---- C:\WINDOWS\system32\drivers
2008-12-10 13:32:31 ----D---- C:\WINDOWS
2008-12-10 13:21:54 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-10 13:21:54 ----D---- C:\WINDOWS\Registration
2008-12-10 13:13:58 ----D---- C:\WINDOWS\system32\config
2008-12-10 13:08:30 ----D---- C:\Program Files\Common Files
2008-12-10 13:08:29 ----D---- C:\WINDOWS\AppPatch
2008-12-10 13:03:09 ----RASH---- C:\boot.ini
2008-12-10 13:01:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-10 12:38:09 ----A---- C:\WINDOWS\win.ini
2008-12-10 12:38:09 ----A---- C:\WINDOWS\SYSTEM.INI
2008-12-09 21:03:47 ----D---- C:\Program Files\Trend Micro
2008-12-09 16:26:03 ----D---- C:\i386
2008-12-09 16:26:03 ----D---- C:\dell
2008-12-09 15:34:37 ----A---- C:\WINDOWS\ROCKSIM.INI
2008-12-09 13:56:28 ----D---- C:\Program Files
2008-12-09 13:27:23 ----D---- C:\WINDOWS\system32\wbem
2008-12-09 13:27:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-09 13:12:09 ----HD---- C:\WINDOWS\inf
2008-12-09 13:09:34 ----D---- C:\Program Files\Internet Explorer
2008-12-09 12:43:43 ----SHD---- C:\WINDOWS\Installer
2008-12-09 12:43:41 ----SHD---- C:\Config.Msi
2008-12-09 12:42:53 ----A---- C:\WINDOWS\imsins.BAK
2008-12-09 12:42:47 ----SHD---- C:\WINDOWS\system32\dllcache
2008-12-09 12:42:40 ----D---- C:\WINDOWS\ie7updates
2008-12-09 12:42:36 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-09 10:24:28 ----D---- C:\Program Files\Google
2008-12-09 10:11:29 ----D---- C:\Program Files\QuickTime
2008-12-09 10:10:31 ----D---- C:\Program Files\Common Files\Apple
2008-12-08 15:40:36 ----D---- C:\Program Files\Apogee
2008-12-07 22:23:39 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-07 15:09:09 ----D---- C:\Rocketry
2008-12-07 15:03:39 ----D---- C:\Documents and Settings\William Beggs\Application Data\ZoomBrowser EX
2008-12-07 14:59:56 ----D---- C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2008-12-05 09:30:33 ----D---- C:\Personal
2008-12-04 09:04:00 ----D---- C:\TCG
2008-12-02 14:26:30 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-28 17:11:59 ----D---- C:\Documents and Settings\William Beggs\Application Data\Canon
2008-11-22 11:55:31 ----D---- C:\WINDOWS\Help
2008-11-16 18:23:35 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-12 09:18:21 ----D---- C:\WINDOWS\WinSxS
2008-11-10 13:53:53 ----D---- C:\Program Files\Infogrames Interactive
2008-11-10 13:53:51 ----A---- C:\WINDOWS\hegames.ini
2008-11-10 13:53:08 ----D---- C:\WINDOWS\occache
2008-11-10 13:52:39 ----A---- C:\WINDOWS\7thlevel.ini
2008-11-10 13:52:22 ----A---- C:\WINDOWS\ka.ini
2008-11-06 09:02:01 ----D---- C:\Documents and Settings\William Beggs\Application Data\U3
2008-11-06 09:00:24 ----D---- C:\Download
2008-11-06 08:56:30 ----D---- C:\Program Files\Common Files\Adobe
2008-11-06 08:56:21 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-05 09:09:16 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-05 09:09:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-04 13:50:41 ----D---- C:\Program Files\Dvd-cloner
2008-11-03 10:58:10 ----D---- C:\XYGraphDemo2
2008-11-01 08:03:17 ----D---- C:\FCAD32V6
2008-10-23 23:03:51 ----D---- C:\Program Files\DIGStream
2008-10-23 21:40:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-23 05:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-23 03:06:59 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-10-20 16:51:20 ----D---- C:\Program Files\UltraVNC
2008-10-20 15:52:44 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-20 15:52:35 ----D---- C:\WINDOWS\system32\en-US
2008-10-20 10:16:21 ----D---- C:\Program Files\Messenger
2008-10-18 17:47:29 ----D---- C:\WINDOWS\Minidump
2008-10-17 02:08:40 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-16 13:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-16 13:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-10-16 13:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-16 13:38:39 ----A---- C:\WINDOWS\system32\url.dll
2008-10-16 13:38:39 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-10-16 13:38:39 ----A---- C:\WINDOWS\system32\occache.dll
2008-10-16 13:38:39 ----A---- C:\WINDOWS\system32\mstime.dll
2008-10-16 13:38:38 ----A---- C:\WINDOWS\system32\msrating.dll
2008-10-16 13:38:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-10-16 13:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-16 13:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-10-16 13:38:37 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-10-16 13:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-10-16 13:38:37 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-10-16 13:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-16 13:38:35 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-10-16 13:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-10-16 13:38:35 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-10-16 13:38:35 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-10-16 13:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
2008-10-16 13:38:35 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-10-16 13:38:34 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-10-16 13:38:34 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-16 13:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
2008-10-16 06:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-10-16 06:11:09 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-10-15 09:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 00:04:53 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-10-12 11:53:17 ----D---- C:\TopClassII_Project_old
2008-10-10 12:08:15 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-10-10 08:08:53 ----D---- C:\Program Files\Yahoo!
2008-10-10 07:07:26 ----D---- C:\The Girls Web Page
2008-10-08 13:32:16 ----D---- C:\_MySQL
2008-10-03 03:02:42 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-09-30 11:17:17 ----D---- C:\Program Files\Advanced Query Tool
2008-09-30 06:20:02 ----D---- C:\WINDOWS\system
2008-09-30 06:09:13 ----D---- C:\HEGames
2008-09-25 09:46:59 ----D---- C:\Sydney Financial
2008-09-19 12:18:11 ----D---- C:\Documents and Settings\William Beggs\Application Data\Apple Computer
2008-09-17 18:27:54 ----D---- C:\My Professional Business Cards 5.0 (1 cd)
2008-09-17 18:27:52 ----D---- C:\Images
2008-09-11 22:40:31 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-11 22:38:43 ----RSD---- C:\WINDOWS\assembly
2008-09-11 22:37:16 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-11 22:30:10 ----D---- C:\Program Files\Microsoft Works
2008-09-11 20:53:08 ----D---- C:\DataPlotterTest

