sorry, i forgot to run that one...here is the log
also, my malwarebytes and system mechanic gave me errors...i'll attach those
ComboFix 11-08-01.05 - DIANE BLUMENFIELD 08/01/2011 19:56:28.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2633 [GMT -4:00]
Running from: c:\documents and settings\DIANE BLUMENFIELD\desktop\commy.exe
Command switches used :: /stepdel
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: CA Personal Firewall *Enabled* {14CB4B80-8E52-45EA-905E-67C1267B4160}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\dayi.ime
c:\program files\rnamfler\radprlib.dll
c:\program files\rnamfler\stream.rep
c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf
c:\windows\MailSwitch.ocx
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000016_.tmp.dll
c:\windows\system32\_000017_.tmp.dll
c:\windows\system32\_000025_.tmp.dll
c:\windows\system32\dayi.ime
c:\windows\system32\drivers\1028_DELL_XPS_Dell DM051 .MRK
c:\windows\system32\drivers\DELL_XPS_Dell DM051 .MRK
c:\windows\system32\regobj.dll
K:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2011-07-02 to 2011-08-02 )))))))))))))))))))))))))))))))
.
.
2011-08-01 03:17 . 2011-08-01 03:17 -------- d-----w- c:\windows\system32\XPSViewer
2011-08-01 03:17 . 2011-08-01 03:17 -------- d-----w- c:\program files\MSBuild
2011-08-01 03:17 . 2011-08-01 03:17 -------- d-----w- c:\program files\Reference Assemblies
2011-08-01 03:03 . 2011-08-01 03:04 -------- d-----w- c:\windows\system32\URTTemp
2011-08-01 02:58 . 2011-01-06 17:08 1310720 ----a-w- c:\windows\system32\CNC870C.dll
2011-08-01 02:58 . 2011-01-06 17:08 110592 ----a-w- c:\windows\system32\CNC870I.dll
2011-08-01 02:58 . 2011-01-06 17:07 102400 ----a-w- c:\windows\system32\CNC870U.dll
2011-08-01 02:58 . 2009-10-19 20:29 307200 ----a-w- c:\windows\system32\CNC870L.dll
2011-08-01 02:58 . 2008-08-25 22:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2011-08-01 02:22 . 2011-08-01 02:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-31 20:37 . 2006-03-24 00:12 139264 ----a-w- c:\windows\system32\igfxres.dll
2011-07-29 01:56 . 2006-03-24 00:38 61440 ----a-w- c:\windows\system32\iAlmCoIn_v4543.dll
2011-07-29 01:56 . 2011-07-29 01:56 -------- dc----w- C:\drvrtmp
2011-07-28 13:10 . 2007-06-08 05:10 876544 ----a-w- c:\windows\system32\TEACico2.dll
2011-07-28 12:25 . 2011-08-01 02:24 -------- dc----w- c:\documents and settings\DIANE BLUMENFIELD\Local Settings\Application Data\Deployment
2011-07-27 12:33 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-07-27 12:33 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-07-27 12:33 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-07-27 12:32 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-07-27 12:31 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-07-27 10:33 . 2011-07-27 10:33 -------- dc----w- c:\documents and settings\DIANE BLUMENFIELD\Application Data\Avira
2011-07-27 02:52 . 2011-07-27 02:52 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2011-07-27 02:51 . 2011-07-27 02:51 -------- dc-h--w- c:\documents and settings\All Users\Application Data\CanonBJ
2011-07-27 02:51 . 2010-05-16 09:00 70656 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPA7.DLL
2011-07-27 02:51 . 2010-05-16 09:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDA7.DLL
2011-07-27 02:51 . 2010-05-16 09:00 277504 ----a-w- c:\windows\system32\CNMLMA7.DLL
2011-07-25 10:26 . 2011-07-25 10:26 -------- d-----w- c:\program files\MSXML 6.0
2011-07-25 10:26 . 2011-04-25 16:11 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-07-25 10:26 . 2011-04-26 14:11 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-07-25 10:26 . 2011-04-25 16:11 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-07-25 10:26 . 2011-04-25 16:11 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-07-25 10:26 . 2011-04-25 16:11 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-07-25 10:26 . 2011-04-25 16:11 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-07-25 10:26 . 2011-04-25 16:11 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-07-25 09:56 . 2011-07-19 19:42 2083464 ------w- c:\windows\system32\Incinerator32.dll
2011-07-25 02:22 . 2009-07-31 14:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2011-07-25 02:22 . 2008-04-13 17:27 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2011-07-25 02:22 . 2008-04-14 00:11 81920 ------w- c:\windows\system32\ieencode.dll
