[The Sorcerers Apprentice]

Can anyone help please?

I have Sophos running on my Vista Ultimate PC and Gods knows how have picked up th Troj/Virtum-Gen virus/spyware. I am not a teckie as such but gleemed enough out or previous posings to run ComboFix which generated the text file below. Could someone give me the next steps please!!!!

omboFix 08-06-20.4 - Simon 2008-06-22 19:04:35.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.2021 [GMT 1:00]
Running from: C:\Users\Simon\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2008-05-22 to 2008-06-22 )))))))))))))))))))))))))))))))
.

2008-06-22 14:13 . 2008-06-22 14:13 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-06-22 14:11 . 2008-06-22 14:14 <DIR> d-------- C:\Users\Simon\AppData\Roaming\PC Suite
2008-06-22 14:11 . 2008-06-22 14:13 <DIR> d-------- C:\Users\All Users\PC Suite
2008-06-22 14:11 . 2008-06-22 14:13 <DIR> d-------- C:\ProgramData\PC Suite
2008-06-22 14:10 . 2008-06-22 14:13 <DIR> d-------- C:\Users\Simon\AppData\Roaming\Nokia
2008-06-22 14:10 . 2008-06-22 14:10 <DIR> d-------- C:\Program Files\DIFX
2008-06-22 14:10 . 2008-06-22 14:10 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-06-22 14:10 . 2008-06-22 14:10 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-06-22 14:10 . 2007-09-17 15:53 21,632 --a------ C:\Windows\System32\drivers\pccsmcfd.sys
2008-06-22 14:07 . 2008-06-22 14:10 <DIR> d----c--- C:\Windows\System32\DRVSTORE
2008-06-22 14:07 . 2008-06-22 14:07 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-06-22 13:57 . 2008-06-22 13:57 <DIR> d-------- C:\Users\All Users\Installations
2008-06-22 13:57 . 2008-06-22 13:57 <DIR> d-------- C:\ProgramData\Installations
2008-06-22 13:57 . 2008-06-22 14:10 <DIR> d-------- C:\Program Files\Nokia
2008-06-22 13:42 . 2008-06-22 13:42 33,280 --a------ C:\Windows\System32\winhja32.rom
2008-06-22 13:34 . 2008-06-22 13:49 <DIR> d-------- C:\Users\Simon\AppData\Roaming\zweitgeist
2008-06-22 13:13 . 2008-06-22 13:13 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-06-22 13:13 . 2008-06-22 13:50 <DIR> d-------- C:\Program Files\Ahead
2008-06-22 13:13 . 2004-07-20 17:24 1,568,768 --------- C:\Windows\System32\ImagX7.dll
2008-06-22 13:13 . 2004-07-20 17:24 476,320 --------- C:\Windows\System32\ImagXpr7.dll
2008-06-22 13:13 . 2004-07-20 17:24 471,040 --------- C:\Windows\System32\ImagXRA7.dll
2008-06-22 13:13 . 2004-07-09 09:43 364,544 --------- C:\Windows\System32\TwnLib4.dll
2008-06-22 13:13 . 2004-07-20 17:24 262,144 --------- C:\Windows\System32\ImagXR7.dll
2008-06-22 13:13 . 2001-07-09 11:50 155,648 --a------ C:\Windows\System32\NeroCheck.exe
2008-06-22 13:13 . 2004-03-03 21:30 125,184 --------- C:\Windows\System32\drivers\imagesrv.sys
2008-06-22 13:13 . 2000-06-26 11:45 106,496 --a------ C:\Windows\System32\TwnLib20.dll
2008-06-22 13:13 . 2001-06-26 08:15 38,912 --------- C:\Windows\System32\picn20.dll
2008-06-22 13:13 . 2004-03-03 21:30 5,504 --------- C:\Windows\System32\drivers\imagedrv.sys
2008-06-16 16:40 . 2008-06-16 16:42 <DIR> d-------- C:\Users\Public\becka's things
2008-06-15 11:42 . 2008-06-20 18:01 <DIR> d-------- C:\Program Files\iLinc
2008-06-14 19:45 . 2008-04-23 06:11 1,244,672 --a------ C:\Windows\System32\mcmde.dll
2008-06-14 19:45 . 2008-04-23 05:27 428,032 --a------ C:\Windows\System32\EncDec.dll
2008-06-14 19:45 . 2008-04-23 06:12 292,352 --a------ C:\Windows\System32\psisdecd.dll
2008-06-14 19:45 . 2008-04-23 06:12 218,624 --a------ C:\Windows\System32\psisrndr.ax
2008-06-14 19:45 . 2008-04-23 06:12 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-06-14 19:45 . 2008-04-23 06:11 68,608 --a------ C:\Windows\System32\Mpeg2Data.ax
2008-06-14 19:45 . 2008-04-23 06:11 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-05-28 07:48 . 2008-03-08 01:37 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-05-28 07:48 . 2008-03-08 05:30 1,686,528 --a------ C:\Windows\System32\gameux.dll
2008-05-23 22:40 . 2008-05-23 22:55 <DIR> d-------- C:\Users\Simon\AppData\Roaming\ZoomBrowser EX
2008-05-23 22:36 . 2008-05-23 22:53 <DIR> d-------- C:\Users\All Users\ZoomBrowser
2008-05-23 22:36 . 2008-05-23 22:53 <DIR> d-------- C:\ProgramData\ZoomBrowser
2008-05-23 22:34 . 2008-05-23 22:49 <DIR> d-------- C:\Program Files\Canon
2008-05-23 22:34 . 2000-02-18 18:45 2,700,288 --a------ C:\Windows\System32\opapi11.dll
2008-05-23 22:34 . 1997-01-22 21:26 565,760 --------- C:\Windows\System32\MSVCP50.DLL
2008-05-23 22:34 . 1998-01-23 12:22 304,128 --a------ C:\Windows\IsUninst.exe
2008-05-23 21:40 . 2008-05-23 22:35 <DIR> d-------- C:\Program Files\Common Files\Canon

