little help with combofix

Hello i've used combofix trying to remove some .dll's i know are infections but it seems not to delete all here is the full combofix log could someone please create the .txt file i should move into combofix which includes the files i should delete. " im a bit a advanced user so i know about combofix "
just need the .txt file please.

ComboFix 09-02-18.01 - Hussein 2009-02-19 16:47:23.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1015.606 [GMT 2:00]
Running from: c:\documents and settings\Hussein\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\9.tmp
c:\windows\system32\drivers\ntndis.sys
D:\resycled

.
((((((((((((((((((((((((( Files Created from 2009-01-19 to 2009-02-19 )))))))))))))))))))))))))))))))
.

2009-02-19 16:56 . 2009-02-19 16:56 48,128 --a------ c:\windows\system32\wvUnMfec.dll
2009-02-18 21:32 . 2009-02-18 21:32 47,616 --a------ c:\windows\system32\iifefETj.dll
2009-02-18 16:18 . 2009-02-18 16:18 592 --a------ c:\windows\chgkey.vbs
2009-02-16 21:30 . 2009-02-16 21:30 <DIR> d-------- c:\program files\Common Files\Adobe Systems Shared
2009-02-16 21:30 . 2009-02-16 21:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\Adobe Systems
2009-02-16 21:29 . 2009-02-16 21:30 488 --a------ C:\hpfr3420.xml
2009-02-16 21:28 . 2009-02-16 21:28 <DIR> d-------- c:\documents and settings\Hussein\Application Data\Hewlett-Packard
2009-02-16 21:26 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-02-16 21:26 . 2004-08-03 22:58 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-02-16 21:25 . 2004-10-08 03:16 35,840 --a------ c:\windows\system32\drivers\AFS2K.SYS
2009-02-16 21:23 . 2009-02-16 21:23 <DIR> d-------- c:\program files\Common Files\Hewlett-Packard
2009-02-16 21:21 . 2009-02-16 21:25 <DIR> d-------- c:\program files\Hewlett-Packard
2009-02-16 21:21 . 2009-02-16 21:25 20,458 --a------ c:\windows\hpoins01.dat
2009-02-16 21:21 . 2003-04-07 22:31 16,622 --------- c:\windows\hpomdl01.dat
2009-02-16 21:20 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-02-16 21:20 . 2004-08-03 23:08 31,616 --a--c--- c:\windows\system32\dllcache\usbccgp.sys
2009-02-16 21:20 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-02-16 21:20 . 2004-08-03 23:01 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2009-02-16 19:02 . 2009-02-16 19:02 <DIR> d-------- c:\program files\Avira
2009-02-16 19:02 . 2009-02-16 19:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-02-16 18:19 . 2009-02-16 18:19 168 --a------ c:\windows\system32\8.tmp
2009-02-16 18:16 . 2009-02-16 18:16 168 --a------ c:\windows\system32\11.tmp
2009-02-16 18:16 . 2009-02-16 18:16 0 --a------ c:\windows\system32\15.tmp
2009-02-16 17:55 . 2009-02-16 17:55 168 --a------ c:\windows\system32\C.tmp
2009-02-16 15:26 . 2009-02-16 15:26 172 --a------ c:\windows\system32\1F.tmp
2009-02-16 15:26 . 2009-02-16 15:26 0 --a------ c:\windows\system32\22.tmp
2009-02-16 15:26 . 2009-02-16 15:26 0 --a------ c:\windows\system32\21.tmp
2009-02-15 22:47 . 2009-02-15 23:01 <DIR> d-------- c:\windows\system32\CatRoot_bak
2009-02-15 22:39 . 2009-02-15 22:39 <DIR> d-------- c:\program files\MSXML 4.0
