Security Tool has been plaguing Me!

Hello,
I am sad to say I am amongst the many who have been infected by this Security Tool virus/worm/malware/nuisance. I have been trying for several days to remove it, to no avail. I've tried MalwareBytes, scanning with my AVG, going in and manually deleting registry keys, finding and deleting source files, etc. and it's only ever a temporary fix. This thing is persistent, it just keeps coming back! HELP!

Here's my HijackThis log report from a few minutes ago. Prior to running the scan, I had gone into task manager and ended the process on the Security Tool (random numbers) so it will not constantly pop up from the system tray:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:23:43, on 10/20/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
C:\Program Files\Lexmark 2400 Series\ezprint.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\SYSTEM32\USRshutA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\USRmlnkA.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\PROGRA~1\McAfee\MSC\McLogCln.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\lxcrcoms.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Temp\_ex-08.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: PlaySushi - {21608B66-026F-4DCB-9244-0DACA328DCED} - C:\Program Files\PlaySushi\PSText.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [USRpdA] C:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [C:\WINDOWS\system32\kddpp.exe] C:\WINDOWS\system32\kddpp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [McLogLch_exe] C:\Program Files\McAfee\MSC\McLogLch.exe
O4 - HKLM\..\Run: [74888742] C:\DOCUME~1\ALLUSE~1\APPLIC~1\74888742\74888742.exe
O4 - HKLM\..\Run: [PromoReg] C:\WINDOWS\Temp\_ex-08.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Go PlaySushi! - {5CFA5B80-01F4-420F-B18B-545712C8A1C8} - http://www.playsushi.com/About.ps?l=1&t=nEx8Rfkjn (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: ms32clod.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe

--
End of file - 9616 bytes

Any help you can provide in ridding myself of this latest pain in the butt would be greatly appreciated!
r

Please download ComboFix from BleepingComputer.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  
• Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

• Click on Yes, to continue scanning for malware.
  
• When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.
  

I would also like to see a list of installed programs, so please do this:
Click Start > Run then copy/paste the following single-line command into the Run box and click OK:

C:\Qoobox\Add-Remove Programs.txt

In your next reply, please include the ComboFix log and the Add-Remove Programs log.

Thanks for the rapid response! Here's the ComboFix log:

ComboFix 09-10-19.04 - Ben Moffett 10/20/2009 20:08.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.270 [GMT -4:00]
Running from: c:\documents and settings\Ben Moffett\desktop\commy.exe
Command switches used :: /stepdel
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\74888742
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
c:\documents and settings\All Users\Application Data\74888742\74888742.exe
c:\documents and settings\Ben Moffett\Desktop\Security Tool.lnk
c:\documents and settings\Ben Moffett\Start Menu\Programs\Security Tool.lnk
c:\program files\PlaySushi\PSTExt.dll
c:\windows\3fb680fe-6b4e-43bc-aa56-f398c3caf31b.ocx
c:\windows\system32\0810be8f-b2fd-4cfc-bbc2-e45e10a7568b.dll
c:\windows\system32\404Fix.exe
c:\windows\system32\drivers\fad.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\pst.dat
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

----- BITS: Possible infected sites -----

hxxp://mastoblastobrevodo.com
Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\windows\system32\dllcache\userinit.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_npf


((((((((((((((((((((((((( Files Created from 2009-09-21 to 2009-10-21 )))))))))))))))))))))))))))))))
.

2009-10-20 10:39 . 2009-10-20 10:39 -------- d-----w- c:\documents and settings\Ben Moffett\Application Data\Malwarebytes
2009-10-20 10:38 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-20 10:38 . 2009-10-20 10:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-20 10:38 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-20 10:38 . 2009-10-20 10:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-20 10:16 . 2009-10-20 10:16 -------- d-----w- c:\program files\Trend Micro
2009-10-19 08:13 . 2009-10-19 08:23 20992 ----a-w- c:\windows\system32\perfc5932.dat
2009-10-19 08:13 . 2009-10-19 08:23 1 ----a-w- c:\windows\system32\perfc7683.dat
2009-10-19 08:12 . 2004-08-04 04:56 24576 ----a-w- c:\windows\system32\stu2.exe
2009-10-09 21:24 . 2004-08-04 04:56 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-10-09 21:24 . 2004-08-04 04:56 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2009-10-09 21:24 . 2004-08-04 02:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-10-09 21:24 . 2004-08-04 02:58 14848 ----a-w- c:\windows\system32\dllcache\kbdhid.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-21 00:15 . 2009-09-17 14:08 -------- d-----w- c:\documents and settings\Ben Moffett\Application Data\uTorrent
2009-10-21 00:10 . 2009-09-17 14:23 -------- d-----w- c:\program files\PlaySushi
2009-10-19 23:04 . 2007-12-09 16:06 -------- d-----w- c:\program files\lx_cats
2009-10-19 10:44 . 2008-10-10 19:58 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-26 06:54 . 2004-04-06 22:47 83976 ----a-w- c:\documents and settings\Ben Moffett\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-25 23:40 . 2009-09-17 21:46 -------- d-----w- c:\program files\Texas Holdem Poker 3D Deluxe Edition DeLEGiON
2009-09-20 12:30 . 2009-09-20 12:30 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-20 12:30 . 2009-09-20 12:30 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-09-20 12:30 . 2009-09-20 12:30 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-20 12:30 . 2009-09-20 12:30 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-09-20 12:29 . 2009-09-20 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-09-20 12:29 . 2009-09-20 12:29 -------- d-----w- c:\program files\AVG
2009-09-20 12:29 . 2009-09-20 12:29 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-20 00:50 . 2006-08-02 00:19 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-09-20 00:49 . 2006-08-06 01:11 -------- d-----w- c:\program files\McAfee
2009-09-20 00:49 . 2006-08-06 01:11 -------- d-----w- c:\program files\Common Files\McAfee
2009-09-20 00:27 . 2004-04-01 17:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-17 14:09 . 2009-09-17 14:09 -------- d-----w- c:\program files\uTorrent
2009-09-14 08:20 . 2009-09-14 08:20 -------- d-----w- c:\program files\e frontier
2009-09-14 08:01 . 2009-09-14 06:44 -------- d-----w- c:\program files\DAZ 3D
2009-09-14 08:01 . 2005-06-24 22:19 -------- d-----w- c:\program files\GameHouse
2009-09-14 08:00 . 2009-07-27 04:25 -------- d-----w- c:\program files\Maxis
2009-09-14 07:36 . 2009-09-14 07:36 -------- d-----w- c:\documents and settings\All Users\Application Data\OptiTex
2009-09-14 06:45 . 2009-09-14 06:45 -------- d-----w- c:\documents and settings\Ben Moffett\Application Data\DAZ 3D
2009-09-14 06:45 . 2009-09-14 06:45 -------- d-----w- c:\program files\Common Files\DAZ
2009-09-11 14:33 . 2002-08-29 11:00 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 20:45 . 2003-09-19 17:37 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:36 . 2004-02-06 22:05 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 07:36 . 2004-09-08 18:50 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-29 07:36 . 2002-08-29 11:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-08-26 08:16 . 2002-08-29 11:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-17 03:04 . 2009-08-17 03:04 4 ----a-w- c:\windows\rclattwb.dat
2009-08-05 09:11 . 2002-12-12 06:14 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 14:00 . 1980-01-01 06:00 2180352 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 13:13 . 1980-01-01 06:00 2057728 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-07-29 04:53 . 2002-08-29 11:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:53 . 2002-08-29 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-07-24 13:55 1090816 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-08 289072]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-22 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-22 126976]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-08-06 114741]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2003-08-27 204800]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-04-01 151597]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"USRpdA"="c:\windows\SYSTEM32\USRmlnkA.exe" [2002-08-29 77891]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-09-14 267064]
"lxcrmon.exe"="c:\program files\Lexmark 2400 Series\lxcrmon.exe" [2006-03-06 286720]
"EzPrint"="c:\program files\Lexmark 2400 Series\ezprint.exe" [2006-02-07 98304]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2006-02-02 290816]
"LXCRCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2006-02-24 65536]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-17 2025752]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Share-to-Web Namespace Daemon"="c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 57344]
"McLogLch_exe"="c:\program files\McAfee\MSC\McLogLch.exe" [2006-08-28 140848]

