Solved SmitFraudFix v2.354 (WinXP, Win2K)

Click Start then Run, type cmd and hit Enter.
Does a command window open?

 

yes I have the c prompt

 

I have to go in to work now. let me know what I should do next.

Kind regards
Steve

 

Highlight and copy the contents of the code box below then right click in the command window and select Paste.

Code:

reg add  "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v  "AppInit_DLLS" /t REG_SZ /d " " /f
reg add  "HKLM\SYSTEM\CurrentControlSet\Control\Lsa" /v  "Authentication Packages" /t REG_MULTI_SZ /d msv1_0 /f
reg delete  "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B1DA3F4-F9E2-4C4A-8584-5482BB77D7D1}" /f
reg delete  "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{644D9331-F010-4A1A-99B1-6D2F04622803}" /f
reg delete  "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1392F8F-B737-4791-9FE0-A8022354900C}" /f
reg delete  "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v {F016D54B-6B00-47B8-882D-296D2B2D9579} /f
reg delete  "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fccdebaW" /f
reg delete  "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" /v dtseqrxk /f
reg delete  "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" /v {644D9331-F010-4A1A-99B1-6D2F04622803} /f
exit
cls

The command window should close on it own.
Reboot and try normal logon.

 

Malwarebytes' Anti-Malware 1.28
Database version: 1226
Windows 5.1.2600 Service Pack 2

10/4/2008 6:01:19 AM
mbam-log-2008-10-04 (06-01-19).txt

Scan type: Full Scan (C:\|)
Objects scanned: 137758
Time elapsed: 1 hour(s), 1 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 13

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\SYSTEM32\tdsspopup1.url (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\tdsspopup2.url (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\tdsspopup3.url (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS41de.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS49cf.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS5d68.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS94c2.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSS991a.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSa0bb.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSa241.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSa7a7.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TDSSa938.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

 

Logfile of random's system information tool 1.04 (written by random/random)
Run by Steve at 2008-10-04 06:14:34
Microsoft Windows XP Professional Service Pack 2
System drive C: has 30 GB (55%) free of 54 GB
Total RAM: 1535 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:15:00, on 10/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\imapi.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\WINDOWS\SQ931STI.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Cisco-Linksys LLC\Wireless-G Notebook Adapter with SRX400\WPC54GX4.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee\msc\mcupdui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
G:\RSIT.exe
C:\Program Files\trend micro\Steve.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\ppe.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe "
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe "
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\\BacsTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SQ931STI] C:\WINDOWS\SQ931STI.EXE
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe "
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [RunUtility] C:\Program Files\Cisco-Linksys LLC\Wireless-G Notebook Adapter with SRX400\WPC54GX4.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174349348112
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: McAfee Application Installer Cleanup (0247861223105845) (0247861223105845mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\024786~1.EXE
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. Installer service (CiscoVpnInstallService) - Unknown owner - C:\Documents and Settings\Steve\Application Data\ZipGenius\ZGTemp\271169\ZGS_275596\Covenant-IS\installservice.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

--
End of file - 12559 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-10-24 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-08-16 121120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2005-08-04 343112]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-08-16 121120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager "=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"RealTray "=C:\Program Files\Real\RealPlayer\RealPlay.exe [2005-01-24 26112]
"PinnacleDriverCheck "=C:\WINDOWS\system32\PSDrvCheck.exe [2003-12-04 406016]
"PCLEPCI "=C:\PROGRA~1\Pinnacle\PPE\ppe.exe [2002-06-25 32768]
"MSKDetectorExe "=C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [2005-07-12 1117184]
"Iomega Drive Icons "=C:\Program Files\Iomega\DriveIcons\ImgIcon.exe [2002-08-13 86016]
"IntelZeroConfig "=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-08-02 802816]
"IntelWireless "=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-08-02 696320]
"HP Software Update "=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2005-05-12 49152]
"DVDLauncher "=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2004-09-30 57344]
"DMXLauncher "=C:\Program Files\Dell\Media Experience\DMXLauncher.exe [2004-09-15 86016]
"Deskup "=C:\Program Files\Iomega\DriveIcons\deskup.exe [2002-07-16 32768]
"bacstray "=C:\Program Files\Broadcom\BACS\\BacsTray.exe [2003-12-15 118784]
"ATIPTA "=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-31 339968]
"Apoint "=C:\Program Files\Apoint\Apoint.exe [2004-08-21 155648]
"ADUserMon "=C:\Program Files\Iomega\AutoDisk\ADUserMon.exe [2002-09-24 147456]
"mcagent_exe "=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-04 582992]
"SQ931STI "=C:\WINDOWS\SQ931STI.EXE [2007-01-24 151552]
"dscactivate "=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]
"dla "=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-05-31 122941]
"RunUtility "=C:\Program Files\Cisco-Linksys LLC\Wireless-G Notebook Adapter with SRX400\WPC54GX4.exe [2005-11-10 17428480]
"DellSupportCenter "=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"AppleSyncNotifier "=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-22 116040]
"QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
"iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS "=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"DellSupport "=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"DellSupportCenter "=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

C:\Documents and Settings\Steve\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-08-31 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TDSSserv.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDSSserv.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe "= "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*isabled:AOL "
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe "= "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*isabled:AOL "
"C:\Program Files\America Online 9.0\waol.exe "= "C:\Program Files\America Online 9.0\waol.exe:*isabled:AOL "
"C:\WINDOWS\system32\sessmgr.exe "= "C:\WINDOWS\system32\sessmgr.exe:*isabledxpsp2res.dll,-22019 "
"C:\Program Files\Dell Inc\Dell Picture Studio v3.0\launch.exe "= "C:\Program Files\Dell Inc\Dell Picture Studio v3.0\launch.exe:*:Enabled:Jasc Paint Shop Photo Album 5 Application "
"C:\Program Files\Sonic\RecordNow!\RecordNow.exe "= "C:\Program Files\Sonic\RecordNow!\RecordNow.exe:*:Enabled:RecordNow! "
"C:\Program Files\Movie Maker\MOVIEMK.EXE "= "C:\Program Files\Movie Maker\MOVIEMK.EXE:*:Enabled:Windows Movie Maker "
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe "= "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:EnabledowerDVD "
"C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe "= "C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe:*:Enabled:VPN Client "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe "
"C:\Program Files\Bonjour\mDNSResponder.exe "= "C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
"C:\Program Files\iTunes\iTunes.exe "= "C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe "= "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe "= "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL "
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe "= "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL "
"C:\Program Files\America Online 9.0\waol.exe "= "C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======List of files/folders created in the last 3 months======

2008-10-04 02:36:11 ----D---- C:\WINDOWS\LastGood
2008-10-03 20:06:39 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-03 20:06:39 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-03 20:06:39 ----A---- C:\WINDOWS\system32\java.exe
2008-10-03 14:23:22 ----SHD---- C:\Config.Msi
2008-10-02 20:42:02 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-10-02 19:52:30 ----D---- C:\Documents and Settings\Steve\Application Data\Malwarebytes
2008-10-02 19:52:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-02 19:52:13 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-02 18:43:03 ----SH---- C:\WINDOWS\system32\pliufmsn.ini
2008-10-01 20:30:09 ----D---- C:\Program Files\trend micro
2008-10-01 20:30:08 ----D---- C:\rsit
2008-10-01 07:12:14 ----A---- C:\WINDOWS\system32\tmp.txt
2008-10-01 07:11:51 ----A---- C:\rapport.txt
2008-10-01 07:11:38 ----A---- C:\WINDOWS\system32\o4Patch.exe
2008-10-01 07:11:38 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-10-01 07:11:38 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\swxcacls.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\swsc.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\swreg.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-09-11 20:56:46 ----A---- C:\WINDOWS\ntbtlog.txt
2008-09-11 19:04:13 ----A---- C:\WINDOWS\system32\a74f5669-.txt
2008-09-11 18:48:15 ----D---- C:\Documents and Settings\Steve\Application Data\TmpRecentIcons
2008-09-10 05:33:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954156_WM9L$
2008-09-10 05:33:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-10 05:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-04 18:06:59 ----D---- C:\Program Files\iPod
2008-09-04 18:06:54 ----D---- C:\Program Files\iTunes
2008-09-04 18:05:40 ----D---- C:\Program Files\Bonjour
2008-09-04 18:04:37 ----D---- C:\Program Files\QuickTime
2008-09-04 18:02:26 ----D---- C:\Program Files\Common Files\Apple
2008-09-03 03:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-03 03:08:13 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-03 03:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-09-03 03:07:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-03 03:07:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-09-03 03:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-03 03:06:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-21 20:45:16 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-08-21 20:45:13 ----D---- C:\Program Files\Meade
2008-07-14 20:31:40 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-14 11:48:38 ----D---- C:\WINDOWS\SxsCaPendDel
2008-07-13 03:49:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-07-06 07:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

