BankerFox.A virus

I have the BankerFox.A virus on my home PC (Windows XP home). I followed along with another post until I was able to run the ComboFix program thru SafeMode on my home PC. (I had to use a clean computer to download the program, rename it, then transfer it to the infected computer. I could not get rid or disable the AVG software. I decided to run it anyway. Computer rebooted and ran program. It produced a long log file. I have it for reference. Computer is running a program of some kind. Unsure of what to do next.

Here is my log file from the ComboFix program...

ComboFix 10-02-12.01 - Owner 02/13/2010 10:41:32.1.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1263.963 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\commy.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\\setup.exe
C:\Thumbs.db
c:\winnt\EventSystem.log

.
((((((((((((((((((((((((( Files Created from 2010-01-13 to 2010-02-13 )))))))))))))))))))))))))))))))
.

2100-02-23 20:35 . 2001-02-22 15:54 768 -c--a-w- c:\program files\x73_lut.dat
2100-02-23 19:35 . 2001-02-22 14:54 768 -c--a-w- c:\winnt\x73_lut.dat
2100-02-08 21:03 . 2001-05-11 16:39 53248 -c--a-w- c:\program files\ACMonitor_X73.exe
2010-02-13 16:11 . 2010-02-13 16:13 -------- d-----w- c:\documents and settings\Owner\Application Data\U3
2010-02-10 04:52 . 2010-02-10 04:52 -------- d-----w- c:\winnt\LastGood.Tmp
2010-02-10 00:53 . 2010-02-10 00:53 -------- d-sh--w- c:\documents and settings\Owner\PrivacIE
2010-02-09 13:42 . 2010-02-09 13:42 -------- d-----w- c:\documents and settings\Sharon\Local Settings\Application Data\tamfal
2010-01-23 19:01 . 2010-01-23 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-01-23 19:01 . 2010-01-23 19:01 -------- d-----w- c:\winnt\system32\drivers\NSS
2010-01-23 19:01 . 2010-01-23 19:01 -------- d-----w- c:\program files\Norton Security Scan
2010-01-23 19:01 . 2010-01-23 19:01 -------- d-----w- c:\program files\NortonInstaller
2010-01-23 19:01 . 2010-01-23 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-13 17:14 . 2009-11-27 02:40 54 ----a-w- c:\winnt\system32\rp_stats.dat
2010-02-13 17:14 . 2009-11-27 02:40 39 ----a-w- c:\winnt\system32\rp_rules.dat
2010-02-13 17:13 . 2004-12-02 03:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-02-13 16:41 . 2004-07-03 19:37 -------- d-----w- c:\program files\Lavasoft
2010-02-13 16:41 . 2005-02-01 04:45 -------- d-----w- c:\documents and settings\Owner\Application Data\Lavasoft
2010-02-13 16:30 . 2004-12-02 03:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-13 16:28 . 2009-11-27 00:08 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-02-10 04:45 . 2003-06-10 04:31 -------- d-----w- c:\program files\Creative
2010-02-02 22:11 . 2009-07-31 04:47 -------- d-----w- c:\documents and settings\Sharon\Application Data\WholeSecurity
2010-01-24 22:11 . 2003-05-20 18:48 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-23 19:01 . 2003-05-20 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-01-22 09:19 . 2009-07-06 16:20 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-21 19:14 . 2004-02-06 23:05 916480 ----a-w- c:\winnt\system32\wininet.dll
2009-12-21 15:26 . 2009-12-21 15:26 -------- d-----w- c:\documents and settings\New Guest\Application Data\HP
2009-12-12 17:16 . 2004-04-12 02:57 66440 -c--a-w- c:\documents and settings\Sharon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-27 02:32 . 2009-11-27 02:32 93360 ----a-w- c:\winnt\system32\drivers\SBREDrv.sys
2009-11-27 00:09 . 2009-05-23 04:31 333192 ----a-w- c:\winnt\system32\drivers\avgldx86.sys
2009-11-27 00:09 . 2007-02-21 14:24 28424 ----a-w- c:\winnt\system32\drivers\avgmfx86.sys
2009-11-27 00:09 . 2009-11-27 00:09 360584 ----a-w- c:\winnt\system32\drivers\avgtdix.sys
2009-11-27 00:09 . 2009-05-23 04:32 12464 ----a-w- c:\winnt\system32\avgrsstx.dll
2004-03-01 15:25 . 2004-03-01 15:25 498 ----a-w- c:\program files\Shortcut to MSN Messenger.lnk
2003-06-14 21:25 . 2003-06-14 21:25 3782623 -c--a-w- c:\program files\dmfan2k.zip
2003-06-14 21:16 . 2003-06-14 21:16 3268339 -c--a-w- c:\program files\rocketmn.zip
2003-06-14 21:08 . 2003-06-14 21:08 1839517 -c--a-w- c:\program files\elvis60s.zip
2003-06-14 20:58 . 2003-06-14 20:58 1720708 -c--a-w- c:\program files\earth3d.exe
2001-07-26 22:58 . 2000-01-11 18:50 47 -c--a-w- c:\program files\ACMonitor_X73.ini
2001-07-05 18:46 . 2001-07-20 16:48 8116 -c--a-w- c:\program files\OSLO3071b2.USB
2001-05-08 21:36 . 2000-12-05 20:56 114688 -c--a-w- c:\program files\lxarscan.dll
2001-04-23 20:22 . 2100-02-08 21:53 1437 -c--a-w- c:\program files\gtx73.ini
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\ypager.exe" [N/A]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [N/A]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hot Key Kbd 9910 Daemon"="SK9910DM.EXE" [2001-01-03 66048]
"Keyboard Preload Check"="c:\oemdrvrs\KEYB\Preload.exe" [N/A]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
"Lexmark X73 Button Monitor"="c:\progra~1\LEXMAR~1\ACMonitor_X73.exe" [2001-10-08 53248]
"Lexmark X73 Button Manager"="c:\progra~1\LEXMAR~1\AcBtnMgr_X73.exe" [2001-07-11 53248]
"PrinTray"="c:\winnt\System32\spool\DRIVERS\W32X86\3\printray.exe" [2001-10-05 36864]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"eBayToolbar"="c:\program files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [2008-08-06 652528]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2008-09-09 623880]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"Lexmark 3100 Series"="c:\program files\Lexmark 3100 Series\lxbrbmgr.exe" [2003-09-04 106496]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"hsfpbyin"="c:\documents and settings\Sharon\Local Settings\Application Data\tamfal\vpgbsftav.exe" [2010-02-09 458496]
"GWMDMMSG"="GWMDMMSG.exe" [2002-08-06 90112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [N/A]
"Symantec Network Driver Update Warning"="c:\progra~1\Symantec\LIVEUP~1\SNDWarn.EXE" [N/A]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-31 68856]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Auto Detect.lnk - c:\program files\iConcepts Music Express\MEAutoDetect.exe [2009-2-12 374104]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2003-5-20 83360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2009-3-12 984352]
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-27 00:09 12464 ----a-w- c:\winnt\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Support.com\\bin\\tgcmd.exe"=
"c:\\Program Files\\WinMX\\WinMX.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2009\\QBDBMgrN.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\WINNT\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [11/26/2009 8:32 PM 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\winnt\system32\drivers\avgldx86.sys [5/22/2009 10:31 PM 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\winnt\system32\drivers\avgtdix.sys [11/26/2009 6:09 PM 360584]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [11/26/2009 6:08 PM 285392]
R2 MSSQL$SOSHOME;MSSQL$SOSHOME;c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe -sSOSHOME --> c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe -sSOSHOME [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9/24/2009 5:17 AM 1181328]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\atf\Qctest\PCDoc\PCDRDRV.sys --> c:\atf\Qctest\PCDoc\PCDRDRV.sys [?]
S3 SQLAgent$SOSHOME;SQLAgent$SOSHOME;c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlagent.EXE -i SOSHOME --> c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlagent.EXE -i SOSHOME [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-02-08 c:\winnt\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 02:32]