c:\documents and settings\Ben Moffett\Start Menu\Programs\Startup\
PowerReg Scheduler V3.exe [2004-4-10 225280]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-6-29 110592]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-6-29 110592]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-20 12:30 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Microsoft Office\\Office10\\FRONTPG.EXE"=
"c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"=
"c:\\Program Files\\GameHouse\\TextTwist\\TextTwist.exe"=
"c:\\Program Files\\Hewlett-Packard\\HP Share-to-Web\\hpgs2wnf.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\e frontier\\Poser Figure Artist Demo\\Poser Figure Artist Demo.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [9/20/2009 8:30 AM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [9/20/2009 8:30 AM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [9/20/2009 8:29 AM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [9/20/2009 8:29 AM 297752]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\SYSTEM32\DRIVERS\ndisprot.sys [11/11/2008 12:49 AM 27904]
.
Contents of the 'Scheduled Tasks' folder

2009-10-15 c:\windows\Tasks\McDefragTask.job
- c:\windows\system32\defrag.exe [2002-08-29 04:56]

2009-10-01 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2006-08-06 17:18]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: {{5CFA5B80-01F4-420F-B18B-545712C8A1C8} - http://www.playsushi.com/About.ps?l=1&t=nEx8Rfkjn
FF - ProfilePath - c:\documents and settings\Ben Moffett\Application Data\Mozilla\Firefox\Profiles\bt04kg93.default\
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Java\j2re1.4.2\bin\NPJava11.dll
FF - plugin: c:\program files\Java\j2re1.4.2\bin\NPJava12.dll
FF - plugin: c:\program files\Java\j2re1.4.2\bin\NPJava13.dll
FF - plugin: c:\program files\Java\j2re1.4.2\bin\NPJava14.dll
FF - plugin: c:\program files\Java\j2re1.4.2\bin\NPJava32.dll
FF - plugin: c:\program files\Java\j2re1.4.2\bin\NPJPI142.dll
FF - plugin: c:\program files\Java\j2re1.4.2\bin\NPOJI610.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-c:\windows\system32\kddpp.exe - c:\windows\system32\kddpp.exe
HKLM-Run-74888742 - c:\docume~1\ALLUSE~1\APPLIC~1\74888742\74888742.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-20 20:17
Windows 5.1.2600 Service Pack 2 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCRCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Swearware\backup\winsock2]
@DACL=(02 0000)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3628)
c:\windows\system32\WININET.dll
c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\progra~1\McAfee\MSC\mclogsrv.exe
c:\progra~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\progra~1\McAfee\MSC\mcpromgr.exe
c:\progra~1\McAfee\MSC\mctskshd.exe
c:\progra~1\McAfee\MSC\mcusrmgr.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\commy\CF5021.exe
c:\progra~1\mcafee.com\agent\mcagent.exe
c:\windows\SYSTEM32\USRshutA.exe
c:\progra~1\McAfee\MSC\McLogCln.exe
c:\progra~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
c:\windows\system32\lxcrcoms.exe
c:\program files\iPod\bin\iPodService.exe
c:\commy\PEV.cfxxe
.
**************************************************************************
.
Completion time: 2009-10-21 20:22 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-21 00:22

Pre-Run: 21,527,912,448 bytes free
Post-Run: 22,469,160,960 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - B3EC5BDB74A270D715F69C07FD125F8B

And here's my programs log:

µTorrent
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe GoLive 5.0 Educational
Adobe Illustrator 9.0.1
Adobe Photoshop 6.0
Adobe Reader 6.0.1
Adobe SVG Viewer
Amber Pyramids Solitaire
AVG Free 8.5
Banctec Service Agreement
Broadcom Management Programs
Canon CanoScan Toolbox 4.9
Canon ScanGear Starter
CDisplay 1.8
Creative PCI Audio Drivers
Dell Digital Jukebox Driver
Dell Media Experience
Dell Networking Guide
Dell ResourceCD
Dell Solution Center
DellSupport
Help and Support Customization
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
HP Precisionscan Pro 3.1
HP Share-to-Web
Intel(R) Extreme Graphics Driver
Internet Explorer Default Page
iPod for Windows 2005-03-23
iPod for Windows 2005-11-17
iTunes
Java 2 Runtime Environment, SE v1.4.2
Lexmark 2400 Series
Lexmark Fax Solutions
Lexmark Supplies Monitor
Lexmark Toolbar
Lexmark Z65
Malwarebytes' Anti-Malware
Manual CanoScan LiDE 60
McAfee SecurityCenter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Data Access Components KB870669
Microsoft Encarta Encyclopedia Standard 2004
Microsoft FrontPage 2002
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft Publisher 2002
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Modem Event Monitor
Modem Helper
Modem On Hold
Mozilla Firefox (3.5.3)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
OmniPage SE 2.0
Playsushi
Poser Figure Artist Demo
QuickTime
RealOne Player
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Shockwave
Smart Link 56K Voice Modem
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Sound Blaster AudioPCI Drivers Online Help
SoundMAX
Spybot - Search & Destroy 1.2
Super TextTwist
Texas Holdem Poker 3D Deluxe Edition v1 0 DeLEGiON
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
V92 PCI Voice Faxmodem
VideoLAN VLC media player 0.8.4a
Viewpoint Media Player
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver

Thanks Again!

Please download SpiderKill and save it to your Desktop.

• Right-click on SpiderKill.zip and click Extract All. Follow the prompts and read carefully, to save it to your Desktop.
  
• Double-click on the SpiderKill folder, and then double-click on SpiderKill.bat and follow all the prompts in the program.
  
• Within a minute, it will save its log titled SpiderKill.txt. Please post that in your next reply. You may have to use two or three posts to be able to fit the information in.