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-11-05 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-11-05 26824]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 ELhid;EL hid Service; \??\C:\WINDOWS\System32\Drivers\Elhid.sys []
R1 ELkbd;EL KB Service; \??\C:\WINDOWS\System32\Drivers\Elkbd.sys []
R1 ELmon;EL Monitor Service; \??\C:\WINDOWS\System32\Drivers\Elmon.sys []
R1 ELmou;EL Mouse Service; \??\C:\WINDOWS\System32\Drivers\Elmou.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2007-01-29 8552]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-08 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-08 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-08 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-08 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-08 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-08 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-08 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-06-27 28928]
R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
R3 Dot4 HPH09;Dot4 HPH09; C:\WINDOWS\system32\DRIVERS\hphid409.sys [2006-01-12 50800]
R3 Dot4Print HPH09;Print Class Driver for IEEE-1284.4 HPH09; C:\WINDOWS\system32\DRIVERS\hphipr09.sys [2006-01-12 16112]
R3 Dot4Storage HPH09;Storage Class Driver for IEEE-1284.4 (HPH09); C:\WINDOWS\System32\Drivers\hphs2k09.sys [2006-01-12 50211]
R3 Dot4Usb HPH09;Dot4Usb HPH09; C:\WINDOWS\System32\drivers\hphius09.sys [2006-01-12 18864]
R3 DSproct;DSproct; \??\C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys []
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-19 230400]
R3 ELacpi;ELacpi; C:\WINDOWS\system32\DRIVERS\ELacpi.sys [2006-05-09 9728]
R3 etusbf;Magic Touch USB 2000/XP driver; C:\WINDOWS\System32\Drivers\etusbf.sys [2006-05-25 33408]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 mv2;mv2; C:\WINDOWS\system32\DRIVERS\mv2.sys [2008-10-05 10304]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-09-17 6853088]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-07-24 1156648]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 st3wolf;st3wolf; C:\WINDOWS\system32\DRIVERS\st3wolf.sys [2003-04-27 99360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 atapi;Standard IDE/ESDI Hard Disk Controller; C:\WINDOWS\system32\DRIVERS\atapi.sys [2008-04-13 96512]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-06-27 155648]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-11-05 231704]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 ELService;Intel(R) Quick Resume technology; C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe [2006-06-01 180224]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-11 168432]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2006-07-06 90112]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 5.0\my.ini MySQL []
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-09-17 155716]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R3 IntelinetSecure;IntelinetSecure; C:\Program Files\Intelinet\intelin2.exe [2008-10-16 861464]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 Pml Driver;Pml Driver; C:\WINDOWS\system32\HPHipm09.exe [2006-01-12 77824]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 913408]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2006-12-02 2805000]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-11-07 3004416]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