======List of files/folders modified in the last 3 months======

2008-10-04 06:14:47 ----D---- C:\WINDOWS\Temp
2008-10-04 06:14:33 ----D---- C:\WINDOWS\Prefetch
2008-10-04 06:03:44 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2008-10-04 06:01:19 ----D---- C:\WINDOWS\SYSTEM32
2008-10-04 02:39:23 ----HD---- C:\WINDOWS\INF
2008-10-04 02:38:29 ----D---- C:\WINDOWS\system32\DRIVERS
2008-10-04 02:36:11 ----D---- C:\WINDOWS
2008-10-04 02:36:01 ----D---- C:\Program Files\McAfee
2008-10-03 20:47:41 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-03 20:45:32 ----A---- C:\WINDOWS\ModemLog_3Com Megahertz Telephony 3CXM756-3CCM756 Modem.txt
2008-10-03 20:45:31 ----A---- C:\WINDOWS\ModemLog_Conexant D110 MDC V.9x Modem.txt
2008-10-03 20:44:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-03 20:07:20 ----SHD---- C:\WINDOWS\Installer
2008-10-03 20:06:37 ----D---- C:\Program Files\Java
2008-10-03 03:53:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-03 03:52:55 ----D---- C:\Documents and Settings\Steve\Application Data\McAfee
2008-10-02 21:38:04 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-02 20:42:01 ----D---- C:\WINDOWS\Debug
2008-10-02 20:39:58 ----D---- C:\WINDOWS\Help
2008-10-02 20:34:48 ----SHD---- C:\WINDOWS\CSC
2008-10-02 20:34:42 ----D---- C:\WINDOWS\Minidump
2008-10-02 20:33:42 ----A---- C:\WINDOWS\DUMP22f8.tmp
2008-10-02 20:06:50 ----RD---- C:\Program Files
2008-10-02 19:45:14 ----D---- C:\WINDOWS\network diagnostic
2008-10-01 12:41:54 ----D---- C:\Documents and Settings\Steve\Application Data\ZipGenius
2008-10-01 07:38:06 ----A---- C:\WINDOWS\DUMP382c.tmp
2008-09-11 21:17:55 ----D---- C:\WINDOWS\system32\CONFIG
2008-09-11 21:16:24 ----D---- C:\WINDOWS\system32\WBEM
2008-09-11 21:16:22 ----D---- C:\WINDOWS\Registration
2008-09-10 05:33:26 ----A---- C:\WINDOWS\imsins.BAK
2008-09-10 05:33:18 ----D---- C:\WINDOWS\WinSxS
2008-09-10 05:32:35 ----HD---- C:\WINDOWS\$hf_mig$
2008-09-06 05:37:45 ----D---- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-09-04 18:03:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-04 18:02:26 ----D---- C:\Program Files\Common Files
2008-09-03 03:08:24 ----RSHD---- C:\WINDOWS\system32\DLLCACHE
2008-09-03 03:08:16 ----D---- C:\Program Files\Messenger
2008-09-03 03:06:51 ----D---- C:\Program Files\Internet Explorer
2008-09-03 03:03:18 ----A---- C:\WINDOWS\WIN.INI
2008-09-03 03:01:40 ----D---- C:\Program Files\Microsoft Silverlight
2008-08-21 20:45:14 ----D---- C:\Program Files\Barbie ® Riding Club
2008-08-21 20:45:13 ----D---- C:\WINDOWS\SPEECH
2008-08-21 20:45:09 ----D---- C:\Program Files\Yahoo!
2008-08-07 07:01:11 ----D---- C:\pwrcmdr
2008-07-22 05:08:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-07-18 22:10:48 ----A---- C:\WINDOWS\system32\cdm.dll
2008-07-18 22:10:42 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-07-18 22:10:40 ----A---- C:\WINDOWS\system32\wups2.dll
2008-07-18 22:10:24 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-07-18 22:10:20 ----A---- C:\WINDOWS\system32\wups.dll
2008-07-18 22:09:46 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-07-18 22:08:34 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-07-18 22:07:34 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-07-18 22:07:32 ----A---- C:\WINDOWS\system32\muweb.dll
2008-07-18 22:07:32 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-07-14 20:31:45 ----SD---- C:\WINDOWS\Tasks
2008-07-14 20:31:42 ----D---- C:\Program Files\Apple Software Update
2008-07-14 11:49:47 ----D---- C:\Program Files\Adobe
2008-07-14 11:49:08 ----D---- C:\Program Files\Common Files\Adobe
2008-07-14 11:49:01 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-14 11:17:22 ----RSD---- C:\WINDOWS\Fonts
2008-07-14 11:16:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-07-14 06:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-07-07 15:32:22 ----A---- C:\WINDOWS\system32\es.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2004-06-30 16128]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2008-06-27 207656]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-06-02 120136]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2005-05-13 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2005-05-13 23545]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-02-06 20747]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2005-01-24 8552]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2005-04-21 40544]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-02 12544]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-05-31 25725]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-05-31 34845]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-05-31 4125]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-05-31 2241]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-05-31 86876]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-05-31 15069]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-05-31 6365]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-05-31 98716]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-05-31 100605]
R2 WNIPROT5;Airgo Networks Protocol Driver; \??\C:\WINDOWS\system32\WNIPROT5.SYS []
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-08-06 104735]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2003-12-04 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-31 788480]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-01-29 16168]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-17 200064]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2008-06-27 79240]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2008-06-27 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2008-06-27 40488]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2004-08-16 270136]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2006-06-29 2206720]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-17 685056]
S2 HidCom;USB-HID -> COM Driver Service; C:\WINDOWS\system32\DRIVERS\HidCom.sys [2001-08-23 69575]
S3 Airgo;Belkin Wireless Pre-N Notebook Network Driver; C:\WINDOWS\system32\DRIVERS\wnihdd51.sys []
S3 Airgo3P;Wireless-G Notebook Adapter with SRX400 Driver; C:\WINDOWS\system32\DRIVERS\Lssrx42.sys [2005-10-30 780288]
S3 ATIXPGAA;ATIXPGAA; \??\C:\Dell\Drivers\R88754\ATIXPGAA.SYS []
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cur_bus;Curitel USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\cur_bus.sys [2003-12-11 51040]
S3 cur_mdfl;Curitel Packet Service Filter; C:\WINDOWS\system32\DRIVERS\cur_mdfl.sys [2003-12-11 6064]
S3 cur_mdm;Curitel Packet Service Drivers; C:\WINDOWS\system32\DRIVERS\cur_mdm.sys [2003-12-11 82640]
S3 cur_serd;Curitel Packet Service Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\cur_serd.sys [2003-12-11 64096]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DIGIRPS;Digi PortServer Driver; C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-17 42432]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
S3 KMW_KBD;Kensington Input Devices Class filter driver; C:\WINDOWS\System32\DRIVERS\KMW_KBD.sys []
S3 KMW_USB;Kensington MouseWorks USB filter driver; C:\WINDOWS\system32\DRIVERS\KMW_USB.sys []
S3 mfehidk01;McAfee Inc.; C:\WINDOWS\system32\drivers\mfehidk01.sys []
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2008-06-20 34152]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NUVision;USB Video Adapter; C:\WINDOWS\system32\DRIVERS\NUVision.sys [2001-09-16 154976]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-04 11136]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-04 10240]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SQ931;USB 2.0 Video Camera; C:\WINDOWS\System32\Drivers\Capt931a.sys [2007-06-05 525824]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 _IOMEGA_ACTIVE_DISK_SERVICE_;Iomega Active Disk; C:\Program Files\Iomega\AutoDisk\ADService.exe [2002-09-24 151552]
R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-08-31 389120]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-08-02 434176]
R2 Iomega App Services;Iomega App Services; C:\PROGRA~1\Iomega\System32\AppServices.exe [2002-09-04 73728]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-08-18 211232]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-06-21 792184]
R2 McNASvc;McAfee Network Agent; c:\program files\common files\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-08-02 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-09-13 937984]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2006-08-11 290816]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S2 0247861223105845mcinstcleanup;McAfee Application Installer Cleanup (0247861223105845); C:\WINDOWS\TEMP\024786~1.EXE [2008-07-09 315264]
S2 CiscoVpnInstallService;Cisco Systems, Inc. Installer service; C:\Documents and Settings\Steve\Application Data\ZipGenius\ZGTemp\271169\ZGS_275596\Covenant-IS\installservice.exe []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 267776]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-01-10 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2008-06-20 361800]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 Iomega Activity Disk2;Iomega Activity Disk2; []

-----------------EOF-----------------

 

The PC is booting normally and seems to be OK. Is there anything else I should do

I cannot thank you enough for all of your help!!!

Steve-

 

That's good news! Download ComboFix by sUBs from here, saving the file to your desktop.


Please disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.