NEXT


Please download CKScanner by askey127 from here

Save it to your desktop.

• Doubleclick CKScanner.exe and click Search For Files.
  
• After a very short time, when the cursor hourglass disappears, click Save List To File.
  
• A message box will verify that the file is saved.
  
• Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
  

NEXT

Download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

==

Please post the CKScanner, Security Check, and SpiderKill logs in your next reply.

Spiderkill:

SpiderKill by DragonMaster Jay ( Oct 2009 )


Microsoft Windows XP [Version 5.1.2600]

********************Drivers list********************


Volume in drive C has no label.
Volume Serial Number is A82A-2A8F

Directory of C:\Windows\System32\Drivers

10/20/2009 20:22 .
10/20/2009 20:22 ..
04/01/2004 12:41 5,698 1028_Dell_DIM_DIM2400.mrk
04/15/2003 12:39 11,319 a302.sys
04/15/2003 12:39 29,239 a303.sys
04/15/2003 12:40 46,647 a304.sys
04/15/2003 12:40 11,831 a305.sys
04/15/2003 12:40 16,439 a306.sys
04/15/2003 12:40 21,559 a307.sys
04/15/2003 12:40 10,807 a308.sys
04/15/2003 12:40 25,655 a309.sys
04/15/2003 12:40 33,335 a310.sys
04/15/2003 12:40 32,823 a311.sys
04/15/2003 12:41 37,431 a313.sys
04/15/2003 12:41 10,807 a314.sys
08/17/2001 15:52 23,552 ABP480N5.SYS
08/03/2004 23:07 187,776 acpi.sys
08/29/2002 07:00 11,648 ACPIEC.SYS
08/17/2001 16:07 101,888 ADPU160M.SYS
08/04/2004 00:56 4,255 adv01nt5.dll
08/04/2004 00:56 3,967 adv02nt5.dll
08/04/2004 00:56 3,615 adv05nt5.dll
08/04/2004 00:56 3,647 adv07nt5.dll
08/04/2004 00:56 3,135 adv08nt5.dll
08/04/2004 00:56 3,711 adv09nt5.dll
08/04/2004 00:56 3,775 adv11nt5.dll
04/01/2002 13:15 4,816 aeaudio.sys
02/14/2006 20:22 142,464 aec.sys
08/14/2008 05:51 138,368 afd.sys
08/03/2004 23:07 42,368 agp440.sys
08/03/2004 23:07 44,928 agpcpq.sys
08/17/2001 15:52 12,800 AHA154X.SYS
08/17/2001 16:07 55,168 AIC78U2.SYS
08/17/2001 16:07 56,960 AIC78XX.SYS
08/17/2001 15:51 5,248 ALIIDE.SYS
08/03/2004 23:07 42,752 alim1541.sys
08/03/2004 23:07 43,008 amdagp.sys
08/03/2004 22:59 36,992 amdk6.sys
08/03/2004 22:59 37,376 amdk7.sys
08/17/2001 15:52 12,032 AMSINT.SYS
08/03/2004 22:58 60,800 arp1394.sys
08/17/2001 15:52 26,496 ASC.SYS
08/17/2001 15:52 22,400 ASC3350P.SYS
08/17/2001 15:51 14,848 ASC3550.SYS
04/01/2004 13:07 8,552 asctrm.sys
08/03/2004 23:05 14,336 asyncmac.sys
08/03/2004 22:59 95,360 atapi.sys
08/03/2004 22:29 56,623 ati1btxx.sys
08/03/2004 22:29 11,615 ati1mdxx.sys
08/03/2004 22:29 12,047 ati1pdxx.sys
08/03/2004 22:29 30,671 ati1raxx.sys
08/03/2004 22:29 63,663 ati1rvxx.sys
08/03/2004 22:29 26,367 ati1snxx.sys
08/03/2004 22:29 21,343 ati1ttxx.sys
08/03/2004 22:29 36,463 ati1tuxx.sys
08/03/2004 22:29 29,455 ati1xbxx.sys
08/03/2004 22:29 34,735 ati1xsxx.sys
08/03/2004 22:29 327,040 ati2mtaa.sys
08/03/2004 22:29 701,440 ati2mtag.sys
08/03/2004 22:29 57,856 atinbtxx.sys
08/03/2004 22:29 13,824 atinmdxx.sys
08/03/2004 22:29 14,336 atinpdxx.sys
08/03/2004 22:29 52,224 atinraxx.sys
08/03/2004 22:29 104,960 atinrvxx.sys
08/03/2004 22:29 28,672 atinsnxx.sys
08/03/2004 22:29 13,824 atinttxx.sys
08/03/2004 22:29 73,216 atintuxx.sys
08/03/2004 22:29 31,744 atinxbxx.sys
08/03/2004 22:29 63,488 atinxsxx.sys
07/17/2004 11:36 64,352 ativmc20.cod
08/03/2004 22:58 59,904 atmarpc.sys
08/29/2002 07:00 31,360 ATMEPVC.SYS
08/03/2004 22:58 55,936 atmlane.sys
08/29/2002 07:00 352,256 ATMUNI.SYS
08/04/2004 00:56 21,183 atv01nt5.dll
08/04/2004 00:56 11,359 atv02nt5.dll
08/04/2004 00:56 25,471 atv04nt5.dll
08/04/2004 00:56 14,143 atv06nt5.dll
08/04/2004 00:56 17,279 atv10nt5.dll
08/17/2001 15:59 3,072 AUDSTUB.SYS
10/20/2009 17:50 Avg
09/20/2009 08:30 335,240 avgldx86.sys
09/20/2009 08:30 27,784 avgmfx86.sys
09/20/2009 08:30 108,552 avgtdix.sys
04/24/2003 18:21 6,025 BASFND.sys
05/23/2003 14:58 43,136 bcm4sbxp.sys
08/03/2004 23:10 11,776 bdasup.sys
08/29/2002 07:00 4,224 BEEP.SYS
08/03/2004 22:59 71,552 bridge.sys
08/03/2004 23:10 17,024 bthenum.sys
08/03/2004 23:10 38,016 bthmodem.sys
08/03/2004 22:58 100,992 bthpan.sys
06/13/2008 09:10 272,128 bthport.sys
08/03/2004 23:10 35,456 bthprint.sys
08/03/2004 23:10 18,944 bthusb.sys
08/17/2001 15:52 13,952 CBIDF2K.SYS
08/03/2004 23:10 17,024 ccdecode.sys
08/17/2001 15:52 7,680 CD20XRNT.SYS
08/29/2002 07:00 18,688 CDAUDIO.SYS
08/03/2004 23:14 63,744 cdfs.sys
08/03/2004 22:59 49,536 cdrom.sys
08/04/2004 00:56 15,423 ch7xxnt5.dll
08/29/2002 07:00 262,528 CINEMST2.SYS
08/03/2004 23:14 49,664 classpnp.sys
08/17/2001 15:51 6,656 CMDIDE.SYS
08/17/2001 15:52 14,976 CPQARRAY.SYS
08/29/2002 07:00 11,776 CPQDAP01.SYS
08/03/2004 22:59 36,480 crusoe.sys
07/17/2004 22:55 129,045 cxthsfs2.cty
08/17/2001 15:52 179,584 DAC2W2K.SYS
08/17/2001 15:52 14,720 DAC960NT.SYS
04/01/2004 12:35 DISDN
