Wow, that seems to have cleared up a lot of the issues I was having. The "Windows Warning" has disappeared and I am not getting any pop ups. I have also had problems with my CD Burner in the past. It will play CDs and read information, just won't recognize the burner for some reason. Any chance that it is software related or is it just a hardware glitch? Thanks again for all the help.
Here are the two Files you asked for.
ComboFix 08-05-12.1 - Daren 2008-05-14 18:34:59.1 - NTFSx86
Running from: C:\Documents and Settings\Daren\My Documents\virus protection\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Daren\Application Data\APPATC~1
C:\Documents and Settings\Daren\Application Data\Dxcknwrd.dll
C:\Documents and Settings\Daren\Application Data\Dxcuknwrd.dll
C:\Documents and Settings\Daren\Application Data\macromedia\Flash Player\#SharedObjects\X72NZZHJ\www.broadcaster.com
C:\Documents and Settings\Daren\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Daren\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\Documents and Settings\Daren\Application Data\SSTEM3~1
C:\Documents and Settings\Daren\Local Settings\Temporary Internet Files\Dxc.log
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Dxc.log
C:\Program Files\Common Files\{34DAE~1
C:\Program Files\Common Files\{34DAE~1\Bar888.dll
C:\Program Files\Common Files\{34DAE~1\UnInstall.exe
C:\Program Files\Common Files\{54DAE~1
C:\Program Files\Common Files\sks~1
C:\Program Files\Common Files\Yazzle1162OinUninstaller.exe
C:\Program Files\deskalerts
C:\Program Files\deskalerts\basis.xml
C:\Program Files\deskalerts\cancel_button.gif
C:\Program Files\deskalerts\deskbar.crc
C:\Program Files\deskalerts\deskbar.inf
C:\Program Files\deskalerts\history.html
C:\Program Files\deskalerts\hs_delete.bmp
C:\Program Files\deskalerts\hs_search.bmp
C:\Program Files\deskalerts\icons.bmp
C:\Program Files\deskalerts\mbclose.bmp
C:\Program Files\deskalerts\mblogo.bmp
C:\Program Files\deskalerts\notify.wav
C:\Program Files\deskalerts\options.html
C:\Program Files\deskalerts\save_button.gif
C:\Program Files\deskalerts\title_back.gif
C:\Program Files\deskalerts\version.txt
C:\Program Files\inetget2
C:\Program Files\inetget2\emg.exe
C:\Program Files\Insider
C:\Program Files\Insider\Insider.exe
C:\Program Files\Insider\UnInstall.exe
C:\Program Files\ISM2
C:\Program Files\ISM2\dictionary.gz
C:\Program Files\ISM2\targets.gz
C:\Program Files\Router
C:\Program Files\Temporary
C:\Program Files\WinAble
C:\WINDOWS\awuvwu.dll
C:\WINDOWS\cookies.ini
C:\WINDOWS\ddddde.dll
C:\WINDOWS\fcyyxx.dll
C:\WINDOWS\icroso~1
C:\WINDOWS\khecbc.dll
C:\WINDOWS\loopoq.ini
C:\WINDOWS\mwinsys.ini
C:\WINDOWS\nprrru.ini
C:\WINDOWS\onmpqr.ini
C:\WINDOWS\opqrsr.dll
C:\WINDOWS\qopool.dll
C:\WINDOWS\RGFyZW4gSG9sbGV5\
C:\WINDOWS\rqpmno.dll
C:\WINDOWS\rsrqpo.ini
C:\WINDOWS\system32\bund1
C:\WINDOWS\system32\bund1\ClientBundle1.exe