• Close all open programs and windows
• Double click combofix.exe and follow the prompts.
• It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log and a new HijackThis log in your next reply.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

 

ComboFix 08-10-04.07 - Steve 2008-10-05 4:42:26.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.988 [GMT -5:00]
Running from: C:\Documents and Settings\Steve\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Steve\Cookies\steve@2o7[1].txt
C:\Documents and Settings\Steve\Cookies\steve@ad.yieldmanager[1].txt
C:\Documents and Settings\Steve\Cookies\steve@ads.pointroll[1].txt
C:\Documents and Settings\Steve\Cookies\steve@banners.atvconnection[2].txt
C:\Documents and Settings\Steve\Cookies\steve@c.gamelink[1].txt
C:\Documents and Settings\Steve\Cookies\steve@insightexpressai[2].txt
C:\Documents and Settings\Steve\Cookies\steve@main.ebayrtm[1].txt
C:\Documents and Settings\Steve\Cookies\steve@personals.yahoo[1].txt
C:\Documents and Settings\Steve\Cookies\steve@questionmarket[1].txt
C:\Documents and Settings\Steve\Cookies\steve@revsci[1].txt
C:\Documents and Settings\Steve\Cookies\steve@specificclick[1].txt
C:\Documents and Settings\Steve\Cookies\steve@statcounter[2].txt
C:\Documents and Settings\Steve\Cookies\steve@t.ifilm[2].txt
C:\Documents and Settings\Steve\Cookies\steve@trafficmp[2].txt
C:\Documents and Settings\Steve\Cookies\steve@turn[1].txt
C:\Documents and Settings\Steve\Cookies\steve@www.kbb[2].txt
C:\Documents and Settings\Steve\Cookies\steve@yahoo[3].txt
C:\WINDOWS\system32\pliufmsn.ini
C:\WINDOWS\system32\TDSSerrors.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TDSSSERV
-------\Service_TDSSserv


((((((((((((((((((((((((( Files Created from 2008-09-05 to 2008-10-05 )))))))))))))))))))))))))))))))
.

2008-10-02 20:42 . 2008-10-02 21:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\CatRoot_bak
2008-10-02 19:52 . 2008-10-03 21:24 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-02 19:52 . 2008-10-02 19:52 <DIR> d-------- C:\Documents and Settings\Steve\Application Data\Malwarebytes
2008-10-02 19:52 . 2008-10-02 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-02 19:52 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys
2008-10-02 19:52 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys
2008-10-01 20:30 . 2008-10-01 20:30 <DIR> d-------- C:\rsit
2008-10-01 20:30 . 2008-10-04 06:15 <DIR> d-------- C:\Program Files\trend micro
2008-10-01 07:12 . 2008-10-01 07:23 5,522 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-10-01 07:11 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-10-01 07:11 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-10-01 07:11 . 2008-09-02 16:51 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-10-01 07:11 . 2008-09-19 12:26 82,944 --a------ C:\WINDOWS\SYSTEM32\o4Patch.exe
2008-10-01 07:11 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-10-01 07:11 . 2008-09-19 12:26 82,944 --a------ C:\WINDOWS\SYSTEM32\IEDFix.C.exe
2008-10-01 07:11 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\SYSTEM32\404Fix.exe
2008-10-01 07:11 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-10-01 07:11 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-09-06 06:38 . 2008-09-06 06:38 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\SACore

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-05 09:36 --------- d-----w C:\Program Files\McAfee
2008-10-04 11:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-10-04 01:06 --------- d-----w C:\Program Files\Java
2008-10-03 08:52 --------- d-----w C:\Documents and Settings\Steve\Application Data\McAfee
2008-10-03 01:33 90,112 ----a-w C:\WINDOWS\DUMP22f8.tmp
2008-10-01 17:41 --------- d-----w C:\Documents and Settings\Steve\Application Data\ZipGenius
2008-10-01 12:38 90,112 ----a-w C:\WINDOWS\DUMP382c.tmp
2008-09-06 10:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-09-04 23:07 --------- d-----w C:\Program Files\iTunes
2008-09-04 23:06 --------- d-----w C:\Program Files\iPod
2008-09-04 23:05 --------- d-----w C:\Program Files\QuickTime
2008-09-04 23:05 --------- d-----w C:\Program Files\Bonjour
2008-09-04 23:02 --------- d-----w C:\Program Files\Common Files\Apple
2008-09-03 08:01 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-22 01:45 --------- d-----w C:\Program Files\Yahoo!
2008-08-22 01:45 --------- d-----w C:\Program Files\Meade
2008-08-22 01:45 --------- d-----w C:\Program Files\Barbie ® Riding Club
2008-08-22 01:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2006-07-22 23:07 5,120 --sha-w C:\Program Files\Thumbs.db
2006-05-13 15:52 7,057 ---ha-w C:\Documents and Settings\Steve\Application Data\hpothb07.dat
2006-05-13 15:52 321 ---ha-w C:\Documents and Settings\Steve\hpothb07.dat
2006-05-13 15:52 169 ---ha-w C:\Documents and Settings\NetworkService\hpothb07.dat
2006-05-13 15:52 167 ---ha-w C:\Documents and Settings\LocalService\hpothb07.dat
2006-05-13 15:52 164 ---ha-w C:\Documents and Settings\All Users\hpothb07.dat
2006-05-13 15:52 0 ---ha-w C:\Documents and Settings\Default User\hpothb07.dat
2006-05-13 15:52 0 ---ha-w C:\Documents and Settings\Administrator\hpothb07.dat
2006-04-18 00:03 19,632 ---h--w C:\Program Files\cache.dmx
2004-12-06 22:18 62,372 ----a-w C:\Program Files\data1.hdr
2004-12-06 22:18 6,069,079 ----a-w C:\Program Files\data2.cab
2004-12-06 22:18 480 ----a-w C:\Program Files\layout.bin
2004-12-06 22:18 471,499 ----a-w C:\Program Files\data1.cab
2004-12-06 22:18 188,970 ----a-w C:\Program Files\setup.inx
2004-12-06 22:18 132 ----a-w C:\Program Files\Setup.ini
2004-12-06 22:17 81,992 ----a-w C:\Program Files\InstHelper.dll
2004-12-06 22:17 45,126 ----a-w C:\Program Files\DelayInst.exe
2004-12-06 22:08 154,758 ----a-w C:\Program Files\Setup.bmp
2001-09-05 09:24 344,923 ----a-w C:\Program Files\ikernel.ex_
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"DellSupport "= "C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter "= "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager "= "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"RealTray "= "C:\Program Files\Real\RealPlayer\RealPlay.exe" [2005-01-24 26112]
"PinnacleDriverCheck "= "C:\WINDOWS\system32\PSDrvCheck.exe" [2003-12-04 406016]
"PCLEPCI "= "C:\PROGRA~1\Pinnacle\PPE\ppe.exe" [2002-06-25 32768]
"MSKDetectorExe "= "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 1117184]
"Iomega Drive Icons "= "C:\Program Files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]
"IntelZeroConfig "= "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 802816]
"IntelWireless "= "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 696320]
"HP Software Update "= "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-05-12 49152]
"DVDLauncher "= "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-09-30 57344]
"DMXLauncher "= "C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2004-09-15 86016]
"Deskup "= "C:\Program Files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]
"bacstray "= "C:\Program Files\Broadcom\BACS\\BacsTray.exe" [2003-12-15 118784]
"ATIPTA "= "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-31 339968]
"Apoint "= "C:\Program Files\Apoint\Apoint.exe" [2004-08-21 155648]
"ADUserMon "= "C:\Program Files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 147456]
"mcagent_exe "= "C:\Program Files\McAfee.com\Agent\mcagent.exe" [2008-07-11 641208]
"SQ931STI "= "C:\WINDOWS\SQ931STI.EXE" [2007-01-24 151552]
"dscactivate "= "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"dla "= "C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"RunUtility "= "C:\Program Files\Cisco-Linksys LLC\Wireless-G Notebook Adapter with SRX400\WPC54GX4.exe" [2005-11-10 17428480]
"DellSupportCenter "= "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AppleSyncNotifier "= "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]

C:\Documents and Settings\Steve\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-01-10 113664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-01-24 24576]
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
HP Image Zone Fast Start.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe [2005-05-12 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2001-09-19 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.PIM1 "= pclepim1.dll
"VIDC.NSVI "= nsvideo.dll
"VIDC.NTN1 "= NUVision.ax

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe "=
"C:\\Program Files\\Dell Inc\\Dell Picture Studio v3.0\\launch.exe "=
"C:\\Program Files\\Sonic\\RecordNow!\\RecordNow.exe "=
"C:\\Program Files\\Movie Maker\\MOVIEMK.EXE "=
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe "=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"C:\\Program Files\\iTunes\\iTunes.exe "=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe "=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP "= 3389:TCP:*isabledxpsp2res.dll,-22009

