Need Help with Win32/Adware.virtumonde /privacyremover.m64
upon reading some posts I followed the combofix which produced this output:

ComboFix 08-08-24.03 - Steve 2008-08-26 7:55:35.1 - NTFSx86
Running from: C:\Documents and Settings\Steve\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Desktop\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\License Agreement.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008\Uninstall.lnk
C:\Documents and Settings\Steve\Application Data\macromedia\Flash Player\#SharedObjects\GTW9B3SH\interclick.com
C:\Documents and Settings\Steve\Application Data\macromedia\Flash Player\#SharedObjects\GTW9B3SH\interclick.com\ud.sol
C:\Documents and Settings\Steve\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Steve\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Documents and Settings\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk
C:\Documents and Settings\Steve\Application Data\rhclddj0el9l
C:\Documents and Settings\Steve\Cookies\steve@fastclick[2].txt
C:\Program Files\rhclddj0el9l
C:\WINDOWS\system32\blphcgddj0el9l.scr
C:\WINDOWS\system32\lphcgddj0el9l.exe
C:\WINDOWS\system32\phcgddj0el9l.bmp
C:\WINDOWS\system32\pphcgddj0el9l.exe

.
((((((((((((((((((((((((( Files Created from 2008-07-26 to 2008-08-26 )))))))))))))))))))))))))))))))
.