C:\WINDOWS\system32\bund1\temp.txt
C:\WINDOWS\system32\cookie.dat
C:\WINDOWS\system32\crosof~1.net
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\core.sys
C:\WINDOWS\system32\drivers\fad.sys
C:\WINDOWS\system32\fnts~1
C:\WINDOWS\system32\ldinfo.ldr
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mcroso~1
C:\WINDOWS\system32\mcroso~1\M?crosoft\
C:\WINDOWS\system32\msdtc_32.exe
C:\WINDOWS\system32\mywebhit.ini
C:\WINDOWS\system32\mywebhit.ini.tmp
C:\WINDOWS\system32\ps.dat
C:\WINDOWS\system32\scrsys070424.scr
C:\WINDOWS\system32\service.exe
C:\WINDOWS\system32\svchosts.lzma
C:\WINDOWS\system32\tmp11.tmp.dll
C:\WINDOWS\system32\tmp120.tmp.dll
C:\WINDOWS\system32\tmp237.tmp.dll
C:\WINDOWS\system32\tmp2EE.tmp.dll
C:\WINDOWS\system32\tmp30E.tmp.dll
C:\WINDOWS\system32\tmp4DE.tmp.dll
C:\WINDOWS\system32\tmp5C8.tmp.dll
C:\WINDOWS\system32\tmp729.tmp.dll
C:\WINDOWS\system32\tmp7AB.tmp.dll
C:\WINDOWS\system32\tmp8DA.tmp.dll
C:\WINDOWS\system32\tmpA0.tmp.dll
C:\WINDOWS\system32\tsuninst.exe
C:\WINDOWS\system32\unsvchosts.lzma
C:\WINDOWS\system32\winnb58.dll
C:\WINDOWS\tuvvvt.dll
C:\WINDOWS\uninst2.htm
C:\WINDOWS\unist1.htm
C:\WINDOWS\urrrpn.dll
C:\WINDOWS\uwvuwa.ini
C:\WINDOWS\wwwxay.ini
C:\WINDOWS\xxyycf.ini
C:\WINDOWS\yaxwww.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CLIENT_IP-IPX
-------\Legacy_CMDSERVICE
-------\Legacy_CORE
-------\Legacy_DOMAINSERVICE
-------\Legacy_NETWORK_MONITOR
-------\Service_cmdService
-------\Service_core
-------\Service_DomainService
((((((((((((((((((((((((( Files Created from 2008-04-14 to 2008-05-14 )))))))))))))))))))))))))))))))
.
2008-05-10 23:49 . 2008-05-10 23:49 0 --ahs---- C:\Documents and Settings\Daren\Application Data\
0000000000CHEV1.dat
2008-04-28 13:37 . 2008-04-28 13:34 13,824 --a------ C:\Documents and Settings\Daren\Application Data\ueclb.exe
2008-04-22 22:17 . 2008-04-23 13:55 <DIR> d-------- C:\Documents and Settings\Daren\Application Data\Canon
2008-04-22 22:05 . 2008-04-22 22:05 <DIR> d--h----- C:\CanoScan
2008-04-22 22:05 . 2002-05-24 03:04 389,180 --a------ C:\WINDOWS\SYSTEM32\UCS32P.DLL
2008-04-22 22:05 . 2003-09-17 17:35 339,968 --a------ C:\WINDOWS\SYSTEM32\N067UFW.DLL
2008-04-22 22:05 . 2002-09-12 01:07 36,864 --a------ C:\WINDOWS\SYSTEM32\CNQU70.DLL
2008-04-15 23:58 . 2008-04-15 23:58 17,131 --a------ C:\borzoi_medium.zip
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-14 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2008-05-12 02:15 --------- d-----w C:\Program Files\Azureus
2008-05-02 12:14 --------- d-----w C:\Documents and Settings\Daren\Application Data\Azureus
2008-04-14 14:43 --------- d-----w C:\Program Files\ACAD2000
2008-03-29 14:52 --------- d-----w C:\Documents and Settings\Daren\Application Data\AdobeUM
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\SYSTEM32\msjint40.dll
2008-03-26 16:52 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Yahoo!