2009-02-14 17:25 . 2008-08-14 11:57 2,185,984 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-14 17:25 . 2008-08-14 11:55 2,142,720 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-14 17:25 . 2008-08-14 11:18 2,062,976 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-14 17:25 . 2008-08-14 11:18 2,020,864 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-13 23:09 . 2008-06-13 15:10 272,128 --------- c:\windows\system32\drivers\bthport.sys
2009-02-13 23:09 . 2008-06-13 15:10 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-02-13 21:28 . 2008-10-24 13:10 453,632 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-13 20:28 . 2008-09-05 23:30 1,480,232 --a------ c:\windows\system32\legitcheckcontrol.dll.bak
2009-02-13 20:28 . 2008-09-05 23:29 917,032 --a------ c:\windows\system32\wgatray.exe.bak
2009-02-13 20:28 . 2008-09-05 23:30 241,704 --a------ c:\windows\system32\wgalogon.dll.bak
2009-02-13 20:28 . 2008-03-30 09:06 200,064 --a------ c:\windows\system32\WgaLogon(4).dll
2009-02-13 20:28 . 2008-03-30 09:06 200,064 --a------ c:\windows\system32\WgaLogon(3).dll
2009-02-12 21:22 . 2009-02-12 21:22 <DIR> d-------- c:\program files\TGTSoft
2009-02-12 20:47 . 2009-02-13 16:02 <DIR> d-------- c:\windows\Icons
2009-02-12 20:47 . 2009-02-13 15:54 <DIR> d-------- c:\program files\FileSubmit
2009-02-12 14:23 . 2004-05-23 14:00 221,184 --a------ c:\windows\system32\wmpns.dll
2009-02-09 17:04 . 2009-02-09 17:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Bluetooth
2009-02-09 17:02 . 2009-02-09 17:02 <DIR> d-------- c:\program files\IVT Corporation
2009-02-09 17:02 . 2004-09-21 18:18 148,830 --a------ c:\windows\system32\drivers\bcbthub.sys
2009-02-09 17:02 . 2004-09-21 18:18 116,021 --a------ c:\windows\system32\drivers\fw203x.sys
2009-02-09 17:02 . 2004-11-05 11:39 82,148 --a------ c:\windows\system32\drivers\VcommMgr.sys
2009-02-09 17:02 . 2004-10-19 13:37 61,312 --a------ c:\windows\system32\drivers\VComm.sys
2009-02-09 17:02 . 2004-10-19 13:40 28,207 --a------ c:\windows\system32\drivers\BTHidMgr.sys
2009-02-09 17:02 . 2005-01-17 14:48 23,000 --a------ c:\windows\system32\drivers\btcusb.sys
2009-02-09 17:02 . 2004-10-19 11:39 20,096 --a------ c:\windows\system32\drivers\blueletaudio.sys
2009-02-09 17:02 . 2004-12-16 16:32 13,304 --a------ c:\windows\system32\drivers\BTNetFilter.sys
2009-02-09 17:02 . 2004-09-22 18:08 12,504 --a------ c:\windows\system32\drivers\VHIDMini.sys
2009-02-09 17:02 . 2005-01-13 15:20 12,500 --a------ c:\windows\system32\drivers\vbtenum.sys
2009-02-09 17:02 . 2004-09-21 18:15 10,804 --a------ c:\windows\system32\drivers\BtNetDrv.sys
2009-02-09 17:02 . 2004-09-21 18:18 7,680 --a------ c:\windows\system32\btinstall.dll
2009-02-08 22:04 . 2009-02-16 15:15 <DIR> d-------- c:\program files\TeamViewer
2009-02-08 16:00 . 2009-02-18 16:53 <DIR> d-------- c:\documents and settings\Hussein\Application Data\TeamViewer
2009-02-08 15:59 . 2009-02-08 15:59 <DIR> d-------- c:\documents and settings\Hussein\temp
2009-02-08 15:46 . 2009-02-08 15:46 <DIR> d-------- c:\program files\Trend Micro
2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\system32\sirenacm.dll
2009-02-04 22:19 . 2009-02-04 22:19 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-04 22:19 . 2009-02-04 22:19 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-04 20:25 . 2006-09-26 13:57 28,672 --a------ c:\windows\system32\AVEQT.dll