2011-07-25 02:05 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-07-25 02:05 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-07-25 02:05 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-07-25 02:05 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2011-07-25 02:05 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-07-25 02:05 . 2010-12-20 17:26 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2011-07-25 02:05 . 2010-12-09 15:15 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-07-25 02:05 . 2010-12-09 13:42 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-07-25 02:05 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-07-25 02:05 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-07-25 02:05 . 2010-12-09 13:38 2192768 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-07-25 02:05 . 2010-12-09 13:07 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-07-25 02:03 . 2011-02-17 13:18 357888 -c----w- c:\windows\system32\dllcache\srv.sys
2011-07-25 02:03 . 2010-08-27 08:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-07-25 02:03 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-07-25 02:03 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-07-25 02:03 . 2011-04-29 16:19 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-07-25 02:03 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-07-25 02:01 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-07-25 02:00 . 2009-05-21 18:46 268288 -c----w- c:\windows\system32\dllcache\httpext.dll
2011-07-25 01:58 . 2008-10-15 16:34 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-07-25 01:58 . 2010-07-12 12:55 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-07-25 00:50 . 2011-07-25 00:50 -------- d-----w- c:\windows\system32\STRING
2011-07-25 00:50 . 2009-10-09 15:01 137216 ------w- c:\windows\system32\CNMNPUI.DLL
2011-07-25 00:50 . 2009-10-09 15:01 354816 ------w- c:\windows\system32\CNMNPPM.DLL
2011-07-25 00:50 . 2011-07-25 00:50 -------- d-----w- c:\windows\system32\CHM
2011-07-24 23:27 . 2001-08-18 02:36 87040 -c----w- c:\windows\system32\dllcache\wiafbdrv.dll
2011-07-24 23:27 . 2001-08-18 02:36 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2011-07-24 22:00 . 2011-07-25 00:55 66616 ------w- c:\windows\system32\drivers\avgntflt.sys
2011-07-24 22:00 . 2011-07-25 00:55 138192 ------w- c:\windows\system32\drivers\avipbb.sys
2011-07-24 22:00 . 2010-06-17 19:27 45416 ------w- c:\windows\system32\drivers\avgntdd.sys
2011-07-24 22:00 . 2010-06-17 19:27 22360 ------w- c:\windows\system32\drivers\avgntmgr.sys
2011-07-24 22:00 . 2011-07-24 22:00 -------- dc----w- c:\documents and settings\All Users\Application Data\Avira
2011-07-24 22:00 . 2011-07-24 22:00 -------- d-----w- c:\program files\Avira
2011-07-24 21:57 . 2011-07-24 21:52 56039816 -c----w- C:\avira_antivir_personal_en.exe
2011-07-24 20:42 . 2011-07-06 23:52 22712 ------w- c:\windows\system32\drivers\mbam.sys
2011-07-24 20:20 . 2004-08-10 08:13 73728 -c----w- c:\windows\system32\dllcache\ehresja.dll
2011-07-24 20:20 . 2004-08-10 08:13 69632 -c----w- c:\windows\system32\dllcache\ehresko.dll
2011-07-24 20:20 . 2004-08-10 08:13 69632 -c----w- c:\windows\system32\dllcache\ehresfr.dll
2011-07-24 20:20 . 2004-08-10 08:13 69632 -c----w- c:\windows\system32\dllcache\ehresde.dll
2011-07-24 20:18 . 2004-08-10 11:00 101376 -c----w- c:\windows\system32\dllcache\srusbusd.dll
2011-07-24 20:17 . 2004-08-10 11:00 92416 -c----w- c:\windows\system32\dllcache\mga.sys
2011-07-24 20:16 . 2004-08-10 11:00 10096640 -c----w- c:\windows\system32\dllcache\hwxcht.dll
2011-07-24 20:15 . 2004-08-10 11:00 10752 -c----w- c:\windows\system32\dllcache\c_iscii.dll
2011-07-24 20:15 . 2008-04-14 00:12 10240 -c----w- c:\windows\system32\dllcache\npwmsdrm.dll
2011-07-24 20:15 . 2008-04-14 00:12 364544 -c----w- c:\windows\system32\dllcache\npdsplay.dll
2011-07-24 20:15 . 2008-04-14 00:12 4639 -c----w- c:\windows\system32\dllcache\mplayer2.exe
2011-07-24 20:07 . 2004-08-10 11:00 7680 -c----w- c:\windows\system32\dllcache\inetmgr.exe
2011-07-24 19:26 . 2004-08-10 11:00 13312 -c----w- c:\windows\system32\dllcache\irclass.dll
2011-07-24 19:26 . 2004-08-10 11:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-07-24 19:26 . 2004-08-10 11:00 24661 -c----w- c:\windows\system32\dllcache\spxcoins.dll
2011-07-24 19:26 . 2004-08-10 11:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-07-24 19:26 . 2006-03-30 10:03 22339 ------r- c:\windows\SETCB.tmp
2011-07-24 19:26 . 2005-03-30 17:54 10559 ------r- c:\windows\SETCC.tmp
2011-07-24 19:26 . 2004-08-10 11:00 13753 ------r- c:\windows\SET88.tmp
2011-07-24 19:26 . 2004-08-10 11:00 1086058 ------r- c:\windows\SET7C.tmp
2011-07-24 19:26 . 2004-08-10 11:00 106147 ------r- c:\windows\SET79.tmp
2011-07-24 04:58 . 2004-08-10 11:00 16384 -c----w- c:\windows\system32\dllcache\isignup.exe
2011-07-24 04:58 . 2004-08-10 11:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2011-07-24 04:57 . 2008-04-14 00:12 86016 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn2.exe
2011-07-24 04:57 . 2008-04-14 00:12 214528 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwconn1.exe
2011-07-24 04:57 . 2008-04-14 00:12 20480 ----a-w- c:\program files\Internet Explorer\Connection Wizard\inetwiz.exe