08/03/2004 22:59 36,352 disk.sys
08/03/2004 22:59 14,208 diskdump.sys
08/03/2004 23:07 799,744 dmboot.sys
08/03/2004 23:07 153,344 dmio.sys
08/29/2002 07:00 5,888 DMLOAD.SYS
08/03/2004 23:07 52,864 dmusic.sys
08/17/2001 16:07 20,192 DPTI2O.SYS
08/03/2004 23:08 60,288 drmk.sys
08/03/2004 23:07 2,944 drmkaud.sys
07/31/2003 05:21 84,576 drvmcdb.sys
06/20/2003 04:56 40,448 drvnddm.sys
08/29/2002 07:00 10,496 DXAPI.SYS
08/03/2004 23:00 71,040 dxg.sys
08/29/2002 07:00 3,328 DXGTHK.SYS
01/21/1999 18:31 2,259,070 eapci2m.ecw
08/17/2001 14:11 66,591 EL90XBC5.SYS
08/17/2001 12:19 40,704 es1371mp.sys
10/20/2009 20:17 ETC
01/29/2003 17:17 1,750 fad9x.inf
01/30/2003 14:52 11,904 FADXP32.sys
08/03/2004 23:14 143,360 fastfat.sys
08/03/2004 22:59 27,392 fdc.sys
08/29/2002 07:00 34,944 FIPS.SYS
08/03/2004 22:59 20,480 flpydisk.sys
08/21/2006 05:14 128,896 fltmgr.sys
08/29/2002 07:00 12,160 FSVGA.SYS
08/29/2002 07:00 7,936 FS_REC.SYS
08/17/2001 15:52 125,056 FTDISK.SYS
08/03/2004 23:07 46,464 gagp30kx.sys
08/03/2004 23:08 10,624 gameenum.sys
09/19/2006 14:44 15,664 GEARAspiWDM.sys
08/29/2002 07:00 3,440,660 GM.DLS
08/29/2002 07:00 646 GMREADME.TXT
08/03/2004 23:10 25,600 hidbth.sys
08/03/2004 23:08 36,224 hidclass.sys
08/03/2004 23:08 15,104 hidir.sys
08/03/2004 23:08 24,960 hidparse.sys
08/17/2001 14:02 9,600 hidusb.sys
08/17/2001 16:07 25,952 HPN.SYS
08/03/2004 22:41 220,032 hsfbs2s2.sys
08/03/2004 22:41 685,056 hsfcxts2.sys
08/03/2004 22:41 1,041,536 hsfdpsp2.sys
03/16/2006 20:33 262,784 http.sys
08/03/2004 23:00 8,192 i2omgmt.sys
08/03/2004 23:00 18,560 i2omp.sys
08/03/2004 23:14 52,736 i8042prt.sys
08/03/2004 22:29 161,020 i81xnt5.sys
04/15/2003 12:40 78,752 ialmkchw.sys
06/22/2005 00:12 807,998 ialmnt5.sys
04/15/2003 12:40 113,504 ialmsbw.sys
08/25/2008 11:36 40,840 ikfilesec.sys
08/25/2008 11:36 66,952 iksysflt.sys
08/25/2008 11:36 81,288 iksyssec.sys
08/03/2004 23:00 41,856 imapi.sys
08/17/2001 15:52 16,000 INI910U.SYS
08/03/2004 22:59 5,504 intelide.sys
08/03/2004 22:59 36,096 intelppm.sys
08/03/2004 23:00 29,056 ip6fw.sys
08/29/2002 07:00 32,896 IPFLTDRV.SYS
08/03/2004 23:04 20,992 ipinip.sys
09/29/2004 18:28 134,912 ipnat.sys
08/03/2004 23:14 74,752 ipsec.sys
08/03/2004 23:00 11,264 irenum.sys
08/17/2001 15:58 35,840 ISAPNP.SYS
08/03/2004 22:58 24,576 kbdclass.sys
08/03/2004 22:58 14,848 kbdhid.sys
06/02/2008 15:19 29,576 kcom.sys
06/14/2006 04:47 172,416 kmixer.sys
08/03/2004 23:15 140,928 ks.sys
06/22/2009 07:34 92,544 ksecdd.sys
09/10/2009 14:53 19,160 mbam.sys
09/10/2009 14:54 38,224 mbamswissarmy.sys
08/29/2002 07:00 7,680 MCD.SYS
08/03/2004 22:41 11,868 mdmxsdk.sys
08/03/2004 23:07 63,744 mf.sys
08/29/2002 07:00 4,224 MNMDD.SYS
08/03/2004 23:08 30,080 modem.sys
08/17/2001 15:57 16,128 MODEMCSA.sys
08/03/2004 22:58 23,040 mouclass.sys
08/17/2001 13:48 12,160 mouhid.sys
08/03/2004 22:58 42,240 mountmgr.sys
08/03/2004 23:10 15,360 mpe.sys
08/17/2001 15:52 17,280 MRAID35X.SYS
12/18/2007 05:51 179,584 mrxdav.sys
10/24/2008 07:10 453,632 mrxsmb.sys
08/03/2004 23:10 51,328 msdv.sys
08/03/2004 23:00 19,072 msfs.sys
08/03/2004 23:04 35,072 msgpc.sys
08/03/2004 22:58 7,552 mskssrv.sys
08/03/2004 22:58 5,376 mspclock.sys
08/03/2004 22:58 4,992 mspqm.sys
08/03/2004 23:07 15,488 mssmbios.sys
08/03/2004 22:58 5,504 mstee.sys
04/07/2005 18:53 229,720 mtlmnt5.sys
04/07/2005 18:53 1,396,048 mtlstrm.sys
08/03/2004 22:29 452,736 mtxparhm.sys
08/03/2004 23:15 107,904 mup.sys
08/03/2004 23:04 12,672 mutohpen.sys
08/03/2004 23:10 85,376 nabtsfec.sys
08/03/2004 23:14 182,912 ndis.sys
08/03/2004 23:10 10,880 ndisip.sys
11/11/2008 00:49 27,904 ndisprot.sys
08/29/2002 07:00 9,600 NDISTAPI.SYS
08/03/2004 23:03 12,928 ndisuio.sys
08/03/2004 23:14 91,776 ndiswan.sys
08/29/2002 07:00 38,016 NDPROXY.SYS
08/03/2004 23:03 34,560 netbios.sys
08/03/2004 23:14 162,816 netbt.sys
07/17/2004 11:35 67,866 netwlan5.img
08/03/2004 22:58 61,824 nic1394.sys
08/29/2002 07:00 12,032 NIKEDRV.SYS
08/03/2004 22:59 40,320 nmnt.sys
08/03/2004 23:00 30,848 npfs.sys
02/09/2007 07:10 574,464 ntfs.sys
08/03/2004 22:41 180,360 ntmtlfax.sys
08/29/2002 07:00 2,944 NULL.SYS
08/03/2004 22:29 1,897,408 nv4_mini.sys
08/29/2002 07:00 12,416 NWLNKFLT.SYS
08/29/2002 07:00 32,512 NWLNKFWD.SYS
08/03/2004 23:03 88,448 nwlnkipx.sys
08/29/2002 07:00 63,232 NWLNKNB.SYS
08/29/2002 07:00 55,936 NWLNKSPX.SYS
11/08/2002 15:45 17,217 omci.sys
08/29/2002 07:00 3,456 OPRGHDLR.SYS
08/03/2004 22:59 42,496 p3.sys
08/03/2004 22:59 80,128 parport.sys
08/29/2002 07:00 18,688 PARTMGR.SYS
08/29/2002 07:00 6,784 PARVDM.SYS
08/03/2004 23:07 68,224 pci.sys
08/17/2001 15:51 3,328 PCIIDE.SYS
08/03/2004 22:59 25,088 pciidex.sys
08/03/2004 23:07 119,936 pcmcia.sys
08/17/2001 16:07 27,296 PERC2.SYS
08/17/2001 16:07 5,504 PERC2HIB.SYS
08/03/2004 23:15 145,792 portcls.sys