2010-02-06 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2010-02-09 c:\winnt\Tasks\Norton Security Scan for Sharon.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-01-23 17:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = hxxp://www.gateway.net/
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
DPF: DirectAnimation Java Classes - file://c:\winnt\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
DPF: {511073AD-BE56-4D43-AE68-93390514385E} - hcp://system/TechTools.CAB
.
- - - - ORPHANS REMOVED - - - -

AddRemove-{080E0356-D231-41FC-8F31-9760FC4487D9} - c:\program files\wildtangent\apps\gamechannel.exe \removeitem {080E0356-D231-41FC-8F31-9760FC4487D9}



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-13 11:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2808)
c:\winnt\system32\WININET.dll
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\winnt\system32\ieframe.dll
c:\winnt\system32\webcheck.dll
c:\winnt\system32\WPDShServiceObj.dll
c:\winnt\system32\PortableDeviceTypes.dll
c:\winnt\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\winnt\system32\LEXBCES.EXE
c:\winnt\system32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\winnt\wanmpsvc.exe
c:\winnt\system32\SK9910DM.EXE
c:\program files\Logitech\MouseWare\system\em_exec.exe
c:\winnt\GWMDMMSG.exe
c:\program files\Lexmark 3100 Series\lxbrbmon.exe
c:\winnt\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\AVG\AVG9\avgscanx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
.
**************************************************************************
.
Completion time: 2010-02-13 11:29:15 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-13 17:29

Pre-Run: 33,035,673,600 bytes free
Post-Run: 42,076,819,456 bytes free

- - End Of File - - 63DB976A18838D42E76F16D577A9B252

I'm gonna login on the computer that I just scanned.

Ok. I'm on my home PC now. The hard drive is still going and going. What do I do next?

ComboFix 10-02-12.01 - Owner 02/13/2010 14:22:08.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1263.800 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\commy.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Sharon\Local Settings\Application Data\tamfal
c:\documents and settings\Sharon\Local Settings\Application Data\tamfal\vpgbsftav.exe

.
((((((((((((((((((((((((( Files Created from 2010-01-13 to 2010-02-13 )))))))))))))))))))))))))))))))
.