2009-02-04 20:24 . 2009-02-04 20:26 <DIR> d-------- c:\program files\Allok MP3 to AMR Converter
2009-02-04 20:24 . 2004-12-20 16:19 129,024 --a------ c:\windows\system32\AVERM.dll
2009-02-04 15:58 . 2009-02-04 15:58 <DIR> d-------- c:\documents and settings\Hussein\Application Data\Malwarebytes
2009-02-04 15:58 . 2009-02-04 15:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-03 22:06 . 2009-02-03 22:06 <DIR> d-------- C:\1
2009-02-03 19:21 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2009-02-01 21:26 . 2009-02-01 21:26 <DIR> d-------- c:\documents and settings\Hussein\Application Data\Sonic
2009-02-01 21:24 . 2009-02-16 21:30 <DIR> d-------- c:\program files\Common Files\Adobe
2009-02-01 18:30 . 2009-02-01 18:30 <DIR> d-------- c:\program files\CCleaner
2009-02-01 16:58 . 2003-01-30 14:38 388,096 --a------ c:\windows\unacc.exe
2009-01-31 20:26 . 2009-02-13 15:31 <DIR> d-------- C:\hijack
2009-01-31 13:49 . 2009-01-31 13:51 <DIR> d-------- c:\windows\system32\NtmsData
2009-01-30 09:44 . 2009-01-30 09:44 <DIR> d-------- c:\windows\system32\LogFiles
2009-01-29 18:16 . 2009-01-29 22:27 <DIR> d-------- C:\Wireless Hotkey.temp
2009-01-29 16:17 . 2009-02-19 16:18 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-01-28 19:26 . 2009-01-28 19:26 <DIR> d-------- c:\documents and settings\Hussein\Application Data\Apple Computer
2009-01-28 18:12 . 2009-01-28 18:12 <DIR> d-------- c:\program files\Microsoft.NET
2009-01-28 18:12 . 2009-01-28 18:12 <DIR> d-------- c:\program files\Microsoft Works
2009-01-28 18:11 . 2009-01-28 18:11 <DIR> d-------- c:\windows\SHELLNEW
2009-01-28 18:10 . 2009-01-28 18:10 <DIR> dr-h----- C:\MSOCache
2009-01-28 18:10 . 2009-02-15 22:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-28 18:08 . 2009-01-28 18:09 2,403 --a------ c:\windows\CD_SearchHistory.INI
2009-01-26 21:41 . 2009-01-26 21:41 <DIR> d-------- c:\windows\Sun
2009-01-25 22:21 . 2009-01-25 22:21 <DIR> d-------- C:\tosapins
2009-01-25 21:04 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2009-01-25 21:04 . 2001-08-17 13:48 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2009-01-25 21:04 . 2001-08-17 14:02 9,600 --a------ c:\windows\system32\drivers\hidusb.sys
2009-01-25 21:04 . 2001-08-17 14:02 9,600 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-01-25 19:21 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-01-25 19:21 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-01-25 19:21 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-01-25 19:05 . 2009-01-31 20:31 <DIR> d-------- c:\program files\Crawler
2009-01-25 18:27 . 2009-01-25 18:27 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-01-25 18:15 . 2009-01-29 21:39 <DIR> d-------- c:\program files\Windows Live
2009-01-24 22:22 . 2009-02-04 20:24 <DIR> d-------- c:\program files\NCH Swift Sound
2009-01-24 22:22 . 2009-01-24 22:22 <DIR> d-------- c:\program files\NCH Software
2009-01-24 22:22 . 2009-01-24 22:22 <DIR> d-------- c:\documents and settings\Hussein\Application Data\NCH Swift Sound
2009-01-24 22:22 . 2009-01-24 22:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-01-24 22:12 . 2009-01-24 22:13 <DIR> d-------- c:\program files\Apple Software Update