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-11 20:18 --------- d-----w C:\Program Files\Windows Mail
2008-06-10 16:13 --------- d-----w C:\ProgramData\Microsoft Help
2008-05-23 21:39 --------- d-----w C:\Program Files\Google
2008-05-21 15:59 --------- d-----w C:\Users\Rebecca\AppData\Roaming\Apple Computer
2008-05-17 06:42 --------- d-----w C:\ProgramData\FLEXnet
2008-05-13 18:49 --------- d-----w C:\ProgramData\UDL
2008-05-13 18:48 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-13 18:48 --------- d-----w C:\Program Files\EPSON
2008-05-10 15:04 --------- d-----w C:\ProgramData\BVRP Software
2008-05-10 15:04 --------- d-----w C:\Program Files\Avanquest update
2008-05-10 14:20 --------- d-----w C:\ProgramData\Sony Ericsson
2008-05-10 14:20 --------- d-----w C:\Program Files\Sony Ericsson
2008-05-10 03:30 14,848 ----a-w C:\Windows\System32\wshrm.dll
2008-05-10 01:21 113,664 ----a-w C:\Windows\system32\drivers\rmcast.sys
2008-05-07 18:36 --------- d-----w C:\Users\Simon\AppData\Roaming\Transparent
2008-05-03 14:07 --------- d-----w C:\ProgramData\Transparent
2008-05-03 14:07 --------- d-----w C:\Program Files\Transparent
2008-05-03 13:56 --------- d-----w C:\Program Files\Teaching-you
2008-05-03 13:49 --------- d-----w C:\Program Files\Belkin
2008-04-29 05:46 --------- d-----w C:\Users\Simon\AppData\Roaming\Roxio
2008-04-29 05:41 --------- d-----w C:\ProgramData\Dell
2008-04-29 05:40 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-29 03:50 181,760 ----a-w C:\Windows\System32\fsquirt.exe
2008-04-29 01:42 29,184 ----a-w C:\Windows\system32\drivers\BTHUSB.SYS
2008-04-29 01:42 220,160 ----a-w C:\Windows\system32\drivers\bthport.sys
2008-04-29 01:42 19,456 ----a-w C:\Windows\system32\drivers\bthenum.sys
2008-04-28 18:23 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-28 17:34 --------- d-----w C:\Program Files\MSBuild
2008-04-28 17:34 --------- d-----w C:\Program Files\Microsoft Works
2008-04-28 17:33 --------- d-----w C:\Program Files\Microsoft.NET
2008-04-28 17:31 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-04-28 07:02 --------- d-----w C:\Users\Simon\AppData\Roaming\InstallShield
2008-04-27 18:10 --------- d-----w C:\Users\Jean\AppData\Roaming\Logitech
2008-04-27 15:30 --------- d-----w C:\Users\Simon\AppData\Roaming\Apple Computer
2008-04-27 13:13 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-27 13:13 --------- d-----w C:\Program Files\Windows Live
2008-04-27 13:06 --------- d-----w C:\ProgramData\WLInstaller
2008-04-27 12:39 --------- d-----w C:\ProgramData\Apple Computer
2008-04-27 12:39 --------- d-----w C:\Program Files\QuickTime
2008-04-27 12:39 --------- d-----w C:\Program Files\iTunes
2008-04-27 12:39 --------- d-----w C:\Program Files\iPod
2008-04-27 12:39 --------- d-----w C:\Program Files\Bonjour
2008-04-27 12:38 --------- d-----w C:\ProgramData\Apple
2008-04-27 12:38 --------- d-----w C:\Program Files\Common Files\Apple
2008-04-27 12:38 --------- d-----w C:\Program Files\Apple Software Update
2008-04-26 17:27 41,984 ----a-w C:\Windows\system32\drivers\monitor.sys
2008-04-26 17:27 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-04-26 17:26 296,448 ----a-w C:\Windows\System32\gdi32.dll
2008-04-26 17:26 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-04-26 17:25 83,968 ----a-w C:\Windows\System32\dnsrslvr.dll
2008-04-26 17:25 24,576 ----a-w C:\Windows\System32\dnscacheugc.exe
2008-04-26 15:19 --------- d-----w C:\ProgramData\Sophos
2008-04-26 15:19 --------- d-----w C:\Program Files\Sophos
2008-04-26 15:19 --------- d-----w C:\Program Files\Common Files\Cisco Systems
2008-04-26 15:14 81,216 ----a-w C:\Windows\system32\drivers\savonaccess.sys
2008-04-26 15:13 17,920 ----a-w C:\Windows\System32\sophosboottasks.exe
2008-04-26 08:28 --------- d-----w C:\Users\Rebecca\AppData\Roaming\Logitech
2008-04-26 07:41 1,327,616 ----a-w C:\Windows\System32\quartz.dll
2008-04-25 18:42 --------- d-----w C:\ProgramData\McAfee
2008-04-25 18:36 --------- d-----w C:\Program Files\MSXML 4.0
2008-04-25 18:33 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-04-25 18:32 --------- d-----w C:\Users\Simon\AppData\Roaming\Logitech
2008-04-25 18:29 80,896 ----a-w C:\Windows\System32\wudriver.dll
2008-04-25 18:29 549,720 ----a-w C:\Windows\System32\wuapi.dll
2008-04-25 18:29 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2008-04-25 18:29 43,352 ----a-w C:\Windows\System32\wups2.dll
2008-04-25 18:29 33,624 ----a-w C:\Windows\System32\wups.dll
2008-04-25 18:29 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2008-04-25 18:29 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2008-04-25 18:28 31,232 ----a-w C:\Windows\System32\wuapp.exe
2008-04-25 18:28 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2008-04-25 18:27 --------- d-sh--w C:\ProgramData\Templates
2008-04-25 18:27 --------- d-sh--w C:\ProgramData\Start Menu
2008-04-25 18:27 --------- d-sh--w C:\ProgramData\Favorites
2008-04-25 18:27 --------- d-sh--w C:\ProgramData\Documents
2008-04-25 18:27 --------- d-sh--w C:\ProgramData\Desktop
2008-04-25 18:27 --------- d-sh--w C:\ProgramData\Application Data
