When I tried to run ComboFix, it still had the problem of "freeware implementation of REG.exe has stopped working" and then later it said that an unknown program that was in the same folder as ComboFix had some problems installing and asking if i wanted to reinstall it. Since the computer was just restarting, i decided to click "the program was installed correctly".
When it rebooted, i noticed that the icon for Internet Explorer browser was on my desktop, when it has never been there before, and when i first saw it, the browser kept popping up. I deleted it off my desktop, but the icon kept reappearing back on my desktop.
Anyways, here is the HJT log, and I'll run combofix again if need be.
Oh wait... it's still on my copy board... LOL
ComboFix 08-01-31.1 - Mercuryrose88 2008-01-30 21:23:40.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.151 [GMT -5:00]
Running from: C:\Users\Mercuryrose88\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Windows\system32\drivers\core.cache.dsk . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-31 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-31 02:23 262,144 ----a-w C:\ProgramData\ntuser.dat
2008-01-30 00:06 932 ----a-w C:\Windows\system32\drivers\core.cache.dsk
2008-01-29 17:57 --------- d-----w C:\Program Files\Trend Micro
2008-01-29 15:31 --------- d-----w C:\Program Files\McAfee
2008-01-29 00:58 --------- d-----w C:\ProgramData\Avg7
2008-01-28 01:16 --------- d-----w C:\Program Files\Enigma Software Group
2008-01-27 19:37 81,920 ----a-w C:\Windows\System32\IEDFix.exe
2008-01-27 19:00 --------- d-----w C:\Program Files\Startup Mechanic
2008-01-27 17:09 86,144 ----a-w C:\Windows\system32\drivers\msteee.sys
2008-01-23 20:51 --------- d-----w C:\Program Files\Common Files\McAfee
2008-01-23 17:44 --------- d-----w C:\Program Files\Cisco Systems
2008-01-18 23:37 --------- d-----w C:\Program Files\QuickTime
2008-01-11 04:38 --------- d-----w C:\Users\Mercuryrose88\AppData\Roaming\SiteAdvisor
2008-01-09 22:19 --------- d-----w C:\Program Files\Windows Mail
2008-01-09 22:15 802,816 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-01-09 22:15 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-01-09 22:15 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-01-09 22:15 216,760 ----a-w C:\Windows\system32\drivers\netio.sys
2008-01-09 22:15 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-01-09 22:10 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-01-09 22:10 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-01-09 22:10 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-01-09 22:10 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-01-09 22:10 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-09 22:10 1,686,016 ----a-w C:\Windows\System32\gameux.dll
2008-01-09 22:09 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-01-09 22:09 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-09 22:09 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-01-09 22:09 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-01-09 22:09 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-01-09 22:09 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-01-09 22:09 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-09 22:06 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-09 22:06 --------- d-----w C:\Program Files\Windows Sidebar
2007-12-21 18:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-19 21:54 --------- d-----w C:\Program Files\SiteAdvisor
2007-12-12 22:13 --------- d-----w C:\ProgramData\Microsoft Help
2007-12-12 22:12 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-12-12 22:11 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-12 22:11 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-12 22:10 824,832 ----a-w C:\Windows\System32\wininet.dll
2007-12-12 22:09 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-12-12 22:09 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-12-12 22:09 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2007-12-12 22:08 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
2007-12-12 22:08 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
2007-12-12 22:08 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
2007-12-12 22:08 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
2007-12-12 22:04 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-12-12 22:04 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-12-09 13:56 --------- d-----w C:\Program Files\MSBuild
2007-12-09 13:48 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2007-12-07 21:26 --------- d-----w C:\Program Files\Gravity
2007-12-01 23:13 --------- d-----w C:\ProgramData\WildTangent
2007-11-17 21:15 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2007-11-13 22:04 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-11-13 22:04 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2007-11-13 22:04 542,720 ----a-w C:\Windows\System32\sysmain.dll
2007-11-13 22:04 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2007-11-13 22:04 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2007-11-13 22:04 297,984 ----a-w C:\Windows\System32\wlansec.dll
2007-11-13 22:04 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2007-11-13 22:04 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2007-11-13 22:04 2,923,520 ----a-w C:\Windows\explorer.exe
2007-11-13 22:04 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2007-11-13 22:02 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2007-11-13 22:02 8,704 ----a-w C:\Windows\System32\hccoin.dll
2007-10-29 11:23 110,592 ----a-w C:\Windows\System32\SynTPCo4.dll
2007-10-29 10:55 147,456 ----a-w C:\Windows\System32\SynTPAPI.dll
2007-10-29 10:47 196,608 ----a-w C:\Windows\System32\SynCtrl.dll
2007-10-29 10:47 163,840 ----a-w C:\Windows\System32\SynCOM.dll
2007-10-11 03:28 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-10-11 03:28 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-10-11 03:28 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-10-11 03:28 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-10-11 03:23 84,480 ----a-w C:\Windows\System32\INETRES.dll
2007-10-11 03:23 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2007-10-11 03:22 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
2007-10-04 04:36 25,600 ----a-w C:\Windows\System32\WS2Fix.exe
2007-09-02 21:38 938 ----a-w C:\Users\Mercuryrose88\AppData\Roaming\wklnhst.dat
2007-08-31 07:16 174 --sha-w C:\Program Files\desktop.ini
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ZipFile]
@={2D7E38A6-A604-45AE-9A87-4F5F25760650}
[HKEY_CLASSES_ROOT\CLSID\{2D7E38A6-A604-45AE-9A87-4F5F25760650}]
C:\Windows\System32\winsdrv.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 11:18 307200]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-18 22:54 5674352]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 07:36 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-29 13:08 1006264]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2006-10-18 11:14 35928]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 09:00 267064]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-08-24 19:54 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-08-24 19:54 154136]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-08-24 19:54 129560]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-10-29 06:02 102400]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33 582992]
C:\Users\Mercuryrose88\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 22:24:54 98632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
R2 ACEDRV09;ACEDRV09;C:\Windows\system32\drivers\ACEDRV09.sys [2007-09-07 13:11]
R3 FwLnk;FwLnk Driver;C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 01:11]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-08-24 19:39]
S4 KR10I;KR10I;C:\Windows\system32\drivers\kr10i.sys [2007-01-03 03:43]
S4 KR10N;KR10N;C:\Windows\system32\drivers\kr10n.sys [2007-01-03 03:43]
S4 KR3NPXP;KR3NPXP;C:\Windows\system32\drivers\kr3npxp.sys [2007-01-03 03:43]
.
Contents of the 'Scheduled Tasks' folder
"2008-01-29 15:49:01 C:\Windows\Tasks\At1.job"
- C:\ComboFix\kmd.exe
"2008-01-29 21:44:00 C:\Windows\Tasks\At2.job"
- C:\ComboFix\kmd.exe
"2008-01-31 02:29:00 C:\Windows\Tasks\At3.job"
- C:\ComboFix\kmd.exe
"2007-12-15 08:32:28 C:\Windows\Tasks\McDefragTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe'
"2008-01-01 06:00:16 C:\Windows\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-30 21:32:14
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Toshiba\IVP\ISM\pinger.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\conime.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-01-30 21:36:44 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-31 02:36:27
ComboFix2.txt 2008-01-29 21:58:46
.
2008-01-09 22:15:36 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:19 PM, on 1/30/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.6.14.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0027931201705853) (0027931201705853mcinstcleanup) - Unknown owner - C:\Windows\TEMP\002793~1.EXE (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 8753 bytes
PS- my friend offered to help by using a linux disk, which I heard online is a way to fix this kind of virus. Will this have to come to that?
Thank you very much!