I was able to download and run ComboFix while computer was in safe mode. Once I completed it the computer automatically switched to regular mode. Here is the ComboFix log, followed by the Hijack This list of programs installed:
COMBOFIX LOG
ComboFix 09-05-06.02 - Dell 05/06/2009 22:30.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2559.2172 [GMT -4:00]
Running from: c:\documents and settings\Dell\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated)
AV: Sunbelt VIPRE *On-access scanning enabled* (Updated)
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Administrator\Application Data\Sskuknwrd.dll
c:\documents and settings\Administrator\Local Settings\Temporary Internet Files\Ssk.log
c:\documents and settings\Dell\Application Data\inst.exe
c:\documents and settings\Dell\Application Data\Install.dat
c:\documents and settings\Dell\Application Data\Sskdmns.dll
c:\windows\IE4 Error Log.txt
c:\windows\patch.exe
c:\windows\system32\ad.html
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_WINDOWS_MANAGEMENT_SERVICE
((((((((((((((((((((((((( Files Created from 2009-04-07 to 2009-05-07 )))))))))))))))))))))))))))))))
.
2009-05-06 22:53 . 2009-05-06 22:55 -------- d-sh--w c:\documents and settings\Dell\Application Data\lowsec
2009-04-27 07:00 . 2009-04-27 07:00 -------- d-----w c:\program files\MSXML 4.0
2009-04-26 02:33 . 2009-04-26 02:33 -------- d-----w c:\program files\Trend Micro
2009-04-26 01:13 . 2009-03-05 03:30 69936 ----a-w c:\windows\system32\drivers\sbapifs.sys
2009-04-26 01:12 . 2008-09-12 13:38 13360 ----a-w c:\windows\system32\drivers\sbaphd.sys
2009-04-25 16:57 . 2009-04-25 16:57 -------- d-----w c:\documents and settings\All Users\Application Data\Sunbelt
2009-04-25 16:56 . 2009-04-25 16:56 -------- d-----w c:\documents and settings\Dell\Application Data\Sunbelt
2009-04-25 16:54 . 2008-10-09 14:21 202928 ----a-w c:\windows\system32\drivers\sbtis.sys
2009-04-25 16:53 . 2009-04-25 16:53 -------- d-----w c:\program files\Sunbelt Software
2009-04-25 03:18 . 2009-04-06 19:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-25 03:18 . 2009-04-06 19:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-25 03:18 . 2009-04-25 03:18 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-19 00:10 . 2009-04-19 00:10 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-04-19 00:10 . 2009-04-19 00:10 -------- d-----w c:\windows\system32\IOSUBSYS
2009-04-16 04:13 . 2009-03-06 14:22 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 04:13 . 2009-02-09 12:10 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 04:13 . 2009-02-06 11:11 110592 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 04:13 . 2009-02-09 12:10 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 04:13 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 04:13 . 2009-02-09 12:10 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 04:13 . 2009-02-09 12:10 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 04:13 . 2009-02-09 12:10 617472 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 04:13 . 2009-02-09 12:10 714752 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 04:02 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll
2009-04-16 04:02 . 2008-04-21 12:08 215552 -c----w c:\windows\system32\dllcache\wordpad.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-22 16:56 . 2007-06-22 02:43 -------- d-----w c:\program files\Java
2009-04-19 00:10 . 2008-06-19 03:54 -------- d-----w c:\program files\Google
2009-04-11 09:11 . 2007-06-10 23:24 -------- d-----w c:\program files\AOL 9.0
2009-03-29 05:28 . 2009-03-13 22:42 -------- d-----w c:\program files\DeductionPro 2008
2009-03-17 17:26 . 2009-03-17 17:26 65320 ----a-w c:\windows\system32\sbbd.exe
2009-03-13 22:42 . 2004-09-17 19:25 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-13 22:40 . 2009-03-13 22:37 -------- d-----w c:\program files\TaxCut08
2009-03-09 09:19 . 2008-11-23 12:19 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 14:22 . 2002-06-25 21:44 284160 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:18 . 2002-03-05 12:56 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-20 18:09 . 2004-08-04 07:56 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 12:10 . 2002-06-25 21:40 729088 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 12:10 . 2004-09-17 20:51 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 12:10 . 2002-06-25 21:43 714752 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 12:10 . 2002-06-25 21:43 387584 ----a-r c:\documents and settings\Dell\Application Data\sdra64.exe
2009-02-09 12:10 . 2002-06-25 21:36 617472 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 11:13 . 2002-06-25 21:50 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-07 23:02 . 2002-06-25 21:43 2066048 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-06 11:11 . 2002-06-25 21:45 110592 ----a-w c:\windows\system32\services.exe