2100-02-23 20:35 . 2001-02-22 15:54 768 -c--a-w- c:\program files\x73_lut.dat
2100-02-23 19:35 . 2001-02-22 14:54 768 -c--a-w- c:\winnt\x73_lut.dat
2100-02-08 21:03 . 2001-05-11 16:39 53248 -c--a-w- c:\program files\ACMonitor_X73.exe
2010-02-13 18:52 . 2010-02-13 18:52 -------- d-----w- c:\documents and settings\Owner\Application Data\WholeSecurity
2010-02-13 16:11 . 2010-02-13 16:13 -------- d-----w- c:\documents and settings\Owner\Application Data\U3
2010-02-10 00:53 . 2010-02-10 00:53 -------- d-sh--w- c:\documents and settings\Owner\PrivacIE
2010-01-26 15:40 . 2010-01-18 15:00 1260800 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2010-01-26 15:40 . 2010-01-18 15:00 3777280 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\setup.exe
2010-01-23 19:01 . 2010-02-13 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-01-23 19:01 . 2010-01-23 19:01 -------- d-----w- c:\program files\NortonInstaller
2010-01-23 19:01 . 2010-01-23 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-13 20:10 . 2009-11-27 00:08 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-02-13 18:21 . 2003-05-20 18:48 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-02-13 17:14 . 2009-11-27 02:40 54 ----a-w- c:\winnt\system32\rp_stats.dat
2010-02-13 17:14 . 2009-11-27 02:40 39 ----a-w- c:\winnt\system32\rp_rules.dat
2010-02-13 17:13 . 2004-12-02 03:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-02-13 16:41 . 2004-07-03 19:37 -------- d-----w- c:\program files\Lavasoft
2010-02-13 16:41 . 2005-02-01 04:45 -------- d-----w- c:\documents and settings\Owner\Application Data\Lavasoft
2010-02-13 16:30 . 2004-12-02 03:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-10 04:45 . 2003-06-10 04:31 -------- d-----w- c:\program files\Creative
2010-02-05 02:32 . 2009-11-27 02:32 389784 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2010-02-05 02:32 . 2009-11-27 02:31 3803208 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2010-02-05 02:32 . 2009-11-27 02:31 823928 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2010-02-05 02:32 . 2009-11-27 02:31 1181328 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2010-02-02 22:11 . 2009-07-31 04:47 -------- d-----w- c:\documents and settings\Sharon\Application Data\WholeSecurity
2010-01-29 02:33 . 2009-11-27 02:32 862040 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2010-01-29 02:33 . 2009-11-27 02:32 15880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
2010-01-29 02:33 . 2009-11-27 02:32 206944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
2010-01-29 02:33 . 2009-11-27 02:32 390288 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
2010-01-29 02:32 . 2009-11-27 02:32 537576 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\aawapi.dll
2010-01-29 02:32 . 2009-11-27 02:32 163728 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\ShellExt.dll
2010-01-29 02:32 . 2009-11-27 02:32 8 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2010-01-29 02:32 . 2009-11-27 02:31 6296864 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2010-01-29 02:32 . 2009-11-27 02:31 327000 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\RPAPI.dll
2010-01-29 02:32 . 2009-11-27 02:31 87496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2010-01-29 02:32 . 2009-11-27 02:31 933120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2010-01-29 02:32 . 2009-11-27 02:31 816784 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2010-01-29 02:32 . 2009-11-27 02:31 1643272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2010-01-29 02:32 . 2009-11-27 02:31 788880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2010-01-23 19:01 . 2003-05-20 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-01-22 09:19 . 2009-07-06 16:20 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-21 19:14 . 2004-02-06 23:05 916480 ------w- c:\winnt\system32\wininet.dll
2009-12-21 15:26 . 2009-12-21 15:26 -------- d-----w- c:\documents and settings\New Guest\Application Data\HP
2009-12-12 17:16 . 2004-04-12 02:57 66440 -c--a-w- c:\documents and settings\Sharon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-27 02:32 . 2009-11-27 02:32 93360 ----a-w- c:\winnt\system32\drivers\SBREDrv.sys
2009-11-27 02:32 . 2009-11-27 02:32 93360 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys
2009-11-27 02:32 . 2009-11-27 02:32 554280 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll
2009-11-27 02:32 . 2009-11-27 02:32 212480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2009-11-27 02:32 . 2009-11-27 02:32 283944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Vipre.dll
2009-11-27 02:32 . 2009-11-27 02:32 1223976 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBTE.dll
2009-11-27 02:32 . 2009-11-27 02:32 242984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-11-21 15:51 . 1980-01-01 05:00 471552 ----a-w- c:\winnt\AppPatch\aclayers.dll
2004-03-01 15:25 . 2004-03-01 15:25 498 ----a-w- c:\program files\Shortcut to MSN Messenger.lnk
2003-06-14 21:25 . 2003-06-14 21:25 3782623 -c--a-w- c:\program files\dmfan2k.zip
2003-06-14 21:16 . 2003-06-14 21:16 3268339 -c--a-w- c:\program files\rocketmn.zip
2003-06-14 21:08 . 2003-06-14 21:08 1839517 -c--a-w- c:\program files\elvis60s.zip
2003-06-14 20:58 . 2003-06-14 20:58 1720708 -c--a-w- c:\program files\earth3d.exe
2001-07-26 22:58 . 2000-01-11 18:50 47 -c--a-w- c:\program files\ACMonitor_X73.ini
2001-07-05 18:46 . 2001-07-20 16:48 8116 -c--a-w- c:\program files\OSLO3071b2.USB
2001-05-08 21:36 . 2000-12-05 20:56 114688 -c--a-w- c:\program files\lxarscan.dll
2001-04-23 20:22 . 2100-02-08 21:53 1437 -c--a-w- c:\program files\gtx73.ini
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2003-05-20 18:45 . 2002-07-17 01:21 28672 c:\program files\Common Files\Microsoft Shared\Works Shared\bak\WkUFind.exe