 

Here is the ComboFix.txt file:
ComboFix 08-12-09.03 - William Beggs 2008-12-10 13:05:27.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2402 [GMT -7:00]
Running from: c:\documents and settings\William Beggs\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\IE4 Error Log.txt
c:\windows\system32\ntnet.drv

.
((((((((((((((((((((((((( Files Created from 2008-11-10 to 2008-12-10 )))))))))))))))))))))))))))))))
.

2008-12-09 13:22 . 2008-12-09 13:22 <DIR> d-------- c:\program files\Intelinet
2008-12-09 13:22 . 2008-12-10 13:22 0 --a------ C:\proc.id
2008-12-09 13:22 . 2008-12-10 13:22 0 --a------ C:\asdasd.asdasd
2008-12-09 11:14 . 2008-12-09 11:14 <DIR> d-------- c:\program files\SUPERAntiSpyware
2008-12-09 11:14 . 2008-12-09 11:14 <DIR> d-------- c:\documents and settings\William Beggs\Application Data\SUPERAntiSpyware.com
2008-12-09 11:14 . 2008-12-09 11:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-09 11:13 . 2008-12-09 11:13 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-09 10:13 . 2008-12-09 10:13 <DIR> d-------- c:\program files\iTunes
2008-12-09 10:13 . 2008-12-09 10:13 <DIR> d-------- c:\program files\iPod
2008-12-09 10:13 . 2008-12-09 10:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-16 17:22 . 2008-11-16 17:22 <DIR> d-------- c:\program files\Amazing Adventures Around the World
2008-11-16 17:22 . 2008-11-16 17:22 <DIR> d-------- c:\documents and settings\William Beggs\Application Data\SpinTop Games
2008-11-16 16:06 . 2008-11-16 16:08 <DIR> d-------- c:\program files\Jewel Quest Mysteries - Curse of the Emerald Tear
2008-11-16 16:06 . 2008-11-16 16:06 <DIR> d-------- c:\documents and settings\William Beggs\Application Data\iWin
2008-11-15 13:41 . 2008-11-15 13:42 <DIR> d-------- c:\program files\Mythic Mahjong
2008-11-13 18:38 . 2008-11-13 18:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\JollyBear
2008-11-13 18:37 . 2008-11-13 18:37 <DIR> d-------- c:\program files\Mahjong Escape - Ancient Japan
2008-11-13 18:37 . 2008-11-13 18:37 <DIR> d-------- c:\documents and settings\William Beggs\Application Data\SpinTop
2008-11-12 08:14 . 2008-10-24 04:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 08:13 . 2008-09-04 10:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-10 16:08 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-12-10 04:03 --------- d-----w c:\program files\Trend Micro
2008-12-09 17:24 --------- d-----w c:\program files\Google
2008-12-09 17:11 --------- d-----w c:\program files\QuickTime
2008-12-09 17:10 --------- d-----w c:\program files\Common Files\Apple
2008-12-08 22:40 --------- d-----w c:\program files\Apogee
2008-12-07 22:03 --------- d-----w c:\documents and settings\William Beggs\Application Data\ZoomBrowser EX
2008-12-07 21:59 --------- d-----w c:\documents and settings\All Users\Application Data\ZoomBrowser
2008-11-29 00:11 --------- d-----w c:\documents and settings\William Beggs\Application Data\Canon
2008-11-17 01:23 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-10 20:53 --------- d-----w c:\program files\Infogrames Interactive
2008-11-06 22:40 --------- d-----w c:\documents and settings\All Users\Application Data\avg8
2008-11-06 16:02 --------- d-----w c:\documents and settings\William Beggs\Application Data\U3
2008-11-06 15:56 --------- d-----w c:\program files\Common Files\Adobe
2008-11-05 18:21 97,928 ----a-w c:\windows\system32\drivers\avgldx86.sys
2008-11-05 18:20 --------- d-----w c:\program files\AVG
2008-11-04 20:50 --------- d-----w c:\program files\Dvd-cloner
2008-10-28 23:12 60,744 ----a-w c:\documents and settings\William Beggs\g2mdlhlpx.exe
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 06:03 --------- d-----w c:\program files\DIGStream