2009-02-06 11:08 . 2002-06-25 21:43 2189056 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-06 10:39 . 2002-06-25 21:45 35328 ----a-w c:\windows\system32\sc.exe
2008-12-02 04:07 . 2008-12-02 03:50 27462344 ----a-w c:\program files\setupeng.exe
2008-11-30 06:06 . 2008-11-30 06:06 23804784 ----a-w c:\program files\aaw2008.exe
2008-09-18 03:01 . 2008-09-18 03:01 15327629 ----a-w c:\program files\My birthday DVD.vpc
2008-09-14 02:37 . 2008-09-14 02:37 10367496 ----a-w c:\program files\vsophotodvd_setup.exe
2008-01-20 03:48 . 2008-01-20 01:59 32213504 ----a-w c:\program files\virusscan85i_troy.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"AOL Fast Start"="c:\program files\AOL 9.0\AOL.EXE" [2007-04-18 50736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-12-17 684032]
"HostManager"="c:\program files\Common Files\AOL\1124679661\ee\AOLSoftware.exe" [2008-06-24 41824]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]
"Dell Photo AIO Printer 922"="c:\program files\Dell Photo AIO Printer 922\dlbtbmgr.exe" [2004-03-29 290816]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-07-28 4841472]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"McAfeeUpdaterUI"="c:\common framework\UdaterUI.exe" [2006-12-19 136768]
"ShStatEXE"="c:\mcafee\SHSTAT.EXE" [2007-02-23 112216]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"SBAMTray"="c:\program files\Sunbelt Software\VIPRE\SBAMTray.exe" [2009-03-17 955688]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2003-07-28 323584]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\
0SsiEfr.e
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire 4.2.6\\LimeWire.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\1124679661\\ee\\AOLServiceHost.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\acs\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1124679661\\ee\\aolsoftware.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [4/25/2009 9:12 PM 13360]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [4/25/2009 12:54 PM 202928]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [4/25/2009 9:13 PM 69936]
S2 SBAMSvc;VIPRE Antivirus + Antispyware;c:\program files\Sunbelt Software\VIPRE\SBAMSvc.exe [3/17/2009 1:26 PM 894248]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 8:19 PM 13592]
S3 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [10/22/2008 5:08 PM 92464]
--- Other Services/Drivers In Memory ---
*Deregistered* - ATWPKT2
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
HKCU-Run-powerdll - AppMasterCenter.exe
HKCU-Run-ATLIEHELPER - cmon14.exe
HKLM-Run-PCMM2007RT - c:\program files\PC MightyMax 2007\pcmm2007.exe
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://msn.com/uSearchMigratedDefaultURL =
hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = iexplore
IE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IE: &Search - ?p=ZUxdm265YYUS
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: colonialchem.com\colonialchem2
TCP: {F84C6EDD-ABEC-4007-91FE-D1F2F87F8136} = 4.2.2.2,4.2.2.3
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-05-06 22:32
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3552)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-05-07 22:35
ComboFix-quarantined-files.txt 2009-05-07 02:35
Pre-Run: 63,120,142,336 bytes free
Post-Run: 63,095,418,880 bytes free
182 --- E O F --- 2009-04-29 07:06
HIJACK THIS UNINSTALL LOG
ABBYY FineReader 5.0 Sprint Plus
Adobe Flash Player 10 ActiveX
Adobe Reader 7.1.0
Adobe Shockwave Player
Adobe® Photoshop® Album Starter Edition 3.0
AOL Explorer
AOL Instant Messenger
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
BCM V.92 56K Modem
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
DeductionPro 2007
DeductionPro 2008
Dell Photo AIO Printer 922
Dell ResourceCD
Easy CD Creator 5 Basic
FaxTools
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Intel(R) PRO Network Adapters and Drivers
Jasc Paint Shop Photo Album
Jasc Paint Shop Pro 8 Dell Edition
Java(TM) 6 Update 13
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
LimeWire
LimeWire 4.18.8
Malwarebytes' Anti-Malware
McAfee VirusScan Enterprise
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Disc 2
Microsoft Office Professional Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
MSN Music Assistant
MSXML 4.0 SP2 (KB954430)
NVIDIA Windows 2000/XP Display Drivers
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
PhotoDVD 2.9.6.1d
Picasa 3
QuickTime
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Serif PagePlus SE 1.0
SoundMAX
TaxCut Georgia 2007
TaxCut Georgia 2008
TaxCut Premium + State + Efile 2008
TaxCut Premium + State 2007
TechConnect
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Viewpoint Media Player
Windows Defender
Windows Live installer
Windows Live Mail
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3