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-09-08 198944]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S2 0028521223199472mcinstcleanup;McAfee Application Installer Cleanup (0028521223199472);C:\WINDOWS\TEMP\002852~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini [ ]
S2 CiscoVpnInstallService;Cisco Systems, Inc. Installer service;C:\Documents and Settings\Steve\Application Data\ZipGenius\ZGTemp\271169\ZGS_275596\Covenant-IS\installservice.exe [ ]
S2 HidCom;USB-HID -> COM Driver Service;C:\WINDOWS\system32\DRIVERS\HidCom.sys [2001-08-23 69575]
S3 Airgo3P;Wireless-G Notebook Adapter with SRX400 Driver;C:\WINDOWS\system32\DRIVERS\Lssrx42.sys [2005-10-30 780288]
S3 ATIXPGAA;ATIXPGAA;C:\Dell\Drivers\R88754\ATIXPGAA.SYS [2004-02-20 12032]
S3 cur_bus;Curitel USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\cur_bus.sys [2003-12-11 51040]
S3 cur_mdfl;Curitel Packet Service Filter;C:\WINDOWS\system32\DRIVERS\cur_mdfl.sys [2003-12-11 6064]
S3 cur_mdm;Curitel Packet Service Drivers;C:\WINDOWS\system32\DRIVERS\cur_mdm.sys [2003-12-11 82640]
S3 cur_serd;Curitel Packet Service Diagnostic Serial Port (WDM);C:\WINDOWS\system32\DRIVERS\cur_serd.sys [2003-12-11 64096]
S3 DIGIRPS;Digi PortServer Driver;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-17 42432]
S3 KMW_KBD;Kensington Input Devices Class filter driver;C:\WINDOWS\system32\DRIVERS\KMW_KBD.sys [ ]
S3 KMW_USB;Kensington MouseWorks USB filter driver;C:\WINDOWS\system32\DRIVERS\KMW_USB.sys [ ]
S3 NUVision;USB Video Adapter;C:\WINDOWS\system32\DRIVERS\NUVision.sys [2001-09-16 154976]
S3 SQ931;USB 2.0 Video Camera;C:\WINDOWS\system32\Drivers\Capt931a.sys [2007-06-05 525824]

*Newly Created Service* - 0028521223199472MCINSTCLEANUP
.
Contents of the 'Scheduled Tasks' folder

2008-07-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]

2008-09-15 C:\WINDOWS\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]

2008-02-01 C:\WINDOWS\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Steve\Application Data\Mozilla\Firefox\Profiles\yqbg1v5d.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 04:50:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet006\Services\Iomega Activity Disk2]
"ImagePath "= "\ "\" "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\McAfee\SiteAdvisor\saHook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\SYSTEM32\IMAPI.EXE
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Apoint\ApntEx.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2008-10-05 4:56:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-05 09:56:36

Pre-Run: 31,340,744,704 bytes free
Post-Run: 31,394,516,992 bytes free

257 --- E O F --- 2008-09-10 10:35:54

 

Can u send me a link to high jack this I think I deleted it

 

Looks good. Please run RSIT again and post the log.txt file.

Then, lets get an online scan. Please do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

• Click Run at the Security prompt.
• The program will then begin downloading and installing and will also update the database.
• Please be patient as this can take several minutes.
• Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Click View scan report at the bottom.
• Click the Save Report As... button.
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs.
• Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


Post the Kaspersky log here.

 

Logfile of random's system information tool 1.04 (written by random/random)
Run by Steve at 2008-10-05 08:47:12
Microsoft Windows XP Professional Service Pack 2
System drive C: has 30 GB (55%) free of 54 GB
Total RAM: 1535 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:47:15, on 10/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\imapi.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\WINDOWS\SQ931STI.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Cisco-Linksys LLC\Wireless-G Notebook Adapter with SRX400\WPC54GX4.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
G:\RSIT.exe
C:\Program Files\trend micro\Steve.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\ppe.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe "
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe "
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [bacstray] C:\Program Files\Broadcom\BACS\\BacsTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SQ931STI] C:\WINDOWS\SQ931STI.EXE
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe "
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [RunUtility] C:\Program Files\Cisco-Linksys LLC\Wireless-G Notebook Adapter with SRX400\WPC54GX4.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174349348112
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: McAfee Application Installer Cleanup (0028521223199472) (0028521223199472mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\002852~1.EXE (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. Installer service (CiscoVpnInstallService) - Unknown owner - C:\Documents and Settings\Steve\Application Data\ZipGenius\ZGTemp\271169\ZGS_275596\Covenant-IS\installservice.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

--
End of file - 12425 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2008-06-20 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-04 121632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2005-08-04 343112]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-04 121632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager "=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"RealTray "=C:\Program Files\Real\RealPlayer\RealPlay.exe [2005-01-24 26112]
"PinnacleDriverCheck "=C:\WINDOWS\system32\PSDrvCheck.exe [2003-12-04 406016]
"PCLEPCI "=C:\PROGRA~1\Pinnacle\PPE\ppe.exe [2002-06-25 32768]
"MSKDetectorExe "=C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [2005-07-12 1117184]
"Iomega Drive Icons "=C:\Program Files\Iomega\DriveIcons\ImgIcon.exe [2002-08-13 86016]
"IntelZeroConfig "=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-08-02 802816]
"IntelWireless "=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-08-02 696320]
"HP Software Update "=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2005-05-12 49152]
"DVDLauncher "=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2004-09-30 57344]
"DMXLauncher "=C:\Program Files\Dell\Media Experience\DMXLauncher.exe [2004-09-15 86016]
"Deskup "=C:\Program Files\Iomega\DriveIcons\deskup.exe [2002-07-16 32768]
"bacstray "=C:\Program Files\Broadcom\BACS\\BacsTray.exe [2003-12-15 118784]
"ATIPTA "=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-31 339968]
"Apoint "=C:\Program Files\Apoint\Apoint.exe [2004-08-21 155648]
"ADUserMon "=C:\Program Files\Iomega\AutoDisk\ADUserMon.exe [2002-09-24 147456]
"mcagent_exe "=C:\Program Files\McAfee.com\Agent\mcagent.exe [2008-07-11 641208]
"SQ931STI "=C:\WINDOWS\SQ931STI.EXE [2007-01-24 151552]
"dscactivate "=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]
"dla "=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-05-31 122941]
"RunUtility "=C:\Program Files\Cisco-Linksys LLC\Wireless-G Notebook Adapter with SRX400\WPC54GX4.exe [2005-11-10 17428480]
"DellSupportCenter "=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"AppleSyncNotifier "=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-22 116040]
"QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
"iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS "=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"DellSupport "=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"DellSupportCenter "=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

C:\Documents and Settings\Steve\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-08-31 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives "=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=
"NoDrives "=
"NoDriveAutoRun "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe "= "C:\WINDOWS\system32\sessmgr.exe:*isabledxpsp2res.dll,-22019 "
"C:\Program Files\Dell Inc\Dell Picture Studio v3.0\launch.exe "= "C:\Program Files\Dell Inc\Dell Picture Studio v3.0\launch.exe:*:Enabled:Jasc Paint Shop Photo Album 5 Application "
"C:\Program Files\Sonic\RecordNow!\RecordNow.exe "= "C:\Program Files\Sonic\RecordNow!\RecordNow.exe:*:Enabled:RecordNow! "
"C:\Program Files\Movie Maker\MOVIEMK.EXE "= "C:\Program Files\Movie Maker\MOVIEMK.EXE:*:Enabled:Windows Movie Maker "
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe "= "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:EnabledowerDVD "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe "
"C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe "= "C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe "
"C:\Program Files\Bonjour\mDNSResponder.exe "= "C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
"C:\Program Files\iTunes\iTunes.exe "= "C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe "= "C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe "= "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL "
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe "= "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL "
"C:\Program Files\America Online 9.0\waol.exe "= "C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======List of files/folders created in the last 3 months======

2008-10-05 05:03:41 ----SHD---- C:\RECYCLER
2008-10-05 04:56:45 ----A---- C:\ComboFix.txt
2008-10-05 04:42:04 ----D---- C:\WINDOWS\erdnt
2008-10-05 04:41:33 ----D---- C:\QooBox
2008-10-05 04:41:30 ----A---- C:\WINDOWS\zip.exe
2008-10-05 04:41:30 ----A---- C:\WINDOWS\VFind.exe
2008-10-05 04:41:30 ----A---- C:\WINDOWS\swxcacls.exe
2008-10-05 04:41:30 ----A---- C:\WINDOWS\SWSC.exe
2008-10-05 04:41:30 ----A---- C:\WINDOWS\SWREG.exe
2008-10-05 04:41:30 ----A---- C:\WINDOWS\sed.exe
2008-10-05 04:41:30 ----A---- C:\WINDOWS\Nircmd.exe
2008-10-05 04:41:30 ----A---- C:\WINDOWS\grep.exe
2008-10-05 04:41:30 ----A---- C:\WINDOWS\fdsv.exe
2008-10-03 20:06:39 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-03 20:06:39 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-03 20:06:39 ----A---- C:\WINDOWS\system32\java.exe
2008-10-03 14:23:22 ----SHD---- C:\Config.Msi
2008-10-02 20:42:02 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-10-02 19:52:30 ----D---- C:\Documents and Settings\Steve\Application Data\Malwarebytes
2008-10-02 19:52:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-02 19:52:13 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-01 20:30:09 ----D---- C:\Program Files\trend micro
2008-10-01 20:30:08 ----D---- C:\rsit
2008-10-01 07:12:14 ----A---- C:\WINDOWS\system32\tmp.txt
2008-10-01 07:11:51 ----A---- C:\rapport.txt
2008-10-01 07:11:38 ----A---- C:\WINDOWS\system32\o4Patch.exe
2008-10-01 07:11:38 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-10-01 07:11:38 ----A---- C:\WINDOWS\system32\404Fix.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\VACFix.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\IEDFix.exe
2008-10-01 07:11:37 ----A---- C:\WINDOWS\system32\dumphive.exe
2008-09-11 20:56:46 ----A---- C:\WINDOWS\ntbtlog.txt
2008-09-11 19:04:13 ----A---- C:\WINDOWS\system32\a74f5669-.txt
2008-09-10 05:33:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954156_WM9L$
2008-09-10 05:33:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-10 05:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-04 18:06:59 ----D---- C:\Program Files\iPod
2008-09-04 18:06:54 ----D---- C:\Program Files\iTunes
2008-09-04 18:05:40 ----D---- C:\Program Files\Bonjour
2008-09-04 18:04:37 ----D---- C:\Program Files\QuickTime
2008-09-04 18:02:26 ----D---- C:\Program Files\Common Files\Apple
2008-09-03 03:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-03 03:08:13 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-03 03:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-09-03 03:07:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-03 03:07:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-09-03 03:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-03 03:06:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-21 20:45:16 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-08-21 20:45:13 ----D---- C:\Program Files\Meade
2008-07-14 20:31:40 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-14 11:48:38 ----D---- C:\WINDOWS\SxsCaPendDel
2008-07-13 03:49:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-07-06 07:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

