antivirus pro

Now open a new notepad file.
Input this into the notepad file:

KILLALL::

File::
c:\windows\567788.bat
c:\windows\0101120101465749.dat
C:\fdvjfx.exe

Driver::
drvdrv

Folder::
c:\program files\drv

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
"drv"=-

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.

ComboFix 09-07-02.02 - rmac 07/03/2009 13:43.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.288 [GMT -7:00]
Running from: c:\documents and settings\rmac\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\rmac\Desktop\CFScript.txt
AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

FILE ::
"C:\fdvjfx.exe"
"c:\windows\0101120101465749.dat"
"c:\windows\567788.bat"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\fdvjfx.exe
c:\program files\drv
c:\program files\drv\drv.dll
c:\program files\drv\drv.sys
c:\windows\0101120101465749.dat
c:\windows\567788.bat

c:\windows\system32\proquota.exe . . . is missing!!

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DRVDRV
-------\Service_drvdrv


((((((((((((((((((((((((( Files Created from 2009-06-03 to 2009-07-03 )))))))))))))))))))))))))))))))
.

2010-04-28 21:44 . 2006-05-24 00:01 -------- d-----w- c:\documents and settings\itc\Application Data\Apple Computer
2010-04-28 21:43 . 2006-05-24 00:01 -------- d-----w- c:\documents and settings\itc\Local Settings\Application Data\Apple Computer
2009-07-03 16:24 . 2009-07-03 16:25 -------- d-----w- C:\viewpointkiller
2009-07-03 04:15 . 2009-07-03 04:15 -------- d-----w- c:\program files\Trend Micro
2009-07-03 01:55 . 2009-07-03 01:55 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2009-07-03 01:55 . 2009-07-03 01:55 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2009-07-03 01:55 . 2009-07-03 01:55 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2009-07-03 01:55 . 2009-07-03 01:55 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2009-07-02 21:27 . 2009-07-02 21:27 -------- d-----w- c:\documents and settings\rmac\Application Data\Malwarebytes
2009-07-02 21:27 . 2009-06-17 18:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-02 21:27 . 2009-07-02 21:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-07-02 21:27 . 2009-06-17 18:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-02 21:27 . 2009-07-02 21:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-02 16:55 . 2009-07-02 16:55 -------- d-sh--w- c:\windows\System Volume Information
2009-07-02 02:36 . 2009-07-02 02:36 -------- d-----w- c:\documents and settings\rmac\Local Settings\Application Data\Thunderbird
2009-07-02 02:36 . 2009-07-02 02:36 -------- d-----w- c:\documents and settings\rmac\Application Data\Thunderbird
2009-07-02 02:33 . 2009-07-03 04:47 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-06-11 17:33 . 2009-06-11 17:46 -------- d-----w- c:\documents and settings\rmac\Application Data\Mp3tag
2009-06-11 17:32 . 2009-06-11 17:33 -------- d-----w- c:\program files\Mp3tag
2009-06-11 17:00 . 2009-06-12 03:30 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-11 17:00 . 2009-06-11 17:14 -------- d-----w- c:\program files\Cool MP3 Splitter