08/03/2004 22:59 35,328 processr.sys
08/03/2004 23:04 69,120 psched.sys
08/29/2002 07:00 17,792 PTILINK.SYS
07/30/2003 04:02 17,168 pxhelp20.sys
08/17/2001 15:52 40,320 QL1080.SYS
08/17/2001 15:52 33,152 QL10WNT.SYS
08/17/2001 15:52 45,312 QL12160.SYS
08/17/2001 15:52 40,448 QL1240.SYS
08/17/2001 15:52 49,024 QL1280.SYS
08/29/2002 07:00 8,832 RASACD.SYS
08/03/2004 23:14 51,328 rasl2tp.sys
08/03/2004 23:05 41,472 raspppoe.sys
08/03/2004 23:14 48,384 raspptp.sys
08/29/2002 07:00 16,512 RASPTI.SYS
08/29/2002 07:00 34,432 RAWWAN.SYS
05/05/2006 05:47 174,592 rdbss.sys
08/29/2002 07:00 4,224 RDPCDD.SYS
08/03/2004 23:01 196,864 rdpdr.sys
06/10/2005 00:09 139,528 rdpwd.sys
04/07/2005 18:53 14,520 RecAgent.sys
08/03/2004 22:59 57,472 redbook.sys
08/03/2004 23:10 59,648 rfcomm.sys
08/29/2002 07:00 12,032 RIO8DRV.SYS
08/29/2002 07:00 12,032 RIODRV.SYS
05/08/2008 08:28 202,752 rmcast.sys
08/03/2004 23:04 30,080 rndismp.sys
08/03/2004 23:04 30,080 rndismpx.sys
08/29/2002 07:00 5,888 ROOTMDM.SYS
08/03/2004 22:29 166,912 s3gnbm.sys
06/15/2000 14:32 430,461 sbpci.sys
08/03/2004 22:59 96,256 scsiport.sys
08/03/2004 23:07 67,584 sdbus.sys
11/13/2007 06:25 20,480 secdrv.sys
08/03/2004 22:59 15,488 serenum.sys
08/03/2004 23:15 64,896 serial.sys
08/03/2004 22:59 11,136 sffdisk.sys
08/03/2004 22:59 10,240 sffp_sd.sys
08/03/2004 22:59 11,392 sfloppy.sys
08/04/2004 00:56 3,901 siint5.dll
08/03/2004 23:07 41,088 sisagp.sys
08/03/2004 23:10 11,136 slip.sys
08/03/2004 22:41 129,535 slnt7554.sys
04/07/2005 18:54 653,960 slntamr.sys
04/07/2005 18:54 100,176 slnthal.sys
04/07/2005 18:54 13,216 slwdmsup.sys
08/03/2004 23:07 6,016 smbali.sys
08/29/2002 07:00 14,592 SMCLIB.SYS
04/08/2003 10:30 3,744 smsens.sys
11/18/2003 11:38 591,808 smwdm.sys
08/03/2004 23:09 25,472 sonydcam.sys
08/17/2001 14:56 7,552 SONYPVU1.SYS
08/17/2001 16:07 19,072 SPARROW.SYS
06/14/2006 04:47 6,400 splitter.sys
08/03/2004 23:06 73,472 sr.sys
12/11/2008 07:57 333,184 srv.sys
07/14/2003 13:28 5,621 sscdbhk5.sys
07/14/2003 13:28 23,219 ssrtln.sys
12/18/2004 21:32 38,229 StMp3Rec.sys
08/03/2004 23:08 48,640 stream.sys
08/03/2004 23:10 15,360 streamip.sys
08/03/2004 22:58 4,352 swenum.sys
08/17/2001 16:00 54,272 swmidi.sys
08/17/2001 16:07 16,256 SYMC810.SYS
08/17/2001 16:07 32,640 SYMC8XX.SYS
08/17/2001 16:07 28,384 SYM_HI.SYS
08/17/2001 16:07 30,688 SYM_U3.SYS
08/03/2004 23:15 60,800 sysaudio.sys
08/03/2004 23:00 14,976 tape.sys
06/20/2008 06:45 360,320 tcpip.sys
06/20/2008 05:52 225,920 tcpip6.sys
08/03/2004 23:07 18,560 tdi.sys
08/04/2004 01:01 12,040 tdpipe.sys
08/04/2004 01:01 21,896 tdtcp.sys
08/04/2004 01:01 40,840 termdd.sys
08/29/2002 07:00 51,712 TOSDVD.SYS
08/17/2001 15:51 4,992 TOSIDE.SYS
08/29/2002 07:00 21,376 TSBVCAP.SYS
08/03/2004 23:03 12,416 tunmp.sys
08/03/2004 23:07 44,672 uagp35.sys
08/03/2004 23:00 66,176 udfs.sys
08/17/2001 15:52 36,736 ULTRA.SYS
04/23/2007 06:32 364,160 update.sys
08/03/2004 23:04 12,672 usb8023.sys
08/03/2004 23:04 12,672 usb8023x.sys
08/29/2002 07:00 23,808 USBCAMD.SYS
08/29/2002 07:00 23,936 USBCAMD2.SYS
08/04/2004 00:08 31,616 usbccgp.sys
08/29/2002 07:00 4,736 USBD.SYS
08/03/2004 23:08 26,624 usbehci.sys
08/03/2004 23:08 57,600 usbhub.sys
08/03/2004 23:08 16,000 usbintel.sys
08/03/2004 23:08 142,976 usbport.sys
08/03/2004 23:01 25,856 usbprint.sys
08/03/2004 22:58 15,104 usbscan.sys
08/04/2004 00:08 26,496 USBSTOR.SYS
08/03/2004 23:08 20,480 usbuhci.sys
08/03/2004 23:10 78,464 usbvideo.sys
08/17/2001 13:28 224,802 USR1807A.sys
08/17/2001 13:28 7,556 USRoslbA.sys
08/17/2001 13:28 113,762 USRpdA.sys
04/15/2003 12:40 20,533 vch.sys
08/04/2004 00:56 11,325 vchnt5.dll
08/29/2002 07:00 58,112 VDMINDVD.SYS
08/03/2004 23:07 20,992 vga.sys
08/03/2004 23:07 42,240 viaagp.sys
08/03/2004 22:59 5,376 viaide.sys
08/03/2004 23:07 79,744 videoprt.sys
08/03/2004 23:00 52,352 volsnap.sys
04/15/2003 12:39 33,335 wa301a.sys
04/15/2003 12:39 33,335 wa301b.sys
08/03/2004 23:04 13,568 wacompen.sys
08/03/2004 22:29 12,415 wadv01nt.sys
08/03/2004 22:29 12,127 wadv02nt.sys
08/03/2004 22:29 11,775 wadv05nt.sys
08/03/2004 22:29 11,807 wadv07nt.sys
08/03/2004 22:29 11,295 wadv08nt.sys
08/03/2004 22:29 11,871 wadv09nt.sys
08/03/2004 22:29 11,935 wadv11nt.sys
08/03/2004 23:04 34,560 wanarp.sys
08/03/2004 22:29 29,311 watv01nt.sys
08/03/2004 22:29 19,551 watv02nt.sys
08/03/2004 22:29 33,599 watv04nt.sys
08/03/2004 22:29 22,271 watv06nt.sys
08/03/2004 22:29 25,471 watv10nt.sys
08/03/2004 22:29 23,615 wch7xxnt.sys
06/14/2006 05:00 82,944 wdmaud.sys
11/01/2004 17:03 14,976 winddx.sys
08/29/2002 07:00 4,352 WMILIB.SYS
08/29/2002 07:00 12,032 WS2IFSL.SYS
08/03/2004 22:29 12,063 wsiintxx.sys
08/03/2004 23:10 19,328 wstcodec.sys
08/03/2004 22:29 19,455 wvchntxx.sys
374 File(s) 33,812,402 bytes