======List of files/folders modified in the last 3 months======

2008-10-05 08:47:14 ----D---- C:\WINDOWS\Temp
2008-10-05 04:56:51 ----D---- C:\WINDOWS\SYSTEM32
2008-10-05 04:56:50 ----D---- C:\WINDOWS\system32\DRIVERS
2008-10-05 04:56:48 ----D---- C:\WINDOWS
2008-10-05 04:55:56 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-05 04:50:00 ----A---- C:\WINDOWS\system.ini
2008-10-05 04:49:36 ----A---- C:\WINDOWS\ModemLog_3Com Megahertz Telephony 3CXM756-3CCM756 Modem.txt
2008-10-05 04:49:35 ----A---- C:\WINDOWS\ModemLog_Conexant D110 MDC V.9x Modem.txt
2008-10-05 04:46:46 ----D---- C:\WINDOWS\system32\CONFIG
2008-10-05 04:45:27 ----D---- C:\WINDOWS\AppPatch
2008-10-05 04:45:27 ----D---- C:\Program Files\Common Files
2008-10-05 04:42:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-05 04:41:17 ----D---- C:\WINDOWS\Prefetch
2008-10-05 04:37:48 ----HD---- C:\WINDOWS\INF
2008-10-05 04:36:50 ----D---- C:\Program Files\McAfee
2008-10-04 06:03:44 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2008-10-03 20:07:20 ----SHD---- C:\WINDOWS\Installer
2008-10-03 20:06:37 ----D---- C:\Program Files\Java
2008-10-03 03:53:19 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-03 03:52:55 ----D---- C:\Documents and Settings\Steve\Application Data\McAfee
2008-10-02 21:38:04 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-02 20:42:01 ----D---- C:\WINDOWS\Debug
2008-10-02 20:39:58 ----D---- C:\WINDOWS\Help
2008-10-02 20:34:48 ----SHD---- C:\WINDOWS\CSC
2008-10-02 20:34:42 ----D---- C:\WINDOWS\Minidump
2008-10-02 20:33:42 ----A---- C:\WINDOWS\DUMP22f8.tmp
2008-10-02 20:06:50 ----RD---- C:\Program Files
2008-10-02 19:45:14 ----D---- C:\WINDOWS\network diagnostic
2008-10-01 12:41:54 ----D---- C:\Documents and Settings\Steve\Application Data\ZipGenius
2008-10-01 07:38:06 ----A---- C:\WINDOWS\DUMP382c.tmp
2008-09-11 21:16:24 ----D---- C:\WINDOWS\system32\WBEM
2008-09-11 21:16:22 ----D---- C:\WINDOWS\Registration
2008-09-10 05:33:26 ----A---- C:\WINDOWS\imsins.BAK
2008-09-10 05:33:18 ----D---- C:\WINDOWS\WinSxS
2008-09-10 05:32:35 ----HD---- C:\WINDOWS\$hf_mig$
2008-09-06 05:37:45 ----D---- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-09-04 18:03:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-03 03:08:24 ----RSHD---- C:\WINDOWS\system32\DLLCACHE
2008-09-03 03:08:16 ----D---- C:\Program Files\Messenger
2008-09-03 03:06:51 ----D---- C:\Program Files\Internet Explorer
2008-09-03 03:03:18 ----A---- C:\WINDOWS\WIN.INI
2008-09-03 03:01:40 ----D---- C:\Program Files\Microsoft Silverlight
2008-08-21 20:45:14 ----D---- C:\Program Files\Barbie ® Riding Club
2008-08-21 20:45:13 ----D---- C:\WINDOWS\SPEECH
2008-08-21 20:45:09 ----D---- C:\Program Files\Yahoo!
2008-08-07 07:01:11 ----D---- C:\pwrcmdr
2008-07-22 05:08:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-07-18 22:10:48 ----A---- C:\WINDOWS\system32\cdm.dll
2008-07-18 22:10:42 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-07-18 22:10:40 ----A---- C:\WINDOWS\system32\wups2.dll
2008-07-18 22:10:24 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-07-18 22:10:20 ----A---- C:\WINDOWS\system32\wups.dll
2008-07-18 22:09:46 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-07-18 22:09:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-07-18 22:08:34 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-07-18 22:07:34 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-07-18 22:07:32 ----A---- C:\WINDOWS\system32\muweb.dll
2008-07-18 22:07:32 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-07-14 20:31:45 ----SD---- C:\WINDOWS\Tasks
2008-07-14 20:31:42 ----D---- C:\Program Files\Apple Software Update
2008-07-14 11:49:47 ----D---- C:\Program Files\Adobe
2008-07-14 11:49:08 ----D---- C:\Program Files\Common Files\Adobe
2008-07-14 11:49:01 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-14 11:17:22 ----RSD---- C:\WINDOWS\Fonts
2008-07-14 11:16:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-07-14 06:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-07-07 15:32:22 ----A---- C:\WINDOWS\system32\es.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2004-06-30 16128]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2008-06-27 207656]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-06-02 120136]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2005-05-13 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2005-05-13 23545]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225920]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-02-06 20747]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2005-01-24 8552]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2005-04-21 40544]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-02 12544]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-05-31 25725]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-05-31 34845]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-05-31 4125]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-05-31 2241]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-05-31 86876]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-05-31 15069]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-05-31 6365]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-05-31 98716]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-05-31 100605]
R2 WNIPROT5;Airgo Networks Protocol Driver; \??\C:\WINDOWS\system32\WNIPROT5.SYS []
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-08-06 104735]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2003-12-04 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-31 788480]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-01-29 16168]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-17 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-17 200064]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2008-06-27 79240]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2008-06-27 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2008-06-27 40488]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-04 67584]
R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\STAC97.sys [2004-08-16 270136]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-04 12416]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2006-06-29 2206720]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-17 685056]
S2 HidCom;USB-HID -> COM Driver Service; C:\WINDOWS\system32\DRIVERS\HidCom.sys [2001-08-23 69575]
S3 Airgo;Belkin Wireless Pre-N Notebook Network Driver; C:\WINDOWS\system32\DRIVERS\wnihdd51.sys []
S3 Airgo3P;Wireless-G Notebook Adapter with SRX400 Driver; C:\WINDOWS\system32\DRIVERS\Lssrx42.sys [2005-10-30 780288]
S3 ATIXPGAA;ATIXPGAA; \??\C:\Dell\Drivers\R88754\ATIXPGAA.SYS []
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cur_bus;Curitel USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\cur_bus.sys [2003-12-11 51040]
S3 cur_mdfl;Curitel Packet Service Filter; C:\WINDOWS\system32\DRIVERS\cur_mdfl.sys [2003-12-11 6064]
S3 cur_mdm;Curitel Packet Service Drivers; C:\WINDOWS\system32\DRIVERS\cur_mdm.sys [2003-12-11 82640]
S3 cur_serd;Curitel Packet Service Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\cur_serd.sys [2003-12-11 64096]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 DIGIRPS;Digi PortServer Driver; C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-17 42432]
S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-07 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-07 21744]
S3 KMW_KBD;Kensington Input Devices Class filter driver; C:\WINDOWS\System32\DRIVERS\KMW_KBD.sys []
S3 KMW_USB;Kensington MouseWorks USB filter driver; C:\WINDOWS\system32\DRIVERS\KMW_USB.sys []
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2008-06-20 34152]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NUVision;USB Video Adapter; C:\WINDOWS\system32\DRIVERS\NUVision.sys [2001-09-16 154976]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-04 11136]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-04 10240]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SQ931;USB 2.0 Video Camera; C:\WINDOWS\System32\Drivers\Capt931a.sys [2007-06-05 525824]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 _IOMEGA_ACTIVE_DISK_SERVICE_;Iomega Active Disk; C:\Program Files\Iomega\AutoDisk\ADService.exe [2002-09-24 151552]
R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-08-31 389120]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-08-02 434176]
R2 Iomega App Services;Iomega App Services; C:\PROGRA~1\Iomega\System32\AppServices.exe [2002-09-04 73728]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-09-08 198944]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-06-21 792184]
R2 McNASvc;McAfee Network Agent; c:\program files\common files\mcafee\mna\mcnasvc.exe [2008-07-18 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2008-07-09 358736]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2008-06-20 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2008-07-09 884360]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-08-02 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-09-13 937984]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2006-08-11 290816]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2008-06-20 605512]
S2 0028521223199472mcinstcleanup;McAfee Application Installer Cleanup (0028521223199472); C:\WINDOWS\TEMP\002852~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 CiscoVpnInstallService;Cisco Systems, Inc. Installer service; C:\Documents and Settings\Steve\Application Data\ZipGenius\ZGTemp\271169\ZGS_275596\Covenant-IS\installservice.exe []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 267776]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-01-10 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2008-06-20 361800]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 Iomega Activity Disk2;Iomega Activity Disk2; []

 

That log look great.

