Here is my ComboFix Log
ComboFix 07-09-21.2 - "FareedD" 2007-09-27 15:10:06.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.97 [GMT -7:00]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\check_LSA7.txt
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\salesmonitor
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\winantispyware 2007\Data\ProductCode
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiSpyware 2007\Data\Abbr
C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinAntiSpyware 2007\Data\ProductCode
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\fse
C:\Temp\fse\tmpZTF.log
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\A1
C:\WINDOWS\system32\f02WtR
C:\WINDOWS\system32\pqtss.ini
C:\WINDOWS\system32\pqtss.ini2
C:\WINDOWS\system32\pqtss.tmp
C:\WINDOWS\system32\sstqp.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_CMDSERVICE
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_FOPN
-------\LEGACY_NETWORK_MONITOR
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-08-27 to 2007-09-27 )))))))))))))))))))))))))))))))
.
2007-09-27 13:59 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-27 08:53 <DIR> d-------- C:\Program Files\Avira
2007-09-27 00:01 106 --a------ C:\delete.bat
2007-09-26 23:48 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2007-09-26 20:12 <DIR> d-------- C:\WINDOWS\system32\vMW10a
2007-09-26 20:12 <DIR> d-------- C:\Temp\xOe
2007-09-25 16:35 <DIR> d-------- C:\DOCUME~1\FareedD\APPLIC~1\TrojanHunter
2007-09-25 16:03 <DIR> d-------- C:\Program Files\TrojanHunter 5.0
2007-09-18 22:10 <DIR> d-------- C:\Program Files\Lavasoft
2007-09-18 22:10 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-09-18 16:30 <DIR> d-------- C:\Program Files\a-squared Anti-Malware
2007-09-17 21:56 4,460 --a------ C:\WINDOWS\system32\tmp.reg
2007-09-17 21:47 <DIR> d-------- C:\!KillBox
2007-09-16 19:44 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Xfire
2007-09-16 19:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
2007-09-16 18:17 <DIR> d-------- C:\VundoFix Backups
2007-09-16 16:14 <DIR> d--hs---- C:\WINDOWS\RmFyZWVkRA
2007-09-16 16:14 <DIR> d-------- C:\WINDOWS\system32\GRB3
2007-09-16 16:14 <DIR> d-------- C:\WINDOWS\system32\DLL2
2007-09-16 16:14 <DIR> d-------- C:\WINDOWS\system32\chks2
2007-09-16 16:14 <DIR> d-------- C:\Temp
2007-09-04 21:53 21,393 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2007-09-04 21:53 21,393 --a------ C:\WINDOWS\AegisP.sys
2007-09-04 21:52 684,032 --a------ C:\WINDOWS\system32\NETw4c32.dll
2007-09-04 21:52 2,772,992 --a------ C:\WINDOWS\system32\NETw4r32.dll
2007-09-04 21:51 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Intel
2007-09-04 21:51 <DIR> d-------- C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
2007-09-04 21:51 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Intel
2007-09-04 21:50 <DIR> d-------- C:\DOCUME~1\FareedD\APPLIC~1\Intel
2007-09-04 21:50 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
2007-08-29 20:54 <DIR> d-------- C:\DOCUME~1\NETWOR~1\APPLIC~1\Xfire
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-26 22:49 --------- d-------- C:\DOCUME~1\FareedD\APPLIC~1\Azureus
2007-09-26 22:01 --------- d-------- C:\DOCUME~1\FareedD\APPLIC~1\Xfire
2007-09-25 17:48 --------- d---s---- C:\Program Files\Xfire
2007-09-18 22:09 --------- d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-18 17:48 --------- d-------- C:\Program Files\PPStream
2007-09-17 22:11 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-09-17 10:09 --------- d-------- C:\Program Files\Ad-Aware SE Personal
2007-09-16 19:33 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-09-12 12:42 --------- d-------- C:\DOCUME~1\FareedD\APPLIC~1\ppStream
2007-09-12 12:41 --------- d-------- C:\Program Files\MSN Messenger
2007-08-18 09:43 --------- d-------- C:\Program Files\MSXML 6.0
2007-08-18 09:00 --------- d-------- C:\Program Files\Common Files\Real
2007-08-18 09:00 --------- d-------- C:\DOCUME~1\FareedD\APPLIC~1\Real
2007-08-08 08:17 2211456 --a------ C:\WINDOWS\system32\drivers\NETw4x32.sys
2007-08-07 13:58 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-08-07 13:56 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys
2005-07-29 23:24:26 472 --sha-r C:\WINDOWS\RmFyZWVkRA\lAIVtqp4lE.vbs