Directory of C:\Windows\System32\Drivers\Avg

10/20/2009 17:50 .
10/20/2009 17:50 ..
09/20/2009 08:30 6,061,540 avi7.avg
10/20/2009 17:49 43,363,456 incavi.avm
10/20/2009 17:49 40,749 microavi.avg
10/01/2009 09:54 492,629 miniavi.avg
4 File(s) 49,958,374 bytes

Directory of C:\Windows\System32\Drivers\DISDN

04/01/2004 12:35 .
04/01/2004 12:35 ..
0 File(s) 0 bytes

Directory of C:\Windows\System32\Drivers\ETC

10/20/2009 20:17 .
10/20/2009 20:17 ..
10/20/2009 20:17 27 hosts
08/29/2002 07:00 3,683 LMHOSTS.SAM
08/29/2002 07:00 407 NETWORKS
08/29/2002 07:00 799 PROTOCOL
08/29/2002 07:00 7,116 SERVICES
5 File(s) 12,032 bytes

Total Files Listed:
383 File(s) 83,782,808 bytes
11 Dir(s) 22,301,388,800 bytes free


***********************Hidden Drivers********************
Volume in drive C has no label.
Volume Serial Number is A82A-2A8F

Directory of C:\Windows\System32\Drivers



*********************Processes*******************


PROCESS PID PRIO PATH
smss.exe 528 Normal C:\WINDOWS\System32\smss.exe
csrss.exe 592 Normal C:\WINDOWS\system32\csrss.exe
winlogon.exe 616 High C:\WINDOWS\system32\winlogon.exe
services.exe 660 Normal C:\WINDOWS\system32\services.exe
lsass.exe 672 Normal C:\WINDOWS\system32\lsass.exe
svchost.exe 840 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 916 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 1012 Normal C:\WINDOWS\System32\svchost.exe
svchost.exe 1084 Normal C:\WINDOWS\System32\svchost.exe
svchost.exe 1236 Normal C:\WINDOWS\system32\svchost.exe
LEXBCES.EXE 1444 Normal C:\WINDOWS\system32\LEXBCES.EXE
spoolsv.exe 1468 Normal C:\WINDOWS\system32\spoolsv.exe
LEXPPS.EXE 1512 Normal C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe 1656 Normal C:\WINDOWS\System32\svchost.exe
avgwdsvc.exe 1688 Normal C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
mclogsrv.exe 1748 Normal C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
mcupdmgr.exe 1816 Normal C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
mcnasvc.exe 1884 Normal c:\program files\common files\mcafee\mna\mcnasvc.exe
mcpromgr.exe 1928 Normal C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
mctskshd.exe 1948 Normal C:\PROGRA~1\McAfee\MSC\mctskshd.exe
mcusrmgr.exe 1992 Normal C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
mdm.exe 2036 Normal C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
svchost.exe 236 Normal C:\WINDOWS\System32\svchost.exe
avgemc.exe 556 Normal C:\PROGRA~1\AVG\AVG8\avgemc.exe
avgrsx.exe 736 Normal C:\PROGRA~1\AVG\AVG8\avgrsx.exe
avgnsx.exe 856 Normal C:\PROGRA~1\AVG\AVG8\avgnsx.exe
avgcsrvx.exe 1628 Normal C:\Program Files\AVG\AVG8\avgcsrvx.exe
alg.exe 2532 Normal C:\WINDOWS\System32\alg.exe
mcagent.exe 188 Normal C:\PROGRA~1\mcafee.com\agent\mcagent.exe
hkcmd.exe 2552 Normal C:\WINDOWS\system32\hkcmd.exe
tfswctrl.exe 2296 Normal C:\WINDOWS\system32\dla\tfswctrl.exe
PCMService.exe 2456 Normal C:\Program Files\Dell\Media Experience\PCMService.exe
realsched.exe 2320 Normal C:\Program Files\Common Files\Real\Update_OB\realsched.exe
OpwareSE2.exe 2660 Normal C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
USRmlnkA.exe 2692 Real Time C:\WINDOWS\SYSTEM32\USRmlnkA.exe
USRshutA.exe 2788 Normal C:\WINDOWS\SYSTEM32\USRshutA.exe
iTunesHelper.exe 2776 Normal C:\Program Files\iTunes\iTunesHelper.exe
lxcrmon.exe 2816 Normal C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
ezprint.exe 2860 Normal C:\Program Files\Lexmark 2400 Series\ezprint.exe
USRmlnkA.exe 2936 Normal C:\WINDOWS\SYSTEM32\USRmlnkA.exe
wuauclt.exe 3040 Normal C:\WINDOWS\system32\wuauclt.exe
avgtray.exe 3172 Normal C:\PROGRA~1\AVG\AVG8\avgtray.exe
hpgs2wnd.exe 3208 Normal C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
uTorrent.exe 3264 Normal C:\Program Files\uTorrent\uTorrent.exe
McLogCln.exe 3332 Normal C:\PROGRA~1\McAfee\MSC\McLogCln.exe
hpgs2wnf.exe 3348 Normal C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
lxcrcoms.exe 3384 High C:\WINDOWS\system32\lxcrcoms.exe
ctfmon.exe 3732 Normal C:\WINDOWS\system32\ctfmon.exe
iPodService.exe 1304 Normal C:\Program Files\iPod\bin\iPodService.exe
explorer.exe 3628 Normal C:\WINDOWS\explorer.exe
notepad.exe 3872 Normal C:\WINDOWS\notepad.exe
firefox.exe 2044 Normal C:\Program Files\Mozilla Firefox\firefox.exe
Photoshp.exe 1716 Normal C:\Program Files\Adobe\Photoshop 6.0\Photoshp.exe
AOM.exe 1308 Normal C:\Program Files\Common Files\Adobe\Web\AOM.exe
cmd.exe 1572 Normal C:\WINDOWS\system32\cmd.exe
processes.exe 2340 Normal C:\Documents and Settings\Ben Moffett\Desktop\SpiderKill\processes.exe