 

ComboFix 08-10-04.07 - Steve 2008-10-05 4:42:26.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.988 [GMT -5:00]
Running from: C:\Documents and Settings\Steve\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Steve\Cookies\steve@2o7[1].txt
C:\Documents and Settings\Steve\Cookies\steve@ad.yieldmanager[1].txt
C:\Documents and Settings\Steve\Cookies\steve@ads.pointroll[1].txt
C:\Documents and Settings\Steve\Cookies\steve@banners.atvconnection[2].txt
C:\Documents and Settings\Steve\Cookies\steve@c.gamelink[1].txt
C:\Documents and Settings\Steve\Cookies\steve@insightexpressai[2].txt
C:\Documents and Settings\Steve\Cookies\steve@main.ebayrtm[1].txt
C:\Documents and Settings\Steve\Cookies\steve@personals.yahoo[1].txt
C:\Documents and Settings\Steve\Cookies\steve@questionmarket[1].txt
C:\Documents and Settings\Steve\Cookies\steve@revsci[1].txt
C:\Documents and Settings\Steve\Cookies\steve@specificclick[1].txt
C:\Documents and Settings\Steve\Cookies\steve@statcounter[2].txt
C:\Documents and Settings\Steve\Cookies\steve@t.ifilm[2].txt
C:\Documents and Settings\Steve\Cookies\steve@trafficmp[2].txt
C:\Documents and Settings\Steve\Cookies\steve@turn[1].txt
C:\Documents and Settings\Steve\Cookies\steve@www.kbb[2].txt
C:\Documents and Settings\Steve\Cookies\steve@yahoo[3].txt
C:\WINDOWS\system32\pliufmsn.ini
C:\WINDOWS\system32\TDSSerrors.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TDSSSERV
-------\Service_TDSSserv


((((((((((((((((((((((((( Files Created from 2008-09-05 to 2008-10-05 )))))))))))))))))))))))))))))))
.

2008-10-02 20:42 . 2008-10-02 21:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\CatRoot_bak
2008-10-02 19:52 . 2008-10-03 21:24 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-02 19:52 . 2008-10-02 19:52 <DIR> d-------- C:\Documents and Settings\Steve\Application Data\Malwarebytes
2008-10-02 19:52 . 2008-10-02 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-02 19:52 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys
2008-10-02 19:52 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys
2008-10-01 20:30 . 2008-10-01 20:30 <DIR> d-------- C:\rsit
2008-10-01 20:30 . 2008-10-04 06:15 <DIR> d-------- C:\Program Files\trend micro
2008-10-01 07:12 . 2008-10-01 07:23 5,522 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-10-01 07:11 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-10-01 07:11 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-10-01 07:11 . 2008-09-02 16:51 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-10-01 07:11 . 2008-09-19 12:26 82,944 --a------ C:\WINDOWS\SYSTEM32\o4Patch.exe
2008-10-01 07:11 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-10-01 07:11 . 2008-09-19 12:26 82,944 --a------ C:\WINDOWS\SYSTEM32\IEDFix.C.exe
2008-10-01 07:11 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\SYSTEM32\404Fix.exe
2008-10-01 07:11 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-10-01 07:11 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-09-06 06:38 . 2008-09-06 06:38 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\SACore

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-05 09:36 --------- d-----w C:\Program Files\McAfee
2008-10-04 11:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-10-04 01:06 --------- d-----w C:\Program Files\Java
2008-10-03 08:52 --------- d-----w C:\Documents and Settings\Steve\Application Data\McAfee
2008-10-03 01:33 90,112 ----a-w C:\WINDOWS\DUMP22f8.tmp
2008-10-01 17:41 --------- d-----w C:\Documents and Settings\Steve\Application Data\ZipGenius
2008-10-01 12:38 90,112 ----a-w C:\WINDOWS\DUMP382c.tmp
2008-09-06 10:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-09-04 23:07 --------- d-----w C:\Program Files\iTunes
2008-09-04 23:06 --------- d-----w C:\Program Files\iPod
2008-09-04 23:05 --------- d-----w C:\Program Files\QuickTime
2008-09-04 23:05 --------- d-----w C:\Program Files\Bonjour
2008-09-04 23:02 --------- d-----w C:\Program Files\Common Files\Apple
2008-09-03 08:01 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-22 01:45 --------- d-----w C:\Program Files\Yahoo!
2008-08-22 01:45 --------- d-----w C:\Program Files\Meade
2008-08-22 01:45 --------- d-----w C:\Program Files\Barbie ® Riding Club
2008-08-22 01:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2006-07-22 23:07 5,120 --sha-w C:\Program Files\Thumbs.db
2006-05-13 15:52 7,057 ---ha-w C:\Documents and Settings\Steve\Application Data\hpothb07.dat
2006-05-13 15:52 321 ---ha-w C:\Documents and Settings\Steve\hpothb07.dat
2006-05-13 15:52 169 ---ha-w C:\Documents and Settings\NetworkService\hpothb07.dat
2006-05-13 15:52 167 ---ha-w C:\Documents and Settings\LocalService\hpothb07.dat
2006-05-13 15:52 164 ---ha-w C:\Documents and Settings\All Users\hpothb07.dat
2006-05-13 15:52 0 ---ha-w C:\Documents and Settings\Default User\hpothb07.dat
2006-05-13 15:52 0 ---ha-w C:\Documents and Settings\Administrator\hpothb07.dat
2006-04-18 00:03 19,632 ---h--w C:\Program Files\cache.dmx
2004-12-06 22:18 62,372 ----a-w C:\Program Files\data1.hdr
2004-12-06 22:18 6,069,079 ----a-w C:\Program Files\data2.cab
2004-12-06 22:18 480 ----a-w C:\Program Files\layout.bin
2004-12-06 22:18 471,499 ----a-w C:\Program Files\data1.cab
2004-12-06 22:18 188,970 ----a-w C:\Program Files\setup.inx
2004-12-06 22:18 132 ----a-w C:\Program Files\Setup.ini
2004-12-06 22:17 81,992 ----a-w C:\Program Files\InstHelper.dll
2004-12-06 22:17 45,126 ----a-w C:\Program Files\DelayInst.exe
2004-12-06 22:08 154,758 ----a-w C:\Program Files\Setup.bmp
2001-09-05 09:24 344,923 ----a-w C:\Program Files\ikernel.ex_
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"DellSupport "= "C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter "= "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager "= "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"RealTray "= "C:\Program Files\Real\RealPlayer\RealPlay.exe" [2005-01-24 26112]
"PinnacleDriverCheck "= "C:\WINDOWS\system32\PSDrvCheck.exe" [2003-12-04 406016]
"PCLEPCI "= "C:\PROGRA~1\Pinnacle\PPE\ppe.exe" [2002-06-25 32768]
"MSKDetectorExe "= "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 1117184]
"Iomega Drive Icons "= "C:\Program Files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]
"IntelZeroConfig "= "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 802816]
"IntelWireless "= "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 696320]
"HP Software Update "= "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-05-12 49152]
"DVDLauncher "= "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-09-30 57344]
"DMXLauncher "= "C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2004-09-15 86016]
"Deskup "= "C:\Program Files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]
"bacstray "= "C:\Program Files\Broadcom\BACS\\BacsTray.exe" [2003-12-15 118784]
"ATIPTA "= "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-31 339968]
"Apoint "= "C:\Program Files\Apoint\Apoint.exe" [2004-08-21 155648]
"ADUserMon "= "C:\Program Files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 147456]
"mcagent_exe "= "C:\Program Files\McAfee.com\Agent\mcagent.exe" [2008-07-11 641208]
"SQ931STI "= "C:\WINDOWS\SQ931STI.EXE" [2007-01-24 151552]
"dscactivate "= "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"dla "= "C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"RunUtility "= "C:\Program Files\Cisco-Linksys LLC\Wireless-G Notebook Adapter with SRX400\WPC54GX4.exe" [2005-11-10 17428480]
"DellSupportCenter "= "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AppleSyncNotifier "= "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]