2008-10-24 04:10 --------- d-----w c:\documents and settings\All Users\Application Data\STOPzilla!
2008-10-24 03:45 --------- d-----w c:\documents and settings\All Users\Application Data\SITEguard
2008-10-23 20:57 3,626,453 ----a-w C:\__MCTIDUpdatedFiles.zip
2008-10-20 23:51 --------- d-----w c:\program files\UltraVNC
2008-10-20 22:54 --------- d-----w c:\documents and settings\William Beggs\Application Data\Windows Search
2008-10-20 22:53 --------- d-----w c:\documents and settings\William Beggs\Application Data\Windows Desktop Search
2008-10-20 22:52 --------- d-----w c:\program files\Windows Desktop Search
2008-10-19 02:19 --------- d-----w c:\program files\Common Files\iS3
2008-10-10 15:08 --------- d-----w c:\program files\Yahoo!
2008-09-11 21:57 297,291 ----a-w C:\CLAP.zip
2008-04-07 23:03 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2007-12-05 23:41 3,902,784 ----a-w c:\documents and settings\William Beggs\gosetup.exe
2007-07-13 16:22 456,272 ----a-w c:\documents and settings\All Users\Application Data\pswi_preloaded.exe
2007-11-14 18:00 88 --sh--r c:\windows\system32\07E297E56A.sys
2007-08-16 19:58 88 --sh--r c:\windows\system32\A037BC587F.sys
2007-11-14 18:01 6,476 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-08-06 14:31 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008080620080807\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport "= "c:\program files\Dell Support\DSAgnt.exe" [2006-08-28 395776]
"ctfmon.exe "= "c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-22 68856]
"DellSupportCenter "= "c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"SUPERAntiSpyware "= "c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-04 1809648]
"Intelinet "= "c:\program files\Intelinet\Intelinet.exe" [2008-11-05 7382296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"IAAnotif "= "c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"DMXLauncher "= "c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"ISUSPM Startup "= "c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler "= "c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA "= "c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Acronis*True*Image Monitor "= "c:\program files\Acronis\TrueImage\TrueImageMonitor.exe" [2007-06-27 423258]
"Acronis Scheduler2 Service "= "c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-06-27 90112]
"HPDJ Taskbar Utility "= "c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2006-01-12 196608]
"HPHmon03 "= "c:\windows\system32\hphmon03.exe" [2006-01-12 311296]
"TS_Mapper "= "c:\program files\Magic Touch USB\tsmapper.exe" [2007-02-07 166912]
"NvCplDaemon "= "c:\windows\system32\NvCpl.dll" [2007-09-17 8491008]
"NvMediaCenter "= "c:\windows\system32\NvMcTray.dll" [2007-09-17 81920]
"TouchScreen "= "c:\program files\Magic Touch USB\touchusb.exe" [2007-02-07 281600]
"Omnipage "= "c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-20 49152]
"dscactivate "= "c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-10-09 16384]
"RemoteControl "= "c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut "= "c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"DellSupportCenter "= "c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"AppleSyncNotifier "= "c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"AVG8_TRAY "= "c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-27 1261336]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"QuickTime Task "= "c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SigmatelSysTrayApp "= "stsystra.exe" [2006-07-24 c:\windows\stsystra.exe]
"nwiz "= "nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-03 14:56 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux "= sysaudio.sys