2006-02-07 04:37 . 2005-11-10 19:03 36975 c:\program files\Java\jre1.5.0_06\bin\bak\jusched.exe

2001-05-09 17:21 . 2001-07-11 17:08 53248 c:\program files\LexmarkX73\bak\AcBtnMgr_X73.exe
2001-05-09 17:21 . 2001-07-11 17:08 53248 c:\program files\LexmarkX73\AcBtnMgr_X73.exe

2001-10-08 22:23 . 2001-10-08 21:21 53248 c:\program files\LexmarkX73\bak\ACMonitor_X73.exe
2001-10-08 22:23 . 2001-10-08 21:21 53248 c:\program files\LexmarkX73\ACMonitor_X73.exe

2004-02-09 02:51 . 2002-01-08 01:24 401496 c:\program files\Microsoft ActiveSync\bak\WCESCOMM.EXE

2005-07-12 20:35 . 2005-07-12 20:35 473928 c:\program files\Microsoft AntiSpyware\bak\gcasServ.exe

2003-05-20 18:45 . 2002-07-17 16:00 200767 c:\program files\Microsoft Money\System\bak\mnyexpr.exe

2004-10-15 22:03 . 2005-04-27 18:04 6856704 c:\program files\MSN Messenger\bak\msnmsgr.exe

2003-10-17 13:12 . 2005-02-28 00:40 98304 c:\program files\QuickTime\bak\qttask.exe
2009-01-05 22:18 . 2009-01-05 22:18 413696 c:\program files\QuickTime\QTTask.exe

2003-05-20 18:48 . 2002-10-03 23:50 684032 c:\program files\Roxio\Easy CD Creator 5\DirectCD\bak\DirectCD.exe

2003-06-11 02:39 . 2001-11-21 06:49 57344 c:\program files\Support.com\bin\bak\tgkill.exe

2003-05-20 18:42 . 2002-08-06 20:24 53248 c:\winnt\bak\GWMDMpi.exe

2003-07-10 09:13 . 2003-07-10 09:13 114688 c:\winnt\system32\bak\hkcmd.exe

2003-07-10 09:25 . 2003-07-10 09:25 155648 c:\winnt\system32\bak\igfxtray.exe

2001-10-12 07:42 . 2001-10-12 07:42 36864 c:\winnt\system32\spool\drivers\w32x86\3\bak\printray.exe
2006-10-23 01:28 . 2001-10-05 07:18 36864 c:\winnt\system32\spool\drivers\w32x86\3\printray.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\ypager.exe" [N/A]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [N/A]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hot Key Kbd 9910 Daemon"="SK9910DM.EXE" [2001-01-03 66048]
"Keyboard Preload Check"="c:\oemdrvrs\KEYB\Preload.exe" [N/A]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
"Lexmark X73 Button Monitor"="c:\progra~1\LEXMAR~1\ACMonitor_X73.exe" [2001-10-08 53248]
"Lexmark X73 Button Manager"="c:\progra~1\LEXMAR~1\AcBtnMgr_X73.exe" [2001-07-11 53248]
"PrinTray"="c:\winnt\System32\spool\DRIVERS\W32X86\3\printray.exe" [2001-10-05 36864]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"eBayToolbar"="c:\program files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [2008-08-06 652528]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2008-09-09 623880]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"Lexmark 3100 Series"="c:\program files\Lexmark 3100 Series\lxbrbmgr.exe" [2003-09-04 106496]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"GWMDMMSG"="GWMDMMSG.exe" [2002-08-06 90112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [N/A]
"Symantec Network Driver Update Warning"="c:\progra~1\Symantec\LIVEUP~1\SNDWarn.EXE" [N/A]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-31 68856]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Auto Detect.lnk - c:\program files\iConcepts Music Express\MEAutoDetect.exe [2009-2-12 374104]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2003-5-20 83360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2009-3-12 984352]
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Support.com\\bin\\tgcmd.exe"=
"c:\\Program Files\\WinMX\\WinMX.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2009\\QBDBMgrN.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\WINNT\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [11/26/2009 8:32 PM 64288]
R2 MSSQL$SOSHOME;MSSQL$SOSHOME;c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe -sSOSHOME --> c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe -sSOSHOME [?]
R4 AvgTdiX;AVG Free Network Redirector;c:\winnt\system32\Drivers\avgtdix.sys --> c:\winnt\system32\Drivers\avgtdix.sys [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9/24/2009 5:17 AM 1181328]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\atf\Qctest\PCDoc\PCDRDRV.sys --> c:\atf\Qctest\PCDoc\PCDRDRV.sys [?]
S3 SQLAgent$SOSHOME;SQLAgent$SOSHOME;c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlagent.EXE -i SOSHOME --> c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlagent.EXE -i SOSHOME [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - AvgLdx86