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{36379D3A-0631-4AE6-B845-9949A210C753}]
C:\Program Files\MSN Gaming Zone\quso4444.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6E03043B-7D49-4614-BA32-F6F3BA7375B8}]
C:\Program Files\MSN Gaming Zone\quso83122.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{707D3294-ED60-490E-6A97-8FFDE3BBC0C2}]
C:\Program Files\MSN\tefapi.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{851194DE-05DB-4C0D-919A-D2F7921684A6}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8B27CC68-110C-46a9-80D3-F3107DE6EB98}]
C:\Program Files\ISM\BndDrive4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-12-13 00:44]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-12-13 00:41]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-12-13 00:45]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 09:48]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 14:30 C:\WINDOWS\stsystra.exe]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2004-04-11 18:15]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2006-05-03 03:12]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-04-06 12:58]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 08:44]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 08:44]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 03:20]
"ECenter"="c:\dell\E-Center\gtb.exe" [2006-06-14 06:17]
"MSKDetectorExe"="C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" [2005-07-12 17:05]
"DLCFCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll" [2005-09-08 11:55]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2007-03-16 18:10]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-07-25 16:32]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-07-25 16:30]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:00]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 13:39]
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-09-02 22:56:13]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06]
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-06-16 09:11:42]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-07-17 09:20:24]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2002-03-27 15:40:15]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{F884BE4E-64D5-43FE-80A4-DB8D63C748F0}"= C:\WINDOWS\system32\tuvsrqp.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tuvsrqp]
tuvsrqp.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"a-squared"="C:\Program Files\a-squared Anti-Malware\a2guard.exe"
S3 hamachi_oem;PlayLinc Adapter;C:\WINDOWS\system32\DRIVERS\gan_adapter.sys
.
Contents of the 'Scheduled Tasks' folder
"2007-03-02 14:35:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-09-27 15:17:23
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-09-27 15:18:59 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-27 15:18
.
--- E O F ---
Here is my hijackthis log
Logfile of HijackThis v1.99.1
Scan saved at 3:22:53 PM, on 9/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\scanner.exe.exe
c:\dell\E-center\gtb.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =
http://www.google.com/ig/dell?hl=en&cli ... channel=us
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {36379D3A-0631-4AE6-B845-9949A210C753} - C:\Program Files\MSN Gaming Zone\quso4444.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {6E03043B-7D49-4614-BA32-F6F3BA7375B8} - C:\Program Files\MSN Gaming Zone\quso83122.dll (file missing)
O2 - BHO: 0 - {707D3294-ED60-490E-6A97-8FFDE3BBC0C2} - C:\Program Files\MSN\tefapi.dll (file missing)
O2 - BHO: (no name) - {851194DE-05DB-4C0D-919A-D2F7921684A6} - (no file)
O2 - BHO: BndDrive2 BHO Class - {8B27CC68-110C-46a9-80D3-F3107DE6EB98} - C:\Program Files\ISM\BndDrive4.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ECenter] "c:\dell\E-Center\gtb.exe"
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [DLCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplanet.com/fpdlmgr/cabs/ ... 2.2.89.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: tuvsrqp - tuvsrqp.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: dlcf_device - - C:\WINDOWS\system32\dlcfcoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
I used antivir to do a scan, then ran the combofix, then hijackthis. My firewall is NOW on, it