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe "=
"c:\\Program Files\\Skype\\Phone\\Skype.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\UltraVNC\\vncviewer.exe "=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP "= 5900:TCP:vnc5900
"5800:TCP "= 5800:TCP:vnc5800

R0 stwlfbus;stwlfbus;c:\windows\system32\DRIVERS\stwlfbus.sys [2003-04-27 8704]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-11-05 97928]
R1 SASDIFSV;SASDIFSV;\??\c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-12-04 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-12-04 55024]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-11-05 231704]
R2 vnccom;vnccom;c:\windows\system32\Drivers\vnccom.SYS [2007-06-27 6016]
R3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [2007-07-02 18864]
R3 etusbf;Magic Touch USB 2000/XP driver;c:\windows\system32\Drivers\etusbf.sys [2007-09-04 33408]
R3 IntelinetSecure;IntelinetSecure;c:\program files\Intelinet\intelin2.exe [2008-12-09 861464]
R3 mv2;mv2;c:\windows\system32\DRIVERS\mv2.sys [2008-10-05 10304]
R3 SASENUM;SASENUM;\??\c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-04 7408]
S3 st3wolf;st3wolf;c:\windows\system32\DRIVERS\st3wolf.sys [2003-04-27 99360]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; "c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon80 [2006-12-02 2805000]
.
Contents of the 'Scheduled Tasks' folder

2008-12-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
- - - - ORPHANS REMOVED - - - -

Toolbar-SITEguard - (no file)


.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/ymj/*http://www.yahoo.com

c:\windows\Downloaded Program Files\stg_drm.ocx - c:\windows\Downloaded Program Files\CONFLICT.1\stg_drm.ocx
c:\windows\Downloaded Program Files\CONFLICT.2\stg_drm.ocx
c:\windows\Downloaded Program Files\CONFLICT.3\stg_drm.ocx
c:\windows\Downloaded Program Files\CONFLICT.4\stg_drm.ocx
c:\windows\Downloaded Program Files\CONFLICT.5\stg_drm.ocx
O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9}
file:///C:/Program%20Files/Amazing%20Adventures%20Around%20the%20World/Images/stg_drm.ocx

c:\windows\system32\mfc42.dll - c:\windows\system32\msvcrt.dll
c:\windows\system32\olepro32.dll
c:\windows\Downloaded Program Files\tx4ole11.ocx
c:\windows\Downloaded Program Files\tx11_tls.dll
c:\windows\Downloaded Program Files\tx11_obj.dll
c:\windows\Downloaded Program Files\Tx11.dll
c:\windows\Downloaded Program Files\tx11_css.dll
c:\windows\Downloaded Program Files\tx11_xml.dll
c:\windows\Downloaded Program Files\tx11_pdf.dll
c:\windows\Downloaded Program Files\tx11_doc.dll
c:\windows\Downloaded Program Files\tx11_rtf.dll
c:\windows\Downloaded Program Files\tx11_htm.dll
c:\windows\Downloaded Program Files\tx11_ic.dll
c:\windows\Downloaded Program Files\tx11_gif.flt
c:\windows\Downloaded Program Files\tx11_png.flt
c:\windows\Downloaded Program Files\tx11_jpg.flt
c:\windows\Downloaded Program Files\tx11_wmf.flt
c:\windows\Downloaded Program Files\tx11_tif.flt
c:\windows\Downloaded Program Files\tx11_bmp.flt
c:\windows\Downloaded Program Files\tx11_ic.ini
c:\windows\Downloaded Program Files\tx11_wnd.dll
O16 -: {1B635021-8269-11D8-9E2B-004005A9ABD2}
hxxps://sp.phs.org/prx/000/http/softmedweb1/esaweb/TX.cab
c:\windows\Downloaded Program Files\tx.inf