2009-01-24 22:12 . 2009-01-24 22:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2009-01-24 22:11 . 2000-05-22 00:00 244,416 --a------ c:\windows\system32\Msflxgrd.ocx
2009-01-24 22:11 . 2009-02-18 18:54 3,768 --a------ c:\windows\machine.ver
2009-01-24 22:10 . 2009-02-18 18:55 67 --a------ c:\windows\swupdate.INI
2009-01-24 22:09 . 2009-01-24 22:09 <DIR> d-------- c:\program files\Real
2009-01-24 22:09 . 2009-01-24 22:09 <DIR> d-------- c:\program files\Common Files\xing shared
2009-01-24 22:09 . 2009-01-24 22:09 <DIR> d-------- c:\program files\Common Files\Real
2009-01-24 21:55 . 2009-02-19 16:56 <DIR> d-------- c:\documents and settings\Hussein\Tracing
2009-01-24 21:51 . 2009-01-24 21:51 <DIR> d-------- c:\program files\Microsoft
2009-01-24 21:43 . 2009-01-24 21:43 <DIR> d-------- c:\windows\system32\config\systemprofile\Application Data\Intel
2009-01-24 21:43 . 2009-01-24 21:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Intel
2009-01-24 21:19 . 2009-01-25 14:11 <DIR> d-------- c:\windows\SxsCaPendDel
2009-01-24 20:18 . 2009-01-24 20:18 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-01-24 20:16 . 2009-01-24 20:17 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2009-01-24 20:15 . 2009-01-24 20:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2009-01-24 19:53 . 2006-01-13 13:21 9,984 --------- c:\windows\system32\drivers\sffp_mmc.sys
2009-01-24 19:34 . 2009-02-18 20:55 <DIR> d-------- c:\documents and settings\Hussein\Application Data\skypePM
2009-01-24 19:34 . 2009-01-24 19:34 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-01-24 19:16 . 2009-01-24 19:16 0 --a------ c:\windows\nsreg.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-19 14:57 2,633 ----a-w c:\windows\system32\khfGvvtt.dll
2009-02-16 15:55 182,912 ----a-w c:\windows\system32\drivers\ndis.sys
2009-02-09 15:02 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-04 20:19 --------- d-----w c:\program files\Java
2009-01-29 20:31 21,275 ----a-w c:\windows\system32\drivers\AegisP.sys
2009-01-29 20:27 --------- d-----w c:\program files\TOSHIBA
2009-01-29 18:41 --------- d-----w c:\documents and settings\Hussein\Application Data\Protector Suite
2009-01-24 19:43 --------- d-----w c:\program files\Intel
2009-01-24 16:42 --------- d-----w c:\program files\ltmoh
2009-01-24 16:37 --------- d-----w c:\program files\Protector Suite QL
2009-01-24 16:37 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-24 16:37 --------- d-----w c:\program files\Common Files\Protector Suite QL
2009-01-24 16:34 15,360 ----a-w c:\windows\system32\drivers\tdcmdpst.sys
2009-01-24 16:34 114,688 ----a-w c:\windows\system32\TODDSrv.exe
2009-01-24 16:30 --------- d-----w c:\program files\Sonic
2009-01-24 16:29 --------- d-----w c:\program files\Common Files\InstallShield
2009-01-24 16:15 --------- d-----w c:\program files\InterVideo
2009-01-24 16:09 --------- d-----w c:\program files\Atheros
2009-01-24 16:09 --------- d-----w c:\program files\Apoint2K
2009-01-24 15:25 --------- d-----w c:\program files\KYE
2009-01-24 15:25 --------- d-----w c:\program files\Common Files\PAC207
2009-01-24 15:16 --------- d-----w c:\program files\Realtek
2009-01-24 15:08 --------- d-----w c:\documents and settings\Hussein\Application Data\Intel
2009-01-24 14:53 --------- d-----w c:\program files\microsoft frontpage
.