2011-07-24 04:57 . 2008-04-14 00:11 32768 ----a-w- c:\program files\Internet Explorer\Connection Wizard\icwdl.dll
2011-07-23 21:11 . 2006-03-30 10:03 22339 ------r- c:\windows\SET1A5.tmp
2011-07-23 21:11 . 2005-03-30 17:54 10559 ------r- c:\windows\SET1A6.tmp
2011-07-23 21:11 . 2004-08-10 11:00 13753 ------r- c:\windows\SET162.tmp
2011-07-23 21:11 . 2004-08-10 11:00 1086058 ------r- c:\windows\SET156.tmp
2011-07-23 21:11 . 2004-08-10 11:00 106147 ------r- c:\windows\SET153.tmp
2011-07-23 16:54 . 2011-07-23 16:54 -------- d-----w- c:\windows\dell
2011-07-23 12:04 . 2011-07-23 01:58 299008 -c----w- C:\RUNSAS.EXE
2011-07-23 12:04 . 2011-07-23 01:59 9954344 -c----w- C:\SAS_PRO.EXE
2011-07-23 12:04 . 2011-07-23 01:59 9953832 -c----w- C:\SAS_FREE.EXE
2011-07-23 12:04 . 2011-07-23 02:00 16127536 -c----w- C:\SASSAFERUN.COM
2011-07-23 08:09 . 2011-07-22 23:38 16096200 -c----w- C:\SAS_857009.COM
2011-07-12 22:49 . 2011-03-06 22:12 2234368 -c----r- C:\OTLPE.exe
2011-07-12 22:41 . 2011-07-12 20:39 579584 -c----w- C:\OTL.com
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-19 20:25 . 2010-09-03 19:53 11776 ------w- c:\windows\system32\smrgdf.exe
2011-07-19 20:25 . 2010-09-03 19:52 29696 ------w- c:\windows\system32\iolobtdfg.exe
2011-07-06 23:52 . 2011-05-27 01:03 41272 ------w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-02 14:02 . 2004-08-10 11:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-27 01:03 . 2011-05-27 01:03 7734208 -c----w- C:\mbam-setup-1.50.1.1100.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-29 03:44 1400712 ------w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-29 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-06 1047656]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"ArcSoft MediaImpression Monitor"="c:\program files\Kodak\MediaImpression\ArcMonitor.exe" [2010-07-20 80384]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-27 421160]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 339968]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-24 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-24 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-24 118784]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk - c:\documents and settings\DIANE BLUMENFIELD\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe [N/A]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\CA Personal Firewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiMalware]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Linksys\\LogViewer\\LogViewer.exe"=
"c:\\StubInstaller.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience
.
R1 GearAspiSys;GearAspiSys;c:\windows\system32\drivers\GEARASPISYS.SYS [8/21/2007 12:44 PM 53412]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [7/24/2011 6:00 PM 136360]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [9/3/2010 3:53 PM 722616]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [3/17/2007 12:51 PM 24652]
R3 ArcCD;ArcCD Filter Driver Service;c:\windows\system32\drivers\ArcCD.sys [12/28/2010 12:06 PM 36224]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/24/2011 4:42 PM 22712]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/26/2011 9:03 PM 366640]
S3 CEUSBAUD;DigiTech USB MIDI Driver;c:\windows\system32\drivers\ceusbaud.sys [8/28/2007 12:39 PM 15360]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [3/15/2009 7:34 AM 30192]
S3 PLCMPR5;PLCMPR5 NDIS Protocol Driver;\??\c:\windows\system32\PLCMPR5.SYS --> c:\windows\system32\PLCMPR5.SYS [?]
S3 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;c:\windows\system32\PLCNDIS5.SYS [7/30/2007 9:59 PM 17280]
S3 yeddef;YEDDEF driver;c:\windows\system32\Drivers\yeddef.sys --> c:\windows\system32\Drivers\yeddef.sys [?]
S4 ArcUdfs;ArcUdfs FileSystem Driver Service;c:\windows\system32\drivers\ArcUdfs.sys [12/28/2010 12:06 PM 134912]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - ArcRec
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 08:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
2011-08-01 c:\windows\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
2011-08-01 c:\windows\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8mSearch Bar =
hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.htmluInternet Settings,ProxyOverride = *.local
uSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://search.yahoo.com/search?fr=mcafee&p=%sIE: Crawler Search - tbr:iemenu
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 167.206.245.130 167.206.245.129
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-08-01 20:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1120)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-08-01 20:07:57
ComboFix-quarantined-files.txt 2011-08-02 00:07
.
Pre-Run: 101,046,624,256 bytes free
Post-Run: 101,002,993,664 bytes free
.
- - End Of File - - 3421DE2C82F8AB82BBC078CF930C91CB