2008-04-25 04:23 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-04-25 04:23 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-04-25 04:23 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-04-25 04:22 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-04-23 03:49 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-04-23 03:49 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2008-04-23 03:49 229,888 ----a-w C:\Windows\System32\msshsq.dll
2008-04-23 03:49 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2008-04-23 03:49 2,048 ----a-w C:\Windows\System32\msxml6r.dll
2008-04-23 03:49 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
2008-04-23 03:48 750,080 ----a-w C:\Windows\System32\qmgr.dll
2008-04-23 03:46 974,336 ----a-w C:\Windows\System32\crypt32.dll
2008-04-23 03:46 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2008-04-23 03:46 8,704 ----a-w C:\Windows\System32\hccoin.dll
2008-04-23 03:46 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2008-04-23 03:46 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys
2008-04-23 03:46 7,680 ----a-w C:\Windows\System32\spwmp.dll
2008-04-23 03:46 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys
2008-04-23 03:46 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2008-04-23 03:46 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys
2008-04-23 03:46 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2008-04-23 03:46 23,040 ----a-w C:\Windows\system32\drivers\usbuhci.sys
2008-04-23 03:46 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:34 125440]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 12:44 202544]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 16:19 356352]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-22 21:19 68856]
"MSSMSGS"="winhja32.rom,SOeRun" []
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 12:53 1079808]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:33 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="C:\Dell\E-Center\EULALauncher.exe" [2008-02-29 05:18 17920]
"Bluetooth HCI Monitor"="HCIMNTR.DLL" [2006-12-08 00:50 9728 C:\Windows\System32\HCIMNTR.DLL]
"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-12 09:40 405504]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-25 05:55 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-25 05:54 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-25 05:54 81920]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2008-04-22 21:08 77824]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 15:44 178712]
"Logitech Hardware Abstraction Layer"="C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-10-09 08:09 100888]
"Logitech BT Wizard"="LBTWiz.exe" []
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-22 21:19 29744]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 12:44 16384]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-12-14 14:25 244208]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-10-09 08:09 100888 C:\Windows\KHALMNPR.Exe]
"WPCUMI"="C:\Windows\system32\WpcUmi.exe" [2006-11-02 13:33 176128]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 12:44 202544]
"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [2001-07-09 11:50 155648]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
AutoUpdate Monitor.lnk - C:\Program Files\Sophos\AutoUpdate\ALMon.exe [2008-04-26 16:18:41 245760]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-13 11:43:38 715568]
SetPoint.lnk - C:\Program Files\SetPoint\SetPoint.exe [2008-04-22 21:12:22 679936]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService]
@="service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A9118919-1E1E-4FEB-8229-3195789F54D1}"= Disabled:UDP:C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{A3319CAB-BA8B-4A90-8976-74D76CCB7974}"= Disabled:TCP:C:\Program Files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{5F1B18D9-4D2A-4644-9724-A005649D0A93}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{07A68E40-3AC3-41E8-96E6-99D1CA9F3A8E}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{6877C0A5-C9DE-4A3F-AFEF-D6DC46559AAC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B6A380C3-13C5-4909-A98A-87C24F8AACB4}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{C734E60E-7DC8-476C-8C83-22EF952A1DDE}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{FDB5F0AC-9422-498C-A109-CAAD1D8523C8}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{CE1E148A-FD07-47BA-8063-59997CCDF421}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{6016752B-E051-47E4-B6FD-6C3A42B0D479}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{EA767D8B-6BA8-4D64-BCB7-BA78E9C734A3}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{34BF7DB9-B59A-4517-872B-DEC0E55E4468}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{DFD0F0F7-8F64-4C60-8C5C-EC8B1A8AF7C7}C:\\program files\\adobe\\photoshop elements 6.0\\adobephotoshopelementsmediaserver.exe"= UDP:C:\program files\adobe\photoshop elements 6.0\adobephotoshopelementsmediaserver.exe:AdobePhotoshopElementsMediaServer
"UDP Query User{00A8015B-E9FD-4A6D-AF90-9060B73DF31B}C:\\program files\\adobe\\photoshop elements 6.0\\adobephotoshopelementsmediaserver.exe"= TCP:C:\program files\adobe\photoshop elements 6.0\adobephotoshopelementsmediaserver.exe:AdobePhotoshopElementsMediaServer