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-03 03:07 . 2006-05-04 18:17 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-03 02:09 . 2006-05-04 18:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-15 01:07 . 2006-09-12 15:18 -------- d-----w- c:\program files\SPSS
2009-06-14 20:34 . 2006-08-31 00:50 -------- d-----w- c:\documents and settings\rmac\Application Data\AdobeUM
2009-06-13 15:54 . 2006-12-22 01:14 -------- d-----w- c:\program files\Replay AV 8
2009-05-24 05:21 . 2009-05-24 05:21 -------- d-----w- c:\program files\Devious Codeworks
2009-05-24 00:29 . 2009-05-24 00:29 -------- d-----w- c:\program files\7-Zip
2009-05-23 21:09 . 2009-05-23 21:09 -------- d-----w- c:\documents and settings\rmac\Application Data\PKWARE
2009-05-23 21:09 . 2009-05-23 21:09 -------- d-----w- c:\documents and settings\All Users\Application Data\PKWARE
2009-05-21 21:06 . 2009-05-21 20:37 -------- d-----w- c:\documents and settings\rmac\Application Data\dvdcss
2009-05-21 20:56 . 2007-08-19 18:32 -------- d-----w- c:\program files\Dvd-cloner
2001-05-24 20:59 . 2007-01-16 16:45 162304 ----a-w- c:\program files\UNWISE.EXE
2006-08-30 18:59 . 2006-04-27 23:12 60526 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2006-08-30 18:59 . 2006-04-27 23:12 49256 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2006-08-30 18:59 . 2006-04-27 23:12 166000 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2008-04-01 03:31 . 2008-04-01 03:30 80 --sh--r- c:\windows\system32\64B6FEA206.dll
2005-07-14 19:31 . 2006-05-24 17:37 27648 --sha-w- c:\windows\system32\AVSredirect.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-07-03_18.25.36 )))))))))))))))))))))))))))))))))))))))))
.
- 2003-06-19 10:35 . 2009-07-03 17:04 63764 c:\windows\system32\perfc009.dat
+ 2003-06-19 10:35 . 2009-07-03 18:28 63764 c:\windows\system32\perfc009.dat
+ 2003-06-19 10:35 . 2009-07-03 18:28 405882 c:\windows\system32\perfh009.dat
- 2003-06-19 10:35 . 2009-07-03 17:04 405882 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-27 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2006-05-18 684032]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2005-10-07 176128]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2003-01-31 196608]
"HPHmon03"="c:\windows\system32\hphmon03.exe" [2003-01-31 311296]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2005-12-05 461584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-08-16 271672]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2006-11-30 112216]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 136768]
"P17Helper"="P17.dll" - c:\windows\system32\P17.dll [2005-05-03 64512]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Cisco Systems VPN Client.lnk - c:\program files\Cisco Systems\VPN Client\vpngui.exe [2006-10-6 1524776]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\program files\Qualcomm\Eudora\EuShlExt.dll" [2001-04-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=APTRRNTm.dll
"wave"=APTRRNTm.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SAS\\SAS 9.1\\sas.exe"=
"c:\\Program Files\\WS_FTP\\WS_FTP95.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microtek\\ScanWizard Pro\\LANServer.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 vmscsi;vmscsi;c:\windows\system32\drivers\vmscsi.sys [4/27/2006 10:53 AM 10880]
R2 Gizmo Plugin;Gizmo VoIP Service;c:\program files\GizmoPlugin\GizmoPlugin.exe [5/31/2007 7:55 AM 962048]
R3 vmmemctl;VMware server memory controller;c:\windows\system32\drivers\vmmemctl.sys [3/28/2006 4:28 PM 5500]
S3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [1/30/2003 6:55 PM 18864]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [8/2/2005 2:10 PM 32512]
S3 pcmstub;pcmstub;c:\windows\system32\pcmstub.sys [8/3/2004 5:56 PM 2304]
S3 vmmouse;VMware Pointing Device;c:\windows\system32\drivers\vmmouse.sys [4/27/2006 10:52 AM 4608]
S3 vmx_svga;vmx_svga;c:\windows\system32\drivers\vmx_svga.sys [4/27/2006 10:52 AM 15744]
S3 vmxnet;VMware Ethernet Adapter Driver;c:\windows\system32\drivers\vmxnet.sys [4/27/2006 10:53 AM 22528]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://news.myway.com/index/id/top|ap.html
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\rmac\Application Data\Mozilla\Firefox\Profiles\h8u0shrj.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\program files\Mozilla Firefox\extensions\inspector@mozilla.org\components\inspector.dll

---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.14); user_pref(general.useragent.extra.zencast, Creative ZENcast v2.00.14);user_pref(general.useragent.extra.zencast, c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-03 13:53
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2956)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Hummingbird\Connectivity\9.00\Hummingbird Neighborhood\heshell.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\Mcshield.exe
c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\windows\system32\rundll32.exe
c:\program files\McAfee\Common Framework\Mctray.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-07-03 13:59 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-03 20:59
ComboFix2.txt 2009-07-03 18:32

Pre-Run: 21,911,732,224 bytes free
Post-Run: 21,901,471,744 bytes free

188 --- E O F --- 2008-03-30 04:09

I don't know if you had a chance to look at the second combo-fix log above.
But I have one problem I believe is related to the antivirus pro infection: My IE browser hangs when I first open it. If I open it, then close it, then reopen it works.

Could that be the result of some of the malware?

It could, malware damages the OS sometimes.
A side from a missing OS file, how is the machine running.

As for the browser issue, I recommend you use Firefox than than Internet Explorer.

Systems seems ok.
Thanks for your help.

Should I re-install IE?

Yes.

My Mcafee virus checker keeps having to delete a generic.dx!tg in my \system volumn information\restore\ folder


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:50:24 AM, on 7/6/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\GizmoPlugin\GizmoPlugin.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.myway.com/index/id/top|ap.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146160059187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146176746377
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Gizmo VoIP Service (Gizmo Plugin) - SIPphone, Inc. - C:\Program Files\GizmoPlugin\GizmoPlugin.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 7051 bytes

Hello.
Just system restore points.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.