------- Sigcheck -------

2004-05-23 14:00 182912 558635d3af1c7546d26067d5d9b6959e c:\windows\SoftwareDistribution\Download\b3e9e7327f38776a4eeeb084da3eff5a\backup\ndis.sys
2009-02-16 17:55 213376 558635d3af1c7546d26067d5d9b6959e c:\windows\system32\dllcache\ndis.sys
2009-02-16 17:55 213376 558635d3af1c7546d26067d5d9b6959e c:\windows\system32\drivers\ndis.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
2009-02-18 21:32 47616 --a------ c:\windows\system32\iifefETj.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-05-23 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="thpsrv" [X]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-05-23 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-05-23 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-05-23 455168]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"00THotkey"="c:\windows\system32\00THotkey.exe" [2006-04-24 18:09 253952]
"TosHKCW.exe"="c:\program files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [2005-05-17 49152]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 602182]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2006-05-05 30208]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-04 136600]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-24 185896]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Pinger"="c:\toshiba\IVP\ISM\pinger.exe" [2005-03-17 151552]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-09 c:\windows\RTHDCPL.exe]
"000StTHK"="000StTHK.exe" [2001-06-23 04:28 24576 c:\windows\system32\000StTHK.exe]
"TFncKy"="TFncKy.exe" [BU]
"TFNF5"="TFNF5.exe" [2006-04-10 c:\windows\system32\TFNF5.exe]
"TOSDCR"="TOSDCR.EXE" [2005-12-13 c:\windows\system32\TOSDCR.exe]
"TPSMain"="TPSMain.exe" [2006-04-24 c:\windows\system32\TPSMain.exe]
"TPSODDCtl"="TPSODDCtl.exe" [2006-04-24 c:\windows\system32\TPSODDCtl.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2006-03-03 c:\windows\agrsmmsg.exe]
"NDSTray.exe"="NDSTray.exe" [BU]
"CFSServ.exe"="CFSServ.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-05-23 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= "c:\windows\system32\iifefETj.dll" [2009-02-18 47616]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifefETj]
2009-02-18 21:32 47616 c:\windows\system32\iifefETj.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2006-05-05 17:48 40448 c:\windows\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PC Health.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\PC Health.lnk
backup=c:\windows\pss\PC Health.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 03:06 40048 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
--a------ 2004-03-23 22:40 196608 c:\program files\Apoint2K\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpUtil]
--a------ 2005-06-28 20:11 155648 c:\program files\TOSHIBA\DualPointUtility\TEDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 2006-03-23 13:13 77824 c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
--a------ 2006-03-23 13:17 118784 c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
--a------ 2006-03-23 13:17 94208 c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
--------- 2006-03-03 20:30 184320 c:\program files\ltmoh\ltmoh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2009-02-06 18:51 3885408 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PINGER]
--a------ 2005-03-17 17:37 151552 c:\toshiba\IVP\ISM\pinger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-11-18 16:31 21633320 c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2009-01-24 22:09 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TouchED]
--a------ 2005-06-28 20:43 126976 c:\program files\TOSHIBA\TouchED\TouchED.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 18:43 69632 c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
--a------ 2006-04-24 15:20 1448960 c:\windows\SkyTel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=
"c:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2004-12-27 16384]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2009-01-24 6144]
R2 FdRedir;FdRedir;c:\program files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [2006-05-05 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\Common Files\Protector Suite QL\Drivers\filedisk.sys [2006-05-05 33024]
R2 smihlp;SMI helper driver;c:\program files\Protector Suite QL\smihlp.sys [2006-05-05 3456]
S3 PAC207;e-Messenger 112;c:\windows\system32\drivers\PFC027.SYS [2009-01-24 616064]
.
Contents of the 'Scheduled Tasks' folder

2009-02-16 c:\windows\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1234812445.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-06 00:52]

2009-02-19 c:\windows\Tasks\qcsrqvpt.job
- c:\windows\system32\wvUnMfec.dll [2009