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-02-08 c:\winnt\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 02:32]

2010-02-06 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = hxxp://www.gateway.net/
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
DPF: DirectAnimation Java Classes - file://c:\winnt\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
DPF: {511073AD-BE56-4D43-AE68-93390514385E} - hcp://system/TechTools.CAB
.

**************************************************************************
scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files:

**************************************************************************
.
Completion time: 2010-02-13 14:30:23
ComboFix-quarantined-files.txt 2010-02-13 20:30
ComboFix2.txt 2010-02-13 17:29

Pre-Run: 42,947,616,768 bytes free
Post-Run: 42,923,184,128 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - B3A83FD90BA9F91BBC47C537183F472B

Okay, here is the result.

ComboFix 10-02-12.01 - Owner 02/13/2010 18:05:15.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1263.812 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\commy.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((( Files Created from 2010-01-14 to 2010-02-14 )))))))))))))))))))))))))))))))
.

2100-02-23 20:35 . 2001-02-22 15:54 768 -c--a-w- c:\program files\x73_lut.dat
2100-02-23 19:35 . 2001-02-22 14:54 768 -c--a-w- c:\winnt\x73_lut.dat
2100-02-08 21:03 . 2001-05-11 16:39 53248 -c--a-w- c:\program files\ACMonitor_X73.exe
2010-02-13 20:15 . 2010-02-13 20:30 -------- d-----w- C:\commy
2010-02-13 18:52 . 2010-02-13 18:52 -------- d-----w- c:\documents and settings\Owner\Application Data\WholeSecurity
2010-02-13 16:11 . 2010-02-13 16:13 -------- d-----w- c:\documents and settings\Owner\Application Data\U3
2010-02-10 00:53 . 2010-02-10 00:53 -------- d-sh--w- c:\documents and settings\Owner\PrivacIE
2010-01-23 19:01 . 2010-02-13 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-01-23 19:01 . 2010-01-23 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 00:25 . 2003-06-20 20:01 -------- d-----w- c:\program files\MSN Messenger
2010-02-14 00:25 . 2005-02-17 02:08 -------- d-----w- c:\program files\Microsoft AntiSpyware
2010-02-14 00:25 . 2003-05-20 18:45 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-02-14 00:01 . 2004-07-03 19:37 -------- d-----w- c:\program files\Lavasoft
2010-02-14 00:01 . 2009-11-27 02:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-02-14 00:00 . 2004-12-02 03:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-14 00:00 . 2004-12-02 03:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-02-13 20:10 . 2009-11-27 00:08 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-02-13 18:21 . 2003-05-20 18:48 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-02-13 17:14 . 2009-11-27 02:40 54 ----a-w- c:\winnt\system32\rp_stats.dat
2010-02-13 17:14 . 2009-11-27 02:40 39 ----a-w- c:\winnt\system32\rp_rules.dat
2010-02-13 16:41 . 2005-02-01 04:45 -------- d-----w- c:\documents and settings\Owner\Application Data\Lavasoft
2010-02-10 04:45 . 2003-06-10 04:31 -------- d-----w- c:\program files\Creative
2010-02-02 22:11 . 2009-07-31 04:47 -------- d-----w- c:\documents and settings\Sharon\Application Data\WholeSecurity
2010-01-23 19:01 . 2003-05-20 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-01-22 09:19 . 2009-07-06 16:20 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 15:00 . 2010-01-26 15:40 1260800 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgfrw.exe
2010-01-18 15:00 . 2010-01-26 15:40 3777280 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\setup.exe
2009-12-21 19:14 . 2004-02-06 23:05 916480 ------w- c:\winnt\system32\wininet.dll
2009-12-21 15:26 . 2009-12-21 15:26 -------- d-----w- c:\documents and settings\New Guest\Application Data\HP
2009-12-12 17:16 . 2004-04-12 02:57 66440 -c--a-w- c:\documents and settings\Sharon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-27 02:32 . 2009-11-27 02:32 93360 ----a-w- c:\winnt\system32\drivers\SBREDrv.sys
2009-11-21 15:51 . 1980-01-01 05:00 471552 ----a-w- c:\winnt\AppPatch\aclayers.dll
2004-03-01 15:25 . 2004-03-01 15:25 498 ----a-w- c:\program files\Shortcut to MSN Messenger.lnk
2003-06-14 21:25 . 2003-06-14 21:25 3782623 -c--a-w- c:\program files\dmfan2k.zip
2003-06-14 21:16 . 2003-06-14 21:16 3268339 -c--a-w- c:\program files\rocketmn.zip
2003-06-14 21:08 . 2003-06-14 21:08 1839517 -c--a-w- c:\program files\elvis60s.zip
2003-06-14 20:58 . 2003-06-14 20:58 1720708 -c--a-w- c:\program files\earth3d.exe
2001-07-26 22:58 . 2000-01-11 18:50 47 -c--a-w- c:\program files\ACMonitor_X73.ini
2001-07-05 18:46 . 2001-07-20 16:48 8116 -c--a-w- c:\program files\OSLO3071b2.USB
2001-05-08 21:36 . 2000-12-05 20:56 114688 -c--a-w- c:\program files\lxarscan.dll
2001-04-23 20:22 . 2100-02-08 21:53 1437 -c--a-w- c:\program files\gtx73.ini
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2001-05-09 17:21 . 2001-07-11 17:08 53248 c:\program files\LexmarkX73\bak\AcBtnMgr_X73.exe
2001-05-09 17:21 . 2001-07-11 17:08 53248 c:\program files\LexmarkX73\AcBtnMgr_X73.exe