C:\Documents and Settings\Steve\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-01-10 113664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-01-24 24576]
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
HP Image Zone Fast Start.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe [2005-05-12 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2001-09-19 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.PIM1 "= pclepim1.dll
"VIDC.NSVI "= nsvideo.dll
"VIDC.NTN1 "= NUVision.ax

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe "=
"C:\\Program Files\\Dell Inc\\Dell Picture Studio v3.0\\launch.exe "=
"C:\\Program Files\\Sonic\\RecordNow!\\RecordNow.exe "=
"C:\\Program Files\\Movie Maker\\MOVIEMK.EXE "=
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe "=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"C:\\Program Files\\iTunes\\iTunes.exe "=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe "=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP "= 3389:TCP:*isabledxpsp2res.dll,-22009

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-09-08 198944]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S2 0028521223199472mcinstcleanup;McAfee Application Installer Cleanup (0028521223199472);C:\WINDOWS\TEMP\002852~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini [ ]
S2 CiscoVpnInstallService;Cisco Systems, Inc. Installer service;C:\Documents and Settings\Steve\Application Data\ZipGenius\ZGTemp\271169\ZGS_275596\Covenant-IS\installservice.exe [ ]
S2 HidCom;USB-HID -> COM Driver Service;C:\WINDOWS\system32\DRIVERS\HidCom.sys [2001-08-23 69575]
S3 Airgo3P;Wireless-G Notebook Adapter with SRX400 Driver;C:\WINDOWS\system32\DRIVERS\Lssrx42.sys [2005-10-30 780288]
S3 ATIXPGAA;ATIXPGAA;C:\Dell\Drivers\R88754\ATIXPGAA.SYS [2004-02-20 12032]
S3 cur_bus;Curitel USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\cur_bus.sys [2003-12-11 51040]
S3 cur_mdfl;Curitel Packet Service Filter;C:\WINDOWS\system32\DRIVERS\cur_mdfl.sys [2003-12-11 6064]
S3 cur_mdm;Curitel Packet Service Drivers;C:\WINDOWS\system32\DRIVERS\cur_mdm.sys [2003-12-11 82640]
S3 cur_serd;Curitel Packet Service Diagnostic Serial Port (WDM);C:\WINDOWS\system32\DRIVERS\cur_serd.sys [2003-12-11 64096]
S3 DIGIRPS;Digi PortServer Driver;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-17 42432]
S3 KMW_KBD;Kensington Input Devices Class filter driver;C:\WINDOWS\system32\DRIVERS\KMW_KBD.sys [ ]
S3 KMW_USB;Kensington MouseWorks USB filter driver;C:\WINDOWS\system32\DRIVERS\KMW_USB.sys [ ]
S3 NUVision;USB Video Adapter;C:\WINDOWS\system32\DRIVERS\NUVision.sys [2001-09-16 154976]
S3 SQ931;USB 2.0 Video Camera;C:\WINDOWS\system32\Drivers\Capt931a.sys [2007-06-05 525824]

*Newly Created Service* - 0028521223199472MCINSTCLEANUP
.
Contents of the 'Scheduled Tasks' folder

2008-07-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]

2008-09-15 C:\WINDOWS\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]

2008-02-01 C:\WINDOWS\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Steve\Application Data\Mozilla\Firefox\Profiles\yqbg1v5d.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 04:50:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet006\Services\Iomega Activity Disk2]
"ImagePath "= "\ "\" "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\McAfee\SiteAdvisor\saHook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\SYSTEM32\IMAPI.EXE
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Apoint\ApntEx.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2008-10-05 4:56:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-05 09:56:36

Pre-Run: 31,340,744,704 bytes free
Post-Run: 31,394,516,992 bytes free

257 --- E O F --- 2008-09-10 10:35:54

 

Not sure why you posted a ComboFix log. I suggested a Kaspersky scan and log.

 

ComboFix 08-10-04.07 - Steve 2008-10-05 4:42:26.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.988 [GMT -5:00]
Running from: C:\Documents and Settings\Steve\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Steve\Cookies\steve@2o7[1].txt
C:\Documents and Settings\Steve\Cookies\steve@ad.yieldmanager[1].txt
C:\Documents and Settings\Steve\Cookies\steve@ads.pointroll[1].txt
C:\Documents and Settings\Steve\Cookies\steve@banners.atvconnection[2].txt
C:\Documents and Settings\Steve\Cookies\steve@c.gamelink[1].txt
C:\Documents and Settings\Steve\Cookies\steve@insightexpressai[2].txt
C:\Documents and Settings\Steve\Cookies\steve@main.ebayrtm[1].txt
C:\Documents and Settings\Steve\Cookies\steve@personals.yahoo[1].txt
C:\Documents and Settings\Steve\Cookies\steve@questionmarket[1].txt
C:\Documents and Settings\Steve\Cookies\steve@revsci[1].txt
C:\Documents and Settings\Steve\Cookies\steve@specificclick[1].txt
C:\Documents and Settings\Steve\Cookies\steve@statcounter[2].txt
C:\Documents and Settings\Steve\Cookies\steve@t.ifilm[2].txt
C:\Documents and Settings\Steve\Cookies\steve@trafficmp[2].txt
C:\Documents and Settings\Steve\Cookies\steve@turn[1].txt
C:\Documents and Settings\Steve\Cookies\steve@www.kbb[2].txt
C:\Documents and Settings\Steve\Cookies\steve@yahoo[3].txt
C:\WINDOWS\system32\pliufmsn.ini
C:\WINDOWS\system32\TDSSerrors.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TDSSSERV
-------\Service_TDSSserv


((((((((((((((((((((((((( Files Created from 2008-09-05 to 2008-10-05 )))))))))))))))))))))))))))))))
.

2008-10-02 20:42 . 2008-10-02 21:38 <DIR> d-------- C:\WINDOWS\SYSTEM32\CatRoot_bak
2008-10-02 19:52 . 2008-10-03 21:24 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-02 19:52 . 2008-10-02 19:52 <DIR> d-------- C:\Documents and Settings\Steve\Application Data\Malwarebytes
2008-10-02 19:52 . 2008-10-02 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-02 19:52 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys
2008-10-02 19:52 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys
2008-10-01 20:30 . 2008-10-01 20:30 <DIR> d-------- C:\rsit
2008-10-01 20:30 . 2008-10-04 06:15 <DIR> d-------- C:\Program Files\trend micro
2008-10-01 07:12 . 2008-10-01 07:23 5,522 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-10-01 07:11 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-10-01 07:11 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-10-01 07:11 . 2008-09-02 16:51 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-10-01 07:11 . 2008-09-19 12:26 82,944 --a------ C:\WINDOWS\SYSTEM32\o4Patch.exe
2008-10-01 07:11 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-10-01 07:11 . 2008-09-19 12:26 82,944 --a------ C:\WINDOWS\SYSTEM32\IEDFix.C.exe
2008-10-01 07:11 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\SYSTEM32\404Fix.exe
2008-10-01 07:11 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-10-01 07:11 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-09-06 06:38 . 2008-09-06 06:38 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\SACore