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 SAVOnAccess;SAVOnAccess;C:\Windows\system32\DRIVERS\savonaccess.sys [2008-04-26 16:14]
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 00:45]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-03-11 12:44]
R3 btwaudio;Bluetooth Audio Device Service;C:\Windows\system32\drivers\btwaudio.sys [2007-04-02 05:42]
R3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys [2007-04-02 05:42]
R3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-04-02 05:42]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys [2007-11-20 08:20]
R3 LazerUsb;Lumanate Lazer USB;C:\Windows\system32\DRIVERS\LazerUsb.sys [2007-08-29 10:33]
S2 RoxLiveShare10;LiveShare P2P Server 10;"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" [2007-12-14 14:25]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe" [2007-12-14 14:25]
S2 SessionLauncher;SessionLauncher;C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe []
S3 GoogleDesktopManager-010708-104812;Google Desktop Manager 5.7.801.7324;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-22 21:19]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 08:36]
S3 RoxMediaDB10;RoxMediaDB10;"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe" [2007-12-14 14:25]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2f34c5a0-2c37-11dd-b987-001cdf591c1f}]
\shell\AutoRun\command - K:\Autorun.exe /run
\shell\Shell00\Command - K:\Autorun.exe /run
\shell\Shell01\Command - K:\Autorun.exe /action
\shell\Shell02\Command - K:\Autorun.exe /uninstall

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-22 19:07:55
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\Windows\TEMP\TMP00000077CA6811AA73076696 524288 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2008-06-22 19:08:59
ComboFix-quarantined-files.txt 2008-06-22 18:08:54

Pre-Run: 800,550,686,720 bytes free
Post-Run: 801,110,978,560 bytes free

265 --- E O F --- 2008-06-20 14:09:18