2001-10-08 22:23 . 2001-10-08 21:21 53248 c:\program files\LexmarkX73\bak\ACMonitor_X73.exe
2001-10-08 22:23 . 2001-10-08 21:21 53248 c:\program files\LexmarkX73\ACMonitor_X73.exe

2003-10-17 13:12 . 2005-02-28 00:40 98304 c:\program files\QuickTime\bak\qttask.exe
2009-01-05 22:18 . 2009-01-05 22:18 413696 c:\program files\QuickTime\QTTask.exe

2001-10-12 07:42 . 2001-10-12 07:42 36864 c:\winnt\system32\spool\drivers\w32x86\3\bak\printray.exe
2006-10-23 01:28 . 2001-10-05 07:18 36864 c:\winnt\system32\spool\drivers\w32x86\3\printray.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\ypager.exe" [N/A]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hot Key Kbd 9910 Daemon"="SK9910DM.EXE" [2001-01-03 66048]
"Keyboard Preload Check"="c:\oemdrvrs\KEYB\Preload.exe" [N/A]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
"Lexmark X73 Button Monitor"="c:\progra~1\LEXMAR~1\ACMonitor_X73.exe" [2001-10-08 53248]
"Lexmark X73 Button Manager"="c:\progra~1\LEXMAR~1\AcBtnMgr_X73.exe" [2001-07-11 53248]
"PrinTray"="c:\winnt\System32\spool\DRIVERS\W32X86\3\printray.exe" [2001-10-05 36864]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"eBayToolbar"="c:\program files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [2008-08-06 652528]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2008-09-09 623880]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"Lexmark 3100 Series"="c:\program files\Lexmark 3100 Series\lxbrbmgr.exe" [2003-09-04 106496]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"GWMDMMSG"="GWMDMMSG.exe" [2002-08-06 90112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [N/A]
"Symantec Network Driver Update Warning"="c:\progra~1\Symantec\LIVEUP~1\SNDWarn.EXE" [N/A]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-31 68856]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Auto Detect.lnk - c:\program files\iConcepts Music Express\MEAutoDetect.exe [2009-2-12 374104]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2003-5-20 83360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2009-3-12 984352]
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Support.com\\bin\\tgcmd.exe"=
"c:\\Program Files\\WinMX\\WinMX.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2009\\QBDBMgrN.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\WINNT\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 MSSQL$SOSHOME;MSSQL$SOSHOME;c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe -sSOSHOME --> c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe -sSOSHOME [?]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\atf\Qctest\PCDoc\PCDRDRV.sys --> c:\atf\Qctest\PCDoc\PCDRDRV.sys [?]
S3 SQLAgent$SOSHOME;SQLAgent$SOSHOME;c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlagent.EXE -i SOSHOME --> c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlagent.EXE -i SOSHOME [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-02-06 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = hxxp://www.gateway.net/
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
DPF: DirectAnimation Java Classes - file://c:\winnt\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
DPF: {511073AD-BE56-4D43-AE68-93390514385E} - hcp://system/TechTools.CAB
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-13 18:25
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2416)
c:\winnt\system32\WININET.dll
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\winnt\system32\ieframe.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\winnt\system32\webcheck.dll
c:\winnt\system32\WPDShServiceObj.dll
c:\winnt\system32\PortableDeviceTypes.dll
c:\winnt\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\winnt\system32\LEXBCES.EXE
c:\winnt\system32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\winnt\wanmpsvc.exe
c:\winnt\system32\wscntfy.exe
c:\winnt\system32\SK9910DM.EXE
c:\program files\Logitech\MouseWare\system\em_exec.exe
c:\winnt\GWMDMMSG.exe
c:\program files\Lexmark 3100 Series\lxbrbmon.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2010-02-13 18:34:22 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-14 00:34
ComboFix2.txt 2010-02-13 20:30
ComboFix3.txt 2010-02-13 17:29

Pre-Run: 43,306,442,752 bytes free
Post-Run: 43,270,819,840 bytes free

- - End Of File - - 5946D80F6A74AE95A4FCA2DE3470219E

Hello.