Module information for 'explorer.exe'(3628)
MODULE BASE SIZE PATH
explorer.exe 1000000 1044480 C:\WINDOWS\explorer.exe 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) Windows Explorer
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 598016 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_gdr.090415-1235) Remote Procedure Call Runtime
Secur32.dll 77fe0000 69632 C:\WINDOWS\system32\Secur32.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) Security Support Provider Interface
BROWSEUI.dll 75f80000 1036288 C:\WINDOWS\system32\BROWSEUI.dll 6.00.2900.2995 (xpsp.060913-0019) Shell Browser UI Library
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
USER32.dll 7e410000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) Windows XP USER API Client DLL
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) Microsoft OLE for Windows
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.2995 (xpsp.060913-0019) Shell Light-weight Utility Library
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.3266 5.1.2600.3266
SHDOCVW.dll 77760000 1507328 C:\WINDOWS\system32\SHDOCVW.dll 6.00.2900.2987 (xpsp.060901-0211) Shell Doc Object and Control Library
CRYPT32.dll 77a80000 606208 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.3624 (xpsp_sp2_gdr.090904-1413) ASN.1 Runtime APIs
CRYPTUI.dll 754d0000 524288 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Trust UI Provider
WINTRUST.dll 76c30000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Trust Verification APIs
IMAGEHLP.dll 76c90000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
NETAPI32.dll 5b860000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.3462 (xpsp_sp2_gdr.081015-1244) Net Win32 API DLL
WININET.dll 3d930000 856064 C:\WINDOWS\system32\WININET.dll 7.00.6000.16915 (vista_gdr.090826-0339) Internet Extensions for Win32
Normaliz.dll 400000 36864 C:\WINDOWS\system32\Normaliz.dll 6.0.5441.0 (winmain(wmbla).060628-1735) Unicode Normalization DLL
iertutil.dll 3dfd0000 282624 C:\WINDOWS\system32\iertutil.dll 7.00.6000.16915 (vista_gdr.090826-0339) Run time utility for Internet Explorer
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
SHELL32.dll 7c9c0000 8478720 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_gdr.080702-1233) Windows Shell Common Dll
UxTheme.dll 5ad70000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
ShimEng.dll 5cb70000 155648 C:\WINDOWS\system32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
MSACM32.dll 77be0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 6.0 (xpsp.060825-0040) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.060825-0040) Common Controls Library
MSCTF.dll 74720000 307200 C:\WINDOWS\system32\MSCTF.dll 5.1.2600.3319 (xpsp_sp2_gdr.080222-1435) MSCTF Server DLL
ophookSE2.dll 10000000 167936 C:\Program Files\ScanSoft\OmniPageSE2.0\ophookSE2.dll 12.0 OCR Aware Hook (32-bit)
msctfime.ime 755c0000 188416 C:\WINDOWS\system32\msctfime.ime 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Text Frame Work Service IME
appHelp.dll 77b40000 139264 C:\WINDOWS\system32\appHelp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application Compatibility Client Library
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.308 2001.12.4414.308
COMRes.dll 77050000 806912 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258 2001.12.4414.258
cscui.dll 77a20000 344064 C:\WINDOWS\System32\cscui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Client Side Caching UI
CSCDLL.dll 76600000 118784 C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Offline Network Agent
themeui.dll 5ba60000 462848 C:\WINDOWS\System32\themeui.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Windows Theme API
MSIMG32.dll 76380000 20480 C:\WINDOWS\System32\MSIMG32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) GDIEXT Client DLL
xpsp2res.dll 20000000 2904064 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
actxprxy.dll 71d40000 114688 C:\WINDOWS\system32\actxprxy.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ActiveX Interface Marshaling Library
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\system32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
LINKINFO.dll 76980000 32768 C:\WINDOWS\system32\LINKINFO.dll 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520) Windows Volume Tracking
ntshrui.dll 76990000 151552 C:\WINDOWS\system32\ntshrui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shell extensions for sharing
ATL.DLL 76b20000 69632 C:\WINDOWS\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
mslbui.dll 605d0000 36864 C:\WINDOWS\system32\mslbui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) LangageBar Add In
ieframe.dll 3e1c0000 6082560 C:\WINDOWS\system32\ieframe.dll 7.00.6000.16915 (vista_gdr.090826-0339) Internet Explorer
PSAPI.DLL 76bf0000 45056 C:\WINDOWS\system32\PSAPI.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Process Status Helper
urlmon.dll 78130000 1212416 C:\WINDOWS\system32\urlmon.dll 7.00.6000.16915 (vista_gdr.090826-0339) OLE32 Extensions for Win32
SETUPAPI.dll 77920000 995328 C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Setup API
msi.dll 7d1e0000 2875392 C:\WINDOWS\system32\msi.dll 3.1.4000.4039 Windows Installer
NETSHELL.dll 76400000 1728512 C:\WINDOWS\system32\NETSHELL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Network Connections Shell
rtutils.dll 76e80000 57344 C:\WINDOWS\system32\rtutils.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Routing Utilities
credui.dll 76c00000 188416 C:\WINDOWS\system32\credui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Credential Manager User Interface
WS2_32.dll 71ab0000 94208 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
iphlpapi.dll 76d60000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) IP Helper API
WINSTA.dll 76360000 65536 C:\WINDOWS\system32\WINSTA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Winstation Library
MLANG.dll 75cf0000 593920 C:\WINDOWS\system32\MLANG.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Multi Language Support DLL
webcheck.dll 42e40000 245760 C:\WINDOWS\system32\webcheck.dll 7.00.6000.16915 (vista_gdr.090826-0339) Web Site Monitor
stobject.dll 76280000 135168 C:\WINDOWS\system32\stobject.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Systray shell service object
BatMeter.dll 74af0000 40960 C:\WINDOWS\system32\BatMeter.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Battery Meter Helper DLL
POWRPROF.dll 74ad0000 32768 C:\WINDOWS\system32\POWRPROF.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Power Profile Helper DLL
WTSAPI32.dll 76f50000 32768 C:\WINDOWS\system32\WTSAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Terminal Server SDK APIs
wdmaud.drv 72d20000 36864 C:\WINDOWS\system32\wdmaud.drv 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WDM Audio driver mapper
msacm32.drv 72d10000 32768 C:\WINDOWS\system32\msacm32.drv 5.1.2600.0 (xpclient.010817-1148) Microsoft Sound Mapper
midimap.dll 77bd0000 28672 C:\WINDOWS\system32\midimap.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft MIDI Mapper
MPR.dll 71b20000 73728 C:\WINDOWS\system32\MPR.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Multiple Provider Router DLL
drprov.dll 75f60000 28672 C:\WINDOWS\System32\drprov.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Terminal Server Network Provider
ntlanman.dll 71c10000 57344 C:\WINDOWS\System32\ntlanman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Lan Manager
NETUI0.dll 71cd0000 94208 C:\WINDOWS\System32\NETUI0.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT LM UI Common Code - GUI Classes
NETUI1.dll 71c90000 262144 C:\WINDOWS\System32\NETUI1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT LM UI Common Code - Networking classes
NETRAP.dll 71c80000 28672 C:\WINDOWS\System32\NETRAP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Remote Admin Protocol DLL
davclnt.dll 75f70000 36864 C:\WINDOWS\System32\davclnt.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Web DAV Client DLL
rsaenh.dll ffd0000 163840 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
SXS.DLL 75e90000 720896 C:\WINDOWS\system32\SXS.DLL 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414) Fusion 2.5
browselc.dll 1570000 73728 C:\WINDOWS\system32\browselc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Browser UI Library
DUSER.dll 6c1b0000 315392 C:\WINDOWS\system32\DUSER.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows DirectUser Engine
msohev.dll 325c0000 73728 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll 11.0.5510 Microsoft Office 2003 component
rarext.dll 2320000 180224 C:\Program Files\WinRAR\rarext.dll
sti.dll 73ba0000 77824 C:\WINDOWS\System32\sti.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Still Image Devices client DLL
CFGMGR32.dll 74ae0000 28672 C:\WINDOWS\System32\CFGMGR32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Configuration Manager Forwarder DLL
mbamext.dll 23e0000 73728 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 1, 2, 0, 0 Malwarebytes' Anti-Malware
avgse.dll 6c330000 118784 C:\Program Files\AVG\AVG8\avgse.dll 8.5.0.401 AVG Shell Extension
MSVCP80.dll 7c420000 552960 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll 8.00.50727.762 Microsoft C++ Runtime Library
MSVCR80.dll 2520000 634880 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll 8.00.50727.762 Microsoft C Runtime Library
MSISIP.DLL 60980000 28672 C:\WINDOWS\system32\MSISIP.DLL 3.1.4000.1823 MSI Signature SIP Provider
wshext.dll 74ea0000 65536 C:\WINDOWS\System32\wshext.dll 5.6.0.8820 Microsoft (r) Shell Extension for Windows script Host
MFC42.DLL 73dd0000 1040384 C:\WINDOWS\system32\MFC42.DLL 6.02.4131.0 MFCDLL Shared Library - Retail Version
comdlg32.dll 763b0000 299008 C:\WINDOWS\system32\comdlg32.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Common Dialogs DLL
MCPS.DLL 36d30000 102400 C:\PROGRA~1\MICROS~4\OFFICE11\MCPS.DLL 11.0.5510 Media Catalog Proxy/Stub