c:\windows\system32\RICHED32.DLL - c:\windows\system32\msvbvm60.dll
c:\windows\system32\OLEAUT32.DLL
c:\windows\system32\OLEPRO32.DLL
c:\windows\system32\ASYCFILT.DLL
c:\windows\system32\STDOLE2.TLB
c:\windows\system32\COMCAT.DLL
c:\windows\system32\msstkprp.dll
c:\windows\system32\RICHTX32.OCX
c:\windows\system32\objsafe.tlb
c:\windows\Downloaded Program Files\WebRTF.ocx
O16 -: {80DC1772-21EF-11D4-B9DE-0008C7CB5F59}
hxxps://sp.phs.org/prx/000/http/softmedweb1/esaweb/WebRTF.CAB
c:\windows\Downloaded Program Files\WebRTF.INF

c:\windows\Downloaded Program Files\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54}
file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-10 13:15:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\TEMP\bbaf79d9-6ec6-49ac-8c67-1347f14f906e.tmp
c:\windows\TEMP\c525daee-07eb-4289-a50c-9100adebd2e8.tmp

scan completed successfully
hidden files: 2

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath "= "\ "c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\ "c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(800)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\windows\system32\rundll32.exe
c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PSIService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\fxssvc.exe
c:\windows\system32\searchindexer.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\ELService.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\searchprotocolhost.exe
c:\windows\system32\hphipm09.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\searchfilterhost.exe
.
**************************************************************************
.
Completion time: 2008-12-10 13:32:22 - machine was rebooted [William Beggs]
ComboFix-quarantined-files.txt 2008-12-10 20:32:18

Pre-Run: 193,108,525,056 bytes free
Post-Run: 193,694,072,832 bytes free

266 --- E O F --- 2008-11-12 16:22:50

 

Welcome to WindowsBBS bbarocket

I'd like to get 1 more log. Download GMER

Right click and extract it to it's own folder on the desktop.

Open the program and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for "˜Show All’.
Click on Scan.
When the scan has completed, click Copy and paste the results (if any) into this topic.

 

Thanks for taking the time to look at this. Here are the results from GMER:

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-12-10 23:20:11
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xACA9CF20]

---- User code sections - GMER 1.0.14 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[2292] kernel32.dll!WriteFile 7C810E17 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- Devices - GMER 1.0.14 ----

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 snapman.sys (Acronis Snapshot API/Acronis)

Device \FileSystem\Fastfat \Fat A5F32D20

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.14 ----

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B14BB0B1-54DB-148E-F6CA-E456468EE230}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B14BB0B1-54DB-148E-F6CA-E456468EE230}@iadaabejmmndagcihn 0x6A 0x61 0x68 0x6B ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B14BB0B1-54DB-148E-F6CA-E456468EE230}@hanpklhfbchbmokh 0x6A 0x61 0x68 0x6B ...

---- EOF - GMER 1.0.14 ----

 

Couple of minor thing to clean up. Highlight and copy the contents of the code box below.

Code:

del /q C:\proc.id
del /q C:\asdasd.asdasd
attrib -r -h c:\windows\temp\*.*
del /q c:\windows\temp\*.*
reg save  "HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B14BB0B1-54DB-148E-F6CA-E456468EE230}" ext.hiv
reg delete  "HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B14BB0B1-54DB-148E-F6CA-E456468EE230}" /f
exit
cls

Click Start>Run and type cmd then hit enter to open a command window. Right click in the command window and select paste. The command window will close on it's own.


Now, I recommend you run an online scan. Please do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

• Click Run at the Security prompt.
• The program will then begin downloading and installing and will also update the database.
• Please be patient as this can take several minutes.
• Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Click View scan report at the bottom.
• Click the Save Report As... button.
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs.
• Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


Post the Kaspersky log here. Let me know if you're still experiencing problems.