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   
   AWF::
   c:\program files\LexmarkX73\bak\AcBtnMgr_X73.exe
   c:\program files\LexmarkX73\bak\ACMonitor_X73.exe
   c:\program files\QuickTime\bak\qttask.exe
   c:\winnt\system32\spool\drivers\w32x86\3\bak\printray.exe
   

   
   
4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.
   

Here is the latest log report.

ComboFix 10-02-12.01 - Owner 02/13/2010 19:18:47.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1263.850 [GMT -6:00]
Running from: c:\documents and settings\Owner\Desktop\commy.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((( Files Created from 2010-01-14 to 2010-02-14 )))))))))))))))))))))))))))))))
.

2100-02-23 20:35 . 2001-02-22 15:54 768 -c--a-w- c:\program files\x73_lut.dat
2100-02-23 19:35 . 2001-02-22 14:54 768 -c--a-w- c:\winnt\x73_lut.dat
2100-02-08 21:03 . 2001-05-11 16:39 53248 -c--a-w- c:\program files\ACMonitor_X73.exe
2010-02-14 00:04 . 2010-02-14 00:34 -------- d-----w- C:\commy8943c
2010-02-13 20:15 . 2010-02-13 20:30 -------- d-----w- C:\commy
2010-02-13 18:52 . 2010-02-13 18:52 -------- d-----w- c:\documents and settings\Owner\Application Data\WholeSecurity
2010-02-13 16:11 . 2010-02-13 16:13 -------- d-----w- c:\documents and settings\Owner\Application Data\U3
2010-02-10 00:53 . 2010-02-10 00:53 -------- d-sh--w- c:\documents and settings\Owner\PrivacIE
2010-01-23 19:01 . 2010-02-13 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-01-23 19:01 . 2010-01-23 19:01 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 00:25 . 2003-06-20 20:01 -------- d-----w- c:\program files\MSN Messenger
2010-02-14 00:25 . 2005-02-17 02:08 -------- d-----w- c:\program files\Microsoft AntiSpyware
2010-02-14 00:25 . 2003-05-20 18:45 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-02-14 00:01 . 2004-07-03 19:37 -------- d-----w- c:\program files\Lavasoft
2010-02-14 00:01 . 2009-11-27 02:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-02-14 00:00 . 2004-12-02 03:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-14 00:00 . 2004-12-02 03:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-02-13 20:10 . 2009-11-27 00:08 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-02-13 18:21 . 2003-05-20 18:48 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-02-13 17:14 . 2009-11-27 02:40 54 ----a-w- c:\winnt\system32\rp_stats.dat
2010-02-13 17:14 . 2009-11-27 02:40 39 ----a-w- c:\winnt\system32\rp_rules.dat
2010-02-13 16:41 . 2005-02-01 04:45 -------- d-----w- c:\documents and settings\Owner\Application Data\Lavasoft
2010-02-10 04:45 . 2003-06-10 04:31 -------- d-----w- c:\program files\Creative
2010-02-02 22:11 . 2009-07-31 04:47 -------- d-----w- c:\documents and settings\Sharon\Application Data\WholeSecurity
2010-01-23 19:01 . 2003-05-20 18:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-01-22 09:19 . 2009-07-06 16:20 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-21 19:14 . 2004-02-06 23:05 916480 ------w- c:\winnt\system32\wininet.dll
2009-12-21 15:26 . 2009-12-21 15:26 -------- d-----w- c:\documents and settings\New Guest\Application Data\HP
2009-12-12 17:16 . 2004-04-12 02:57 66440 -c--a-w- c:\documents and settings\Sharon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-27 02:32 . 2009-11-27 02:32 93360 ----a-w- c:\winnt\system32\drivers\SBREDrv.sys
2009-11-21 15:51 . 1980-01-01 05:00 471552 ----a-w- c:\winnt\AppPatch\aclayers.dll
2004-03-01 15:25 . 2004-03-01 15:25 498 ----a-w- c:\program files\Shortcut to MSN Messenger.lnk
2003-06-14 21:25 . 2003-06-14 21:25 3782623 -c--a-w- c:\program files\dmfan2k.zip
2003-06-14 21:16 . 2003-06-14 21:16 3268339 -c--a-w- c:\program files\rocketmn.zip
2003-06-14 21:08 . 2003-06-14 21:08 1839517 -c--a-w- c:\program files\elvis60s.zip
2003-06-14 20:58 . 2003-06-14 20:58 1720708 -c--a-w- c:\program files\earth3d.exe
2001-07-26 22:58 . 2000-01-11 18:50 47 -c--a-w- c:\program files\ACMonitor_X73.ini
2001-07-05 18:46 . 2001-07-20 16:48 8116 -c--a-w- c:\program files\OSLO3071b2.USB
2001-05-08 21:36 . 2000-12-05 20:56 114688 -c--a-w- c:\program files\lxarscan.dll
2001-04-23 20:22 . 2100-02-08 21:53 1437 -c--a-w- c:\program files\gtx73.ini
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2001-05-09 17:21 . 2001-07-11 17:08 53248 c:\program files\LexmarkX73\bak\AcBtnMgr_X73.exe
2001-05-09 17:21 . 2001-07-11 17:08 53248 c:\program files\LexmarkX73\AcBtnMgr_X73.exe

