Trogan - actually, ComboFix did NOT generate "combofix.txt" when I first ran it, only the quarantine file. Perhaps those messages I saw about the program "already in use" mean it was trying to generate such a file but I interfered with it?
>>>>>>>In any case, I ran it again and here's the report:
"bhackney" - 07-04-24 5:33:25 Service Pack 2
ComboFix 07-04-22.6V - Running from: "C:\Documents and Settings\bhackney.SRH4\Desktop\Downloads\"
((((((((((((((((((((((((((((((( Files Created from 2007-03-24 to 2007-04-24 ))))))))))))))))))))))))))))))))))
2007-04-23 08:32 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
2007-04-23 06:26 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-04-22 14:11 <DIR> d-------- C:\Program Files\BillP Studios
2007-04-20 12:27 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-04-19 11:27 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-04-19 10:13 <DIR> d-------- C:\Program Files\Lavasoft
2007-04-19 10:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-16 21:51 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-04-16 21:50 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-04-16 17:34 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2007-04-16 16:37 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-03-31 09:09 4,456,448 --a------ C:\DOCUME~1\BHACKN~2.SRH\ntuser.dat
2007-03-30 16:48 <DIR> d-------- C:\DOCUME~1\BHACKN~2.SRH\APPLIC~1\MailFrontier
2007-03-29 17:25 75,512 --a------ C:\WINDOWS\zllsputility.exe
2007-03-29 17:25 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-03-29 17:25 1,087,216 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-03-28 10:43 <DIR> d-------- C:\EAW SAV
2007-03-26 08:12 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\YNAB
2007-03-26 08:04 <DIR> d-------- C:\YNAB Pro
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-04-23 06:22 -------- d-------- C:\DOCUME~1\BHACKN~2.SRH\APPLIC~1\winpatrol
2007-04-20 14:08 -------- d-------- C:\Program Files\navnt
2007-04-20 13:57 -------- d-------- C:\Program Files\google
2007-03-29 17:28 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-03-23 07:52 -------- d-------- C:\Program Files\moneytools
2007-03-17 06:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-08 11:27 -------- d-------- C:\DOCUME~1\BHACKN~2.SRH\APPLIC~1\real
2007-03-08 08:36 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 08:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 08:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 06:47 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-05 07:07 -------- d-------- C:\DOCUME~1\BHACKN~2.SRH\APPLIC~1\viewpoint
2007-02-05 13:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
{7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} C:\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar2.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"vptray"="C:\\Program Files\\NavNT\\vptray.exe"
"Synchronization Manager"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,\
"WinPatrol"="C:\\Program Files\\BillP Studios\\WinPatrol\\winpatrol.exe"
"ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktopChanges"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\s-1-5-21-2512832447-3499852398-3877017340-1172\scripts\logon\0\0
script REG_SZ \\srhfinancial.corp\SysVol\srhfinancial.corp\scripts\srh_logon.bat
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\s-1-5-21-2512832447-3499852398-3877017340-1186\scripts\logon\0\0
script REG_SZ \\srhfinancial.corp\SysVol\srhfinancial.corp\scripts\bc_logon.bat
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\s-1-5-21-2512832447-3499852398-3877017340-1207\scripts\logon\0\0
script REG_SZ \\srhfinancial.corp\SysVol\srhfinancial.corp\scripts\bc_logon.bat
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\s-1-5-21-2512832447-3499852398-3877017340-1212\scripts\logon\0\0
script REG_SZ \\srhfinancial.corp\SysVol\srhfinancial.corp\scripts\bc_logon.bat
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\s-1-5-21-2512832447-3499852398-3877017340-1214\scripts\logon\0\0
script REG_SZ \\srhfinancial.corp\SysVol\srhfinancial.corp\scripts\bc_logon.bat
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D]
Shell\AutoRun\command D:\Capinst.exe
********************************************************************
catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-04-24 05:41:36
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-04-24 5:44:06
C:\ComboFix-quarantined-files.txt ... 07-04-24 05:44
==============================
>>>>>>>>Here is the uninstall.list from HiJack:
Ad-Aware SE Personal
Adobe Flash Player 9 ActiveX
Adobe Reader 8
AOL Deskbar
AOL Toolbar
AOL You've Got Pictures Screensaver
Apple Software Update
AVG 7.5
AVG Anti-Rootkit Free
AVG Anti-Spyware 7.5
Billionaire II v.1.07
Business Plan Pro 4.0
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window DSLR 5 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities PhotoStitch 3.1
Canon ZoomBrowser EX (E)
Capitalism II
del.icio.us Buttons for Internet Explorer
European Air War
Galactic Civilizations II Demo
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
Hearts of Iron 2
Hearts of Iron II Research Assistant
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hijackthis 1.99.1
HijackThis 1.99.1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
IL-2 Sturmovik: Forgotten Battles
Industryplayer 4.0
IngenMoney Pro 3.0
Intel(R) PRO Ethernet Adapter and Software
InterBase
iPod for Windows 2005-03-23
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 8
Lemonade Tycoon
Medieval - Total War (TM) - Viking Invasion (TM)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Windows Journal Viewer
Money Tools
MSN Music Assistant
Norton AntiVirus Corporate Edition
Panda ActiveScan
QuickBooks Premier Edition 2004
QuickTime
Railroad Tycoon II - Platinum
Railroad Tycoon II - The Next Millenium
RealPlayer
Risk II
Rome - Total War
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Sid Meier's Pirates!
SoundMAX
Spybot - Search & Destroy 1.4
Starfleet Command II - Demo
Tropico
ubi.com
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB929338)
Update for Windows XP (KB931836)
Viewpoint Media Player
WebEx
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinPatrol
WinPatrol
WinPatrol
WinZip
Yahoo! Toolbar
YNAB Pro version 1.2.6.0
ZoneAlarm