2008-03-26 14:04 --------- d-----w C:\Documents and Settings\Daren\Application Data\AVG7
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\SYSTEM32\win32k.sys
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\SYSTEM32\wininet.dll
2008-02-22 23:49 1,731 ----a-w C:\WINDOWS\SYSTEM32\golyy5dd1.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\SYSTEM32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\SYSTEM32\dnsrslvr.dll
2007-06-19 18:49 103,376 ----a-w C:\Program Files\unrar.exe
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 1,404,928 2004-10-14 21:42:54 C:\Program Files\Analog Devices\Core\bak\smax4pnp.exe
----a-w 1,404,928 2004-10-14 21:42:54 C:\Program Files\Analog Devices\Core\smax4pnp.exe
----a-w 45,056 2004-03-11 01:57:06 C:\Program Files\BELKIN USB Wireless Monitor\bak\InfoMyCa.exe
----a-w 110,592 2004-01-07 07:01:00 C:\Program Files\Common Files\Sonic\Update Manager\bak\sgtray.exe
----a-w 110,592 2004-01-07 07:01:00 C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
----a-w 101,888 2005-05-19 18:55:58 C:\Program Files\ESPNRunTime\bak\DIGServices.exe
----a-w 101,888 2005-05-19 18:55:58 C:\Program Files\ESPNRunTime\DIGServices.exe
----a-w 257,088 2007-03-02 21:24:28 C:\Program Files\iTunes\bak\iTunesHelper.exe
----a-w 267,048 2007-12-11 18:10:26 C:\Program Files\iTunes\iTunesHelper.exe
----a-w 75,520 2006-12-15 09:23:27 C:\Program Files\Java\jre1.5.0_11\bin\bak\jusched.exe
----a-w 75,520 2006-12-15 09:23:27 C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
----a-w 1,083,392 2004-08-03 23:18:16 C:\Program Files\McAfee\SpamKiller\bak\MSKDetct.exe
----a-w 1,083,392 2004-08-03 23:18:16 C:\Program Files\McAfee\SpamKiller\MSKDetct.exe
----a-w 1,694,208 2004-10-13 16:24:37 C:\Program Files\Messenger\bak\msmsgs.exe
----a-w 1,694,208 2004-10-13 16:24:37 C:\Program Files\Messenger\msmsgs.exe
----a-w 282,624 2007-02-16 16:54:04 C:\Program Files\QuickTime\bak\qttask.exe
----a-w 282,624 2007-02-16 16:54:04 C:\Program Files\QuickTime\qttask.exe
----a-w 26,112 2005-02-09 04:59:23 C:\Program Files\Real\RealPlayer\bak\RealPlay.exe
----a-w 118,784 2004-08-20 21:51:14 C:\WINDOWS\SYSTEM32\bak\hkcmd.exe
----a-w 118,784 2004-08-20 21:51:14 C:\WINDOWS\SYSTEM32\hkcmd.exe
----a-w 155,648 2004-08-20 21:55:14 C:\WINDOWS\SYSTEM32\bak\igfxtray.exe
----a-w 155,648 2004-08-20 21:55:14 C:\WINDOWS\SYSTEM32\igfxtray.exe
----a-w 122,939 2004-08-13 07:05:00 C:\WINDOWS\SYSTEM32\dla\bak\tfswctrl.exe
----a-w 122,939 2004-08-13 07:05:00 C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0a720914-a097-48c6-8fd4-0f233464d15e}]
C:\WINDOWS\system32\ksphts.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{160DD5FB-D94E-44BC-3D92-8AE3190ED903}]
C:\Program Files\Movie Maker\qufaqydit.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{172917B8-D7BA-4242-9137-B51569C9D9C3}]
C:\Program Files\MSN\mesowic24418.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8ABA9A9C-8791-4d61-8D5B-BCC9448EA573}]
C:\Program Files\ISM\BndDrive7.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-12 08:56 15360]
"Lqsc"="C:\Documents and Settings\Daren\Application Data\A?pPatch\m?hta.exe" [ ]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 18:43 4670704]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 16:42 1404928]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-08-20 16:55 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-08-20 16:51 118784]
"mebem"="C:\Program Files\ComPlus Applications\mebem77798.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-16 11:54 282624]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-23 20:12 579584]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25 6731312]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 06:00 158208]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24 620152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-24 16:26 219136]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="C:\WINDOWS\system32\Macromed\Flash\GetFlash.exe" [ ]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-04-14 10:07:12 295606]
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"{54DAEEE3-0958-1033-1202-030512200001}"= "C:\Program Files\Common Files\{54DAEEE3-0958-1033-1202-030512200001}\Update.exe" mc-110-12-0000272
"mscheck"= rundll32.exe "C:\WINDOWS\system32\winchech070818.dll" mymain