******************************************
EOF

This is what I got for CKScanner:

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\ben moffett\my documents\downloads\winrar 3.90 final x86-x64 preregged\keygen.exe
scanner sequence 3.AP.11
----- EOF -----

And here's the SecurityCheck:

Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 2
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG Free 8.5
McAfee SecurityCenter
``````````````````````````````
Anti-malware/Other Utilities Check:
Spybot - Search & Destroy 1.2
HijackThis 2.0.2
Java 2 Runtime Environment, SE v1.4.2
Adobe Flash Player 10
Adobe Reader 6.0.1
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
AVG avgemc.exe
``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

Please upgrade to Windows XP SP3, because it includes all previously released updates. It also includes a small number of new functionalities. Some of the updates that Service Pack 3 provides, you may not have. It is now available via Windows Update.

==

Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.

==

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the entire report in your next reply.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

After the first set of instructions, I've yet to see a recurrence of the dreaded Security Tool. Nevertheless, I've made sure to complete every step exactly as you've stated. I've updated my Windows Service Pack and Adobe Acrobat Reader. I've run the full scan through MalwareBytes and this is the log file:

Malwarebytes' Anti-Malware 1.41
Database version: 3005
Windows 5.1.2600 Service Pack 3

10/21/2009 3:47:22 PM
mbam-log-2009-10-21 (15-47-11).txt

Scan type: Full Scan (C:\|)
Objects scanned: 222986
Time elapsed: 1 hour(s), 58 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\74888742\74888742.exe.vir (Rogue.SecurityTool) -> No action taken.

I don't want to jinx it, but I think this may be the end of my problems with this infection. THANK YOU SO MUCH! Is there anything else I need to do to complete this process?
R

To uninstall ComboFix

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /u

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

==

Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:

• Select Start > All Programs > Accessories > System tools > System Restore.
  
• On the dialogue box that appears select Create a Restore Point
  
• Click NEXT
  
• Enter a name e.g. Clean
  
• Click CREATE

You now have a clean restore point, to get rid of the bad ones:

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  
• In the Drop down box that appears select your main drive e.g. C
  
• Click OK
  
• The System will do some calculation and the display a dialogue box with TABS
  
• Select the More Options Tab.
  
• At the bottom will be a system restore box with a CLEANUP button click this
  
• Accept the Warning and select OK again, the program will close and you are done
  

==

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

Firewall

• Tallemu Online Armor: the free version is just as good as the premium. I have linked you to the free version.
  
• Comodo Firewall: the free version is just as good as the premium. I have linked you to the free version. The optional security suite enhances the firewall by 40% increase. If you would like to install the suite that includes antivirus, then remove your old antivirus first.
  
• PC Tools Firewall Plus: free and excellent firewall.

AntiSpyware

• SpywareBlaster
  SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here.
  
• Spybot - Search & Destroy.
  Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).
  

NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Securing your computer

• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.
  

Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:

• Firefox may be downloaded from here: http://www.getfirefox.com
  
• Opera is available here: http://www.opera.com/download/
  

Thank you for choosing GeekPolice. Please see this page if you would like to leave feedback or contribute to our site. Do you have any more questions?

Thanks a million, man. It's nice to have my comp back. And feel up-to-date, to boot. This has been a great experience. LISTEN TO THIS MAN, PEOPLE!

You are welcome.

Thanks for kind comments.