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-05 09:36 --------- d-----w C:\Program Files\McAfee
2008-10-04 11:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2008-10-04 01:06 --------- d-----w C:\Program Files\Java
2008-10-03 08:52 --------- d-----w C:\Documents and Settings\Steve\Application Data\McAfee
2008-10-03 01:33 90,112 ----a-w C:\WINDOWS\DUMP22f8.tmp
2008-10-01 17:41 --------- d-----w C:\Documents and Settings\Steve\Application Data\ZipGenius
2008-10-01 12:38 90,112 ----a-w C:\WINDOWS\DUMP382c.tmp
2008-09-06 10:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-09-04 23:07 --------- d-----w C:\Program Files\iTunes
2008-09-04 23:06 --------- d-----w C:\Program Files\iPod
2008-09-04 23:05 --------- d-----w C:\Program Files\QuickTime
2008-09-04 23:05 --------- d-----w C:\Program Files\Bonjour
2008-09-04 23:02 --------- d-----w C:\Program Files\Common Files\Apple
2008-09-03 08:01 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-22 01:45 --------- d-----w C:\Program Files\Yahoo!
2008-08-22 01:45 --------- d-----w C:\Program Files\Meade
2008-08-22 01:45 --------- d-----w C:\Program Files\Barbie ® Riding Club
2008-08-22 01:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2006-07-22 23:07 5,120 --sha-w C:\Program Files\Thumbs.db
2006-05-13 15:52 7,057 ---ha-w C:\Documents and Settings\Steve\Application Data\hpothb07.dat
2006-05-13 15:52 321 ---ha-w C:\Documents and Settings\Steve\hpothb07.dat
2006-05-13 15:52 169 ---ha-w C:\Documents and Settings\NetworkService\hpothb07.dat
2006-05-13 15:52 167 ---ha-w C:\Documents and Settings\LocalService\hpothb07.dat
2006-05-13 15:52 164 ---ha-w C:\Documents and Settings\All Users\hpothb07.dat
2006-05-13 15:52 0 ---ha-w C:\Documents and Settings\Default User\hpothb07.dat
2006-05-13 15:52 0 ---ha-w C:\Documents and Settings\Administrator\hpothb07.dat
2006-04-18 00:03 19,632 ---h--w C:\Program Files\cache.dmx
2004-12-06 22:18 62,372 ----a-w C:\Program Files\data1.hdr
2004-12-06 22:18 6,069,079 ----a-w C:\Program Files\data2.cab
2004-12-06 22:18 480 ----a-w C:\Program Files\layout.bin
2004-12-06 22:18 471,499 ----a-w C:\Program Files\data1.cab
2004-12-06 22:18 188,970 ----a-w C:\Program Files\setup.inx
2004-12-06 22:18 132 ----a-w C:\Program Files\Setup.ini
2004-12-06 22:17 81,992 ----a-w C:\Program Files\InstHelper.dll
2004-12-06 22:17 45,126 ----a-w C:\Program Files\DelayInst.exe
2004-12-06 22:08 154,758 ----a-w C:\Program Files\Setup.bmp
2001-09-05 09:24 344,923 ----a-w C:\Program Files\ikernel.ex_
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"DellSupport "= "C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"DellSupportCenter "= "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateManager "= "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"RealTray "= "C:\Program Files\Real\RealPlayer\RealPlay.exe" [2005-01-24 26112]
"PinnacleDriverCheck "= "C:\WINDOWS\system32\PSDrvCheck.exe" [2003-12-04 406016]
"PCLEPCI "= "C:\PROGRA~1\Pinnacle\PPE\ppe.exe" [2002-06-25 32768]
"MSKDetectorExe "= "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 1117184]
"Iomega Drive Icons "= "C:\Program Files\Iomega\DriveIcons\ImgIcon.exe" [2002-08-13 86016]
"IntelZeroConfig "= "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-02 802816]
"IntelWireless "= "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-02 696320]
"HP Software Update "= "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-05-12 49152]
"DVDLauncher "= "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-09-30 57344]
"DMXLauncher "= "C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2004-09-15 86016]
"Deskup "= "C:\Program Files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]
"bacstray "= "C:\Program Files\Broadcom\BACS\\BacsTray.exe" [2003-12-15 118784]
"ATIPTA "= "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-31 339968]
"Apoint "= "C:\Program Files\Apoint\Apoint.exe" [2004-08-21 155648]
"ADUserMon "= "C:\Program Files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 147456]
"mcagent_exe "= "C:\Program Files\McAfee.com\Agent\mcagent.exe" [2008-07-11 641208]
"SQ931STI "= "C:\WINDOWS\SQ931STI.EXE" [2007-01-24 151552]
"dscactivate "= "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"dla "= "C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"RunUtility "= "C:\Program Files\Cisco-Linksys LLC\Wireless-G Notebook Adapter with SRX400\WPC54GX4.exe" [2005-11-10 17428480]
"DellSupportCenter "= "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"Adobe Reader Speed Launcher "= "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AppleSyncNotifier "= "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"QuickTime Task "= "C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper "= "C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]

C:\Documents and Settings\Steve\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-01-10 113664]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2005-01-24 24576]
HP Digital Imaging Monitor.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
HP Image Zone Fast Start.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe [2005-05-12 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2001-09-19 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.PIM1 "= pclepim1.dll
"VIDC.NSVI "= nsvideo.dll
"VIDC.NTN1 "= NUVision.ax

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring "=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe "=
"C:\\Program Files\\Dell Inc\\Dell Picture Studio v3.0\\launch.exe "=
"C:\\Program Files\\Sonic\\RecordNow!\\RecordNow.exe "=
"C:\\Program Files\\Movie Maker\\MOVIEMK.EXE "=
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe "=
"C:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe "=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"C:\\Program Files\\iTunes\\iTunes.exe "=
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe "=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP "= 3389:TCP:*isabledxpsp2res.dll,-22009

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-09-08 198944]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
S2 0028521223199472mcinstcleanup;McAfee Application Installer Cleanup (0028521223199472);C:\WINDOWS\TEMP\002852~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini [ ]
S2 CiscoVpnInstallService;Cisco Systems, Inc. Installer service;C:\Documents and Settings\Steve\Application Data\ZipGenius\ZGTemp\271169\ZGS_275596\Covenant-IS\installservice.exe [ ]
S2 HidCom;USB-HID -> COM Driver Service;C:\WINDOWS\system32\DRIVERS\HidCom.sys [2001-08-23 69575]
S3 Airgo3P;Wireless-G Notebook Adapter with SRX400 Driver;C:\WINDOWS\system32\DRIVERS\Lssrx42.sys [2005-10-30 780288]
S3 ATIXPGAA;ATIXPGAA;C:\Dell\Drivers\R88754\ATIXPGAA.SYS [2004-02-20 12032]
S3 cur_bus;Curitel USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\cur_bus.sys [2003-12-11 51040]
S3 cur_mdfl;Curitel Packet Service Filter;C:\WINDOWS\system32\DRIVERS\cur_mdfl.sys [2003-12-11 6064]
S3 cur_mdm;Curitel Packet Service Drivers;C:\WINDOWS\system32\DRIVERS\cur_mdm.sys [2003-12-11 82640]
S3 cur_serd;Curitel Packet Service Diagnostic Serial Port (WDM);C:\WINDOWS\system32\DRIVERS\cur_serd.sys [2003-12-11 64096]
S3 DIGIRPS;Digi PortServer Driver;C:\WINDOWS\system32\DRIVERS\digirlpt.sys [2001-08-17 42432]
S3 KMW_KBD;Kensington Input Devices Class filter driver;C:\WINDOWS\system32\DRIVERS\KMW_KBD.sys [ ]
S3 KMW_USB;Kensington MouseWorks USB filter driver;C:\WINDOWS\system32\DRIVERS\KMW_USB.sys [ ]
S3 NUVision;USB Video Adapter;C:\WINDOWS\system32\DRIVERS\NUVision.sys [2001-09-16 154976]
S3 SQ931;USB 2.0 Video Camera;C:\WINDOWS\system32\Drivers\Capt931a.sys [2007-06-05 525824]

*Newly Created Service* - 0028521223199472MCINSTCLEANUP
.
Contents of the 'Scheduled Tasks' folder

2008-07-15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]

2008-09-15 C:\WINDOWS\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]

2008-02-01 C:\WINDOWS\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Steve\Application Data\Mozilla\Firefox\Profiles\yqbg1v5d.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-05 04:50:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet006\Services\Iomega Activity Disk2]
"ImagePath "= "\ "\" "
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\McAfee\SiteAdvisor\saHook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\SYSTEM32\ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\SYSTEM32\IMAPI.EXE
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Broadcom\BACS\BacsTray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Apoint\ApntEx.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2008-10-05 4:56:43 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-05 09:56:36

Pre-Run: 31,340,744,704 bytes free
Post-Run: 31,394,516,992 bytes free

257 --- E O F --- 2008-09-10 10:35:54

 

Why did you post the ComboFix log again? I last asked for a Kaspersky scan, and the report from that scan.

 

Sorry



--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, October 5, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, October 05, 2008 13:23:43
Records in database: 1292316
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - Critical Areas:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
C:\Documents and Settings\Steve\Start Menu\Programs\Startup
C:\Program Files
C:\WINDOWS

Scan statistics:
Files scanned: 66813
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 01:26:01

No malware has been detected. The scan area is clean.

The selected area was scanned.

 

Great! Let's clean up.

Open MBAM and remove any items quarantined. Do the same with your resident antivirus.

Click Start>Run and type ComboFix /u then hit Enter to uninstall ComboFix and remove the files it has quarantined. This action will also reset the System Restore points, removing any infected files there as well.
Verify the C:\Qoobox and C:\ComboFix folders were removed, as well as the C:\ComboFix.txt file.
You can delete any other logs that were created/saved too.

Download ATF Cleaner by Atribune and save it to your Desktop.

• Double click ATF-Cleaner.exe to run the program.
• Check the boxes to the left of:
  
  
  • Windows Temp
  • Current User Temp
  • All Users Temp
  • Temporary Internet Files
  • Prefetch
  • Java Cache
  • Recycle bin
  
  
• The rest are optional - if you want it to remove everything check "Select All ".
• Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

• Download OTMoveit2.exe and double click to run.
• Click on the CleanUp! button
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OtMoveit2 to rech the Internet, please allow the application to do so.
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Provided everything is back to normal, that should wrap things up.

 

Ok that did it. Again thank you for all of your time and help. Is there a program that a guy could run to clean up a pc occasionally? My other laptop is acting up I don't think its a virus though. I need to reinstall Mcafee but explorer browser keeps stopping the download and I can't see to get it to download. Mcafee error says it can't get to the internet.

Thanks Again!!!!