2001-10-08 22:23 . 2001-10-08 21:21 53248 c:\program files\LexmarkX73\bak\ACMonitor_X73.exe
2001-10-08 22:23 . 2001-10-08 21:21 53248 c:\program files\LexmarkX73\ACMonitor_X73.exe

2003-10-17 13:12 . 2005-02-28 00:40 98304 c:\program files\QuickTime\bak\qttask.exe
2009-01-05 22:18 . 2009-01-05 22:18 413696 c:\program files\QuickTime\QTTask.exe

2001-10-12 07:42 . 2001-10-12 07:42 36864 c:\winnt\system32\spool\drivers\w32x86\3\bak\printray.exe
2006-10-23 01:28 . 2001-10-05 07:18 36864 c:\winnt\system32\spool\drivers\w32x86\3\printray.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\ypager.exe" [N/A]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hot Key Kbd 9910 Daemon"="SK9910DM.EXE" [2001-01-03 66048]
"Keyboard Preload Check"="c:\oemdrvrs\KEYB\Preload.exe" [N/A]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
"Lexmark X73 Button Monitor"="c:\progra~1\LEXMAR~1\ACMonitor_X73.exe" [2001-10-08 53248]
"Lexmark X73 Button Manager"="c:\progra~1\LEXMAR~1\AcBtnMgr_X73.exe" [2001-07-11 53248]
"PrinTray"="c:\winnt\System32\spool\DRIVERS\W32X86\3\printray.exe" [2001-10-05 36864]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"eBayToolbar"="c:\program files\eBay\eBay Toolbar2\eBayTBDaemon.exe" [2008-08-06 652528]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2008-09-09 623880]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"Lexmark 3100 Series"="c:\program files\Lexmark 3100 Series\lxbrbmgr.exe" [2003-09-04 106496]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"GWMDMMSG"="GWMDMMSG.exe" [2002-08-06 90112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [N/A]
"Symantec Network Driver Update Warning"="c:\progra~1\Symantec\LIVEUP~1\SNDWarn.EXE" [N/A]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-31 68856]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Auto Detect.lnk - c:\program files\iConcepts Music Express\MEAutoDetect.exe [2009-2-12 374104]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2003-5-20 83360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2009-3-12 984352]
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Support.com\\bin\\tgcmd.exe"=
"c:\\Program Files\\WinMX\\WinMX.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2009\\QBDBMgrN.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\WINNT\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 MSSQL$SOSHOME;MSSQL$SOSHOME;c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe -sSOSHOME --> c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe -sSOSHOME [?]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\atf\Qctest\PCDoc\PCDRDRV.sys --> c:\atf\Qctest\PCDoc\PCDRDRV.sys [?]
S3 SQLAgent$SOSHOME;SQLAgent$SOSHOME;c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlagent.EXE -i SOSHOME --> c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlagent.EXE -i SOSHOME [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-02-06 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = hxxp://www.gateway.net/
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office10\EXCEL.EXE/3000
IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
DPF: DirectAnimation Java Classes - file://c:\winnt\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
DPF: {511073AD-BE56-4D43-AE68-93390514385E} - hcp://system/TechTools.CAB
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-13 19:28
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1976)
c:\winnt\system32\WININET.dll
c:\program files\Logitech\MouseWare\System\LgWndHk.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\winnt\system32\ieframe.dll
c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
c:\winnt\system32\webcheck.dll
c:\winnt\system32\WPDShServiceObj.dll
c:\winnt\system32\PortableDeviceTypes.dll
c:\winnt\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\winnt\system32\LEXBCES.EXE
c:\winnt\system32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft SQL Server\MSSQL$SOSHOME\Binn\sqlservr.exe
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\winnt\wanmpsvc.exe
c:\winnt\system32\SK9910DM.EXE
c:\winnt\GWMDMMSG.exe
c:\program files\Logitech\MouseWare\system\em_exec.exe
c:\program files\Lexmark 3100 Series\lxbrbmon.exe
c:\winnt\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2010-02-13 19:36:33 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-14 01:36
ComboFix2.txt 2010-02-14 00:34
ComboFix3.txt 2010-02-13 20:30
ComboFix4.txt 2010-02-13 17:29

Pre-Run: 43,281,256,448 bytes free
Post-Run: 43,244,089,344 bytes free

- - End Of File - - D8E5B45AE83A30A6A58D470D28B4F07D

Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

How is the machine running now?

Ok. ComboFix is uninstalled. Computer is stable. I do feel a little vunerable without having the anti-virus, or anti-malware spyware adaware,etc running.

Do I go ahead and lnstall AVG, Spybot, and AdAware again?

Should I go ahead and load up the three softwares: AVG, AdAware, and SpyBot S&D????

Hello.

You aren't running Anti Virus Software

Please install Avira antivirus otherwise you won't be protected.

1) Antivir PersonalEditionClassic
-Free anti-virus software for Windows.
-Detects and removes more than 50,000 viruses. Free support.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts.

Ok. Thank you for your help. Avira Anti-Virus is loaded.

Should I load Spybot S&D in addition to Avira?

Yes.