That worked a treat, here is the log:
ComboFix 09-04-04.01 - Admin 06/04/2009 15:04:42.1 - NTFSx86
Microsoft
Windows Vista
Home Premium 6.0.6001.1.1252.1.1033.18.3061.1969 [GMT 1:00]
Running from: c:\users\Stephanie\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2009-03-06 to 2009-04-06 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-06 03:07 --------- d-----w c:\program files\Windows Mail
2009-04-06 03:06 --------- d-----w c:\programdata\Microsoft Help
2009-04-05 21:52 --------- d-----w c:\users\Stephanie\AppData\Roaming\Malwarebytes
2009-04-05 21:33 0 ----a-w C:\backup.reg
2009-04-05 21:03 --------- d--h--w c:\program files\InstallShield Installation Information
2009-04-05 20:23 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-05 20:14 --------- d-----w c:\programdata\Malwarebytes
2009-04-05 19:55 --------- d-----w c:\users\Admin\AppData\Roaming\DNA
2009-04-03 17:16 --------- d-----w c:\programdata\McAfee
2009-04-03 16:35 --------- d-----w c:\users\Stephanie\AppData\Roaming\BitTorrent
2009-04-02 15:02 --------- d-----w c:\program files\Google
2009-04-02 15:00 --------- d-----w c:\program files\Softonic_English
2009-04-02 12:33 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-03-26 15:49 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-26 15:49 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-03-02 23:35 --------- d-----w c:\users\Stephanie\AppData\Roaming\NesterSoft
2009-02-09 03:10 2,033,152 ----a-w c:\windows\System32\win32k.sys
2009-02-02 08:39 10,520 ----a-w c:\windows\System32\avgrsstx.dll
2009-01-15 06:11 827,392 ----a-w c:\windows\System32\wininet.dll
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
2008-08-11 14:46 76 --sh--r c:\windows\CT4CET.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [29/02/2008 05:18 17920]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [04/05/2008 10:25 167936]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [04/03/2008 06:05 36864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [06/03/2008 08:58 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [06/03/2008 08:58 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [06/03/2008 08:58 133656]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [27/07/2007 16:43 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [21/03/2007 13:00 174872]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [16/05/2008 13:17 3444736]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/05/2007 03:06 40048]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [11/08/2008 15:54 29744]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [11/03/2008 12:44 16384]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [21/12/2007 10:58 184320]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [06/09/2008 15:09 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [01/10/2008 18:57 289576]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [14/08/2008 00:04 206064]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [02/02/2009 09:39 1601304]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [13/09/2007 15:44 405504]
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-05-13 1058088]
c:\users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-05-13 1058088]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-08-11 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-02-22 1193240]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
11/08/2008 16:01 10536 c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GOEC62~1.DLL avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{2E038292-EF82-4526-814C-8302486EBFCD}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{8112B007-D453-4014-A056-5F21DFDF83FE}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
"{F6E4D4CA-1100-47DA-9EC3-DE55815E24BF}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{45FBFCEA-AAD3-4504-8570-08006E57172C}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{32CBBFF3-2990-4311-B60A-1E8F4FBD4D28}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{9BB45849-F997-4AF1-B466-2FF6EF3A7D38}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8D0302CC-35F4-42A7-A5F6-E93344CAC839}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{31FB613C-E313-4F61-8A14-31102316B035}"= UDP:c:\program files\DNA\btdna.exe:DNA
"{73BC571D-1533-4987-8D93-88DA93A12744}"= TCP:c:\program files\DNA\btdna.exe:DNA
"{9DB4EF27-5EA6-43D0-85D4-17A5E6A56833}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{84EC16EC-A0BE-4F55-A657-C551212893F2}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{4A7B93BF-0414-43F1-AF96-BCE1C4C71528}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{32A4F0CB-092C-49FB-8F12-EF3FF23815DB}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{2E883A8F-56D5-4FAA-B037-BA1BAEE2084C}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{9ECEC11F-5097-4097-9D48-09A7AB7A9384}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"TCP Query User{441AAEA2-3302-4F41-AD9E-4D1BBBAF3B6C}c:\\users\\admin\\program files\\dna\\btdna.exe"= UDP:c:\users\admin\program files\dna\btdna.exe:btdna.exe
"UDP Query User{A8850546-B753-4F1E-9B62-3C4C75335FCB}c:\\users\\admin\\program files\\dna\\btdna.exe"= TCP:c:\users\admin\program files\dna\btdna.exe:btdna.exe
"{83F14680-0AB4-45A3-9B59-C6E7E15F0848}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2008-10-30 325128]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [2008-08-11 73728]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-02 298264]
R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-04-28 161048]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [2008-08-12 111616]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [2008-08-12 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [2008-08-12 7424]
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{930F1200-F5F1-4870-BAC6-E233EC8E7023} - (no file)
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3080811uInternet Settings,ProxyOverride = *.local
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-04-06 15:06:39
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 06/04/2009 15:08:17
ComboFix-quarantined-files.txt 2009-04-06 14:08:14
Pre-Run: 75,021,914,112 bytes free
Post-Run: 75,029,192,704 bytes free
126 --- E O F --- 2009-04-06 03:06:56