2008-08-25 07:27 . 2008-08-25 07:27 <DIR> d-------- C:\WINDOWS\SYSTEM32\DRIVERS\Avg
2008-08-25 07:27 . 2008-08-25 07:27 <DIR> d-------- C:\Program Files\AVG
2008-08-25 07:27 . 2008-08-25 07:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-08-25 07:27 . 2008-08-25 07:27 96,520 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys
2008-08-25 07:27 . 2008-08-25 07:27 75,272 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys
2008-08-25 07:27 . 2008-08-25 07:27 10,520 --a------ C:\WINDOWS\SYSTEM32\avgrsstx.dll
2008-08-25 06:50 . 2008-08-25 06:50 3,570 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2008-08-25 06:49 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2008-08-25 06:49 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2008-08-25 06:49 . 2008-05-29 09:35 86,528 --a------ C:\WINDOWS\SYSTEM32\VACFix.exe
2008-08-25 06:49 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\SYSTEM32\IEDFix.exe
2008-08-25 06:49 . 2008-08-14 21:52 82,432 --a------ C:\WINDOWS\SYSTEM32\IEDFix.C.exe
2008-08-25 06:49 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\SYSTEM32\404Fix.exe
2008-08-25 06:49 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2008-08-25 06:49 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2008-08-25 06:49 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2008-08-24 23:23 . 2008-08-24 23:23 <DIR> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-08-24 22:31 . 2005-03-11 20:42 59,392 --a------ C:\WINDOWS\isxdl.dll
2008-08-22 17:48 . 2008-08-22 17:48 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-13 22:38 . 2008-05-01 09:30 331,776 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\msadce.dll
2008-08-12 07:39 . 2008-08-12 07:39 <DIR> d-------- C:\Documents and Settings\Stephanie\Application Data\Yahoo! Messenger
2008-08-05 19:54 . 2008-08-05 19:54 <DIR> d-------- C:\Program Files\IrfanView
2008-07-26 08:51 . 2008-07-26 08:51 7,680 --ahs---- C:\WINDOWS\Thumbs.db
2008-07-26 08:25 . 2008-07-26 08:26 <DIR> d-------- C:\WINDOWS\MVUNINST
2008-07-26 08:25 . 2008-07-26 08:26 <DIR> d-------- C:\STOMP35
2008-07-26 08:25 . 2008-07-26 08:25 <DIR> d-------- C:\Program Files\MVAPPS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-26 12:17 28,672 ----a-w C:\WINDOWS\Internet Logs\xDB94.tmp
2008-08-26 12:12 4,388,352 ----a-w C:\WINDOWS\Internet Logs\xDB92.tmp
2008-08-25 13:09 4,389,888 ----a-w C:\WINDOWS\Internet Logs\xDB90.tmp
2008-08-25 13:09 22,016 ----a-w C:\WINDOWS\Internet Logs\xDB91.tmp
2008-08-25 11:21 20,480 ----a-w C:\WINDOWS\Internet Logs\xDB8F.tmp
2008-08-25 11:19 4,364,288 ----a-w C:\WINDOWS\Internet Logs\xDB8E.tmp
2008-08-25 10:55 20,480 ----a-w C:\WINDOWS\Internet Logs\xDB8C.tmp
2008-08-25 10:54 4,363,264 ----a-w C:\WINDOWS\Internet Logs\xDB8B.tmp
2008-08-25 10:44 --------- d-----w C:\Program Files\Norton SystemWorks
2008-08-25 10:20 18,944 ----a-w C:\WINDOWS\Internet Logs\xDB8A.tmp
2008-08-25 10:19 4,364,288 ----a-w C:\WINDOWS\Internet Logs\xDB89.tmp
2008-08-25 09:55 25,600 ----a-w C:\WINDOWS\Internet Logs\xDB88.tmp
2008-08-25 09:50 4,367,872 ----a-w C:\WINDOWS\Internet Logs\xDB87.tmp
2008-08-25 04:05 41,984 ----a-w C:\WINDOWS\Internet Logs\xDB8D.tmp
2008-08-25 04:05 4,368,896 ----a-w C:\WINDOWS\Internet Logs\xDB86.tmp
2008-08-24 12:51 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-08-23 19:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-08-22 21:07 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-08-22 21:01 100,352 ----a-w C:\WINDOWS\Internet Logs\xDB83.tmp
2008-08-22 20:22 28,672 ----a-w C:\WINDOWS\Internet Logs\xDB85.tmp
2008-08-22 20:12 4,360,192 ----a-w C:\WINDOWS\Internet Logs\xDB84.tmp
2008-08-22 15:44 4,363,264 ----a-w C:\WINDOWS\Internet Logs\xDB82.tmp
2008-08-22 03:48 --------- d-----w C:\Documents and Settings\Stephanie\Application Data\AdobeUM
2008-08-16 21:04 --------- d-----w C:\Documents and Settings\Steve\Application Data\Canon
2008-08-13 20:15 --------- d-----w C:\Documents and Settings\Steve\Application Data\AdobeUM
2008-08-12 03:03 4,336,640 ----a-w C:\WINDOWS\Internet Logs\xDB80.tmp
2008-08-12 03:03 22,016 ----a-w C:\WINDOWS\Internet Logs\xDB81.tmp
2008-08-11 22:19 37,376 ----a-w C:\WINDOWS\Internet Logs\xDB7F.tmp
2008-08-11 22:17 4,344,832 ----a-w C:\WINDOWS\Internet Logs\xDB7E.tmp
2008-08-11 21:41 --------- d-----w C:\Documents and Settings\Stephanie\Application Data\Symantec
2008-08-08 06:29 4,340,224 ----a-w C:\WINDOWS\Internet Logs\xDB7C.tmp
2008-08-08 06:29 29,696 ----a-w C:\WINDOWS\Internet Logs\xDB7D.tmp
2008-08-06 11:27 123,392 ----a-w C:\WINDOWS\Internet Logs\xDB7B.tmp
2008-08-06 11:24 4,358,656 ----a-w C:\WINDOWS\Internet Logs\xDB7A.tmp
2008-07-17 16:38 4,345,856 ----a-w C:\WINDOWS\Internet Logs\xDB78.tmp
2008-07-17 16:38 110,592 ----a-w C:\WINDOWS\Internet Logs\xDB79.tmp
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\SYSTEM32\es.dll
2008-07-07 20:32 253,952 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\es.dll
2008-07-05 06:51 4,322,304 ----a-w C:\WINDOWS\Internet Logs\xDB76.tmp
2008-07-05 06:51 31,232 ----a-w C:\WINDOWS\Internet Logs\xDB77.tmp
2008-07-04 21:22 4,318,208 ----a-w C:\WINDOWS\Internet Logs\xDB74.tmp
2008-07-04 21:22 154,112 ----a-w C:\WINDOWS\Internet Logs\xDB75.tmp
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\SYSTEM32\mscms.dll
2008-06-24 16:23 74,240 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mscms.dll
2008-06-24 15:57 3,592,192 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2008-06-23 09:20 70,656 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2008-06-23 09:20 625,664 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\SYSTEM32\mswsock.dll
2008-06-20 17:41 245,248 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip6.sys
2008-06-18 06:45 4,325,888 ----a-w C:\WINDOWS\Internet Logs\xDB73.tmp
2008-06-13 13:10 272,128 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\bthport.sys
2008-06-08 20:05 4,315,136 ----a-w C:\WINDOWS\Internet Logs\xDB71.tmp
2008-06-08 07:02 130,560 ----a-w C:\WINDOWS\Internet Logs\xDB72.tmp
2004-05-16 18:07 32 --sha-w C:\WINDOWS\{308F7D85-F297-4303-8DA1-6576660FD761}.dat
2004-05-16 18:05 32 --sha-w C:\WINDOWS\{55632152-313C-441C-82E7-4DE733156136}.dat
2004-05-16 18:06 32 --sha-w C:\WINDOWS\{99493DF4-9D43-4145-ABED-FE15063F6D9A}.dat
2004-05-16 18:08 32 --sha-w C:\WINDOWS\{9D72141C-C303-4B5E-9F0D-8050019A0FBA}.dat
2004-05-16 18:05 32 --sha-w C:\WINDOWS\{DE342CAA-4BE0-4E10-80FC-D63C7747199D}.dat
2004-05-16 18:05 32 --sha-w C:\WINDOWS\{FB3659FB-2205-4EDC-A52F-B89AE40AA04B}.dat
2004-05-16 18:06 32 --sha-w C:\WINDOWS\SYSTEM32\{10B59B15-2F42-49F0-8BB2-490515B657C6}.dat
2004-05-16 18:07 32 --sha-w C:\WINDOWS\SYSTEM32\{17142EDD-9851-4231-AC6A-586585D4A86B}.dat
2004-05-16 18:05 32 --sha-w C:\WINDOWS\SYSTEM32\{1990D04C-E24C-4E48-BCB6-611AF0A05C39}.dat
2004-05-16 18:05 32 --sha-w C:\WINDOWS\SYSTEM32\{733EA872-C2B4-4C56-AE69-D04621ABCA46}.dat
2004-05-16 18:05 32 --sha-w C:\WINDOWS\SYSTEM32\{B6BB9A60-59A5-4E7F-A0A0-23337408740B}.dat
2004-05-16 18:08 32 --sha-w C:\WINDOWS\SYSTEM32\{F1061651-F796-4527-ABF0-636DEBD25CA9}.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" [2003-10-29 15:41 663552]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 11:09 460784]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe" [2004-11-11 20:50 212992]
"C:_Program Files_WordPerfe3a"="C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe" [2003-03-07 04:58 57344]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 09:23 202544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-11-03 13:46 4800512]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2003-08-06 01:04 114741]
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe" [2003-08-13 10:27 28672]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-03-09 11:47 71328]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security\UrlLstCk.exe" [2003-12-11 18:35 70800]
"GhostStartTrayApp"="C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe" [2002-08-14 14:21 94208]
"IPInSightMonitor 01"="C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe" [2003-07-14 14:30 98304]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50 81920]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-05-22 14:36 100056]
"diagent"="C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 01:01 135264]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 09:24 16384]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-25 07:27 1177368]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2004-05-11 02:32:25 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ctmp3"= C:\WINDOWS\System32\ctmp3.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE"=
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-25 07:27]
R1 GhPciScan;GhostPciScanner;C:\Program Files\Norton SystemWorks\Norton Ghost\ghpciscan.sys [2002-08-14 14:11]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-25 07:27]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-25 07:27]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-08-25 07:27]
R3 StkMini;VideoAdvantage USB;C:\WINDOWS\system32\Drivers\StkMini.sys [2004-08-31 23:23]
R3 StkScan;VideoAdvantage Still Image;C:\WINDOWS\system32\Drivers\StkScan.sys [2004-08-31 23:25]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]
.
Contents of the 'Scheduled Tasks' folder

2008-08-15 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe []

2007-10-17 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Steve.job
- C:\PROGRA~1\NORTON~1\NORTON~1\NAVW32.EXE [2003-12-04 17:22]

2008-08-19 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe [2003-12-04 17:22]

2008-08-22 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job
- C:\Program Files\Norton SystemWorks\OBC.exe [2002-09-29 20:57]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-lphcgddj0el9l - C:\WINDOWS\system32\lphcgddj0el9l.exe
HKLM-Run-SMrhclddj0el9l - C:\Program Files\rhclddj0el9l\rhclddj0el9l.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Steve\Application Data\Mozilla\Firefox\Profiles\p1jkgp60.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://yahoo.sbc.com/dsl
.
.
------- File Associations (Beta) -------
.
inffile=C:\I386\NOTEPAD.EXE %1
inifile=C:\I386\NOTEPAD.EXE %1
txtfile=C:\I386\NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-26 08:09:16
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\WINDOWS\SYSTEM32\CTsvcCDA.EXE
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\SYSTEM32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\SYSTEM32\UStorSrv.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\SYSTEM32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\WINDOWS\SYSTEM32\wscntfy.exe
C:\WINDOWS\SYSTEM32\taskmgr.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Completion time: 2008-08-26 9:18:33 - machine was rebooted [Steve]
ComboFix-quarantined-files.txt 2008-08-26 14:18:27

Pre-Run: 10,358,059,008 bytes free
Post-Run: 10,336,718,848 bytes free

256 --- E O F --- 2008-08-15 22:53:38

Then I ran a Hijackthis which produce this output:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:24:20, on 8/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (file missing)
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE

--
End of file - 12225 bytes

Now what do I do ? Thanks......

slmitten, Welcome to Geeks-To-Go. My name is GravityGripp and I'll be assisting you with your issues.

Please note that I am still in training and will be working with an expert on these issues so there may be a slight delay in my responses.

If I have not responded to you in a time period longer than 4 days, please feel free to PM me.

The first thing I'd like to get from you is a new log since this one is several days old. Also, please refrain from using tools like ComboFix without expert guidance, these tools are powerful and could potentially render your machine unusable without proper knowledge of how they work.

Thanks and I look forward to working with you.


STEP ONE

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

log.txt output :

Logfile of random's system information tool (written by random/random)
Run by Steve at 2008-09-05 07:21:19
Microsoft Windows XP Professional Service Pack 2
System drive C: has 14 GB (19%) free of 76 GB
Total RAM: 511 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:21:57, on 9/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UStorSrv.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\WISPTIS.EXE
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Documents and Settings\Steve\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Steve.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [C:_Program Files_WordPerfe3a] C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe /Watch
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\GHOSTS~2.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (file missing)
O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE