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer\run]
"{54DAEEE3-0958-1033-1202-030512200001}"= "C:\Program Files\Common Files\{54DAEEE3-0958-1033-1202-030512200001}\Update.exe" mc-110-12-0000501
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\
0]
Source= C:\Program Files\Movie Maker\rtenefsuwuys.html
FriendlyName=
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ksphts]
ksphts.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\54daee4c]
C:\WINDOWS\yaabya.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdaptecDirectCD]
--a------ 2008-01-24 15:03 655360 C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
--a------ 2007-02-28 23:06 2321600 C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreateCD50]
--a------ 2008-01-29 14:05 110592 C:\PROGRA~1\COMMON~1\ADAPTE~1\CreateCD\CREATE~1.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-04-03 17:29 165784 C:\Program Files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIGServices]
--a------ 2005-05-19 13:55 101888 C:\Program Files\ESPNRunTime\DIGServices.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIGStream]
C:\Program Files\DIGStream\digstream.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Insider]
C:\Program Files\Insider\Insider.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-12-11 13:10 267048 C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
--a------ 2004-08-03 18:18 1083392 C:\Program Files\McAfee\SpamKiller\MSKDetct.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 11:24 1694208 C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QdrModule9]
C:\Program Files\QdrModule\QdrModule9.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2006-12-15 04:23 75520 C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinPop]
C:\Program Files\WinPop\winpop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 18:43 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1175:TCP"= 1175:TCP:@xpsp2res.dll,-22005
"13298:TCP"= 13298:TCP:@xpsp2res.dll,-22005
"6225:TCP"= 6225:TCP:@xpsp2res.dll,-22005
"54372:TCP"= 54372:TCP:@xpsp2res.dll,-22005
S1 cdudf;cdudf;C:\WINDOWS\system32\drivers\cdudf.sys [2001-01-11 06:00]
S2 Nen_Windows;Nen_Windows;C:\WINDOWS\vernew.exe []
S3 MTK;Media Technology Kernel Driver;C:\WINDOWS\system32\Drivers\mtk.sys []
.
Contents of the 'Scheduled Tasks' folder
"2008-05-14 13:45:36 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-09 23:30:00 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (DARENERIN-Welcome).job"
- c:\program files\mcafee.com\vso\mcmnhdlr.exe
"2008-05-15 00:04:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-05-14 18:53:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2008-05-14 19:06:34 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-15 00:06:15
Pre-Run: 4,158,685,184 bytes free
Post-Run: 4,602,527,744 bytes free
307 --- E O F --- 2008-05-14 08:02:50
=====================
Logfile of HijackThis v1.99.1
Scan saved at 9:28:22 PM, on 5/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\ESPNRunTime\DIGServices.exe
C:\Documents and Settings\Daren\My Documents\virus protection\hjt\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0a720914-a097-48c6-8fd4-0f233464d15e} - C:\WINDOWS\system32\ksphts.dll (file missing)
O2 - BHO: 0 - {160DD5FB-D94E-44BC-3D92-8AE3190ED903} - C:\Program Files\Movie Maker\qufaqydit.dll (file missing)
O2 - BHO: (no name) - {172917B8-D7BA-4242-9137-B51569C9D9C3} - C:\Program Files\MSN\mesowic24418.dll (file missing)
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: BndShell3 BHO Class - {8ABA9A9C-8791-4d61-8D5B-BCC9448EA573} - C:\Program Files\ISM\BndDrive7.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &ESPN - {AE6F2894-AF10-4C9C-B16E-1DFC6FF8C0C6} - C:\Program Files\ESPN\Toolbar\DIGToolBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [mebem] C:\Program Files\ComPlus Applications\mebem77798.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Lqsc] "C:\Documents and Settings\Daren\Application Data\A?pPatch\m?hta.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1168893765694
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: ksphts - ksphts.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nen_Windows - Unknown owner - C:\WINDOWS\vernew.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