--
End of file - 12950 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer - Steve.job
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-08-31 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-08-14 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2003-08-06 106548]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}]
CNisExtBho Class - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll [2003-11-21 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
CNavExtBho Class - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll [2003-12-04 103368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - Web assistant - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll [2003-11-21 126976]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll [2003-12-04 103368]
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-11-03 4800512]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2003-08-06 114741]
"DVDSentry"=C:\WINDOWS\System32\DSentry.exe [2003-08-13 28672]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-03-09 71328]
"URLLSTCK.exe"=C:\Program Files\Norton Internet Security\UrlLstCk.exe [2003-12-11 70800]
"GhostStartTrayApp"=C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe [2002-08-14 94208]
"IPInSightMonitor 01"=C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe [2003-07-14 98304]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]
"Symantec NetDriver Monitor"=C:\PROGRA~1\SYMNET~1\SNDMon.exe [2005-05-22 100056]
"diagent"=C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe [2002-04-03 135264]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-08-31 1235736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2003-10-29 663552]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"PhotoShow Deluxe Media Manager"=C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe [2004-11-11 212992]
"C:_Program Files_WordPerfe3a"=C:\Program Files\WordPerfect Office 11\Programs\CorUpd.exe [2003-03-07 57344]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2007-11-15 202544]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-08-18 1832272]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\PROGRA~1\Yahoo!\MESSEN~1\YPAGER.EXE"="C:\PROGRA~1\Yahoo!\MESSEN~1\YPAGER.EXE:*:Enabled:Yahoo! Messenger"
"C:\PROGRA~1\Yahoo!\MESSEN~1\yserver.exe"="C:\PROGRA~1\Yahoo!\MESSEN~1\yserver.exe:*:Enabled:Yahoo! FT Server"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

File associations

.bat - edit - C:\I386\NOTEPAD.EXE %1
.cmd - edit - C:\I386\NOTEPAD.EXE %1
.inf - open - C:\I386\NOTEPAD.EXE %1
.ini - open - C:\I386\NOTEPAD.EXE %1
.js - edit - C:\I386\NOTEPAD.EXE %1
.reg - edit - C:\I386\NOTEPAD.EXE %1
.txt - open - C:\I386\NOTEPAD.EXE %1
.vbs - edit - C:\I386\NOTEPAD.EXE %1

List of files/folders created in the last three months

2008-09-05 07:21:19 ----D---- C:\rsit
2008-08-31 13:11:58 ----D---- C:\Program Files\Lavasoft
2008-08-31 13:11:54 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-31 13:10:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-27 04:16:10 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-08-26 16:29:34 ----HD---- C:\$AVG8.VAULT$
2008-08-26 09:18:36 ----A---- C:\ComboFix.txt
2008-08-26 08:06:34 ----D---- C:\WINDOWS\temp
2008-08-26 07:54:27 ----D---- C:\WINDOWS\erdnt
2008-08-26 07:53:30 ----A---- C:\WINDOWS\Nircmd.exe
2008-08-26 07:53:29 ----A---- C:\WINDOWS\zip.exe
2008-08-26 07:53:29 ----A---- C:\WINDOWS\VFind.exe
2008-08-26 07:53:29 ----A---- C:\WINDOWS\swxcacls.exe
2008-08-26 07:53:29 ----A---- C:\WINDOWS\swsc.exe
2008-08-26 07:53:29 ----A---- C:\WINDOWS\swreg.exe
2008-08-26 07:53:29 ----A---- C:\WINDOWS\sed.exe
2008-08-26 07:53:29 ----A---- C:\WINDOWS\grep.exe
2008-08-26 07:53:29 ----A---- C:\WINDOWS\fdsv.exe
2008-08-26 07:53:26 ----D---- C:\ComboFix
2008-08-26 07:47:20 ----D---- C:\QooBox
2008-08-25 07:27:57 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-08-25 07:27:12 ----D---- C:\Program Files\AVG
2008-08-25 07:27:12 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-08-25 06:50:22 ----A---- C:\WINDOWS\system32\tmp.txt
2008-08-25 06:50:12 ----A---- C:\rapport.txt
2008-08-25 06:49:49 ----A---- C:\WINDOWS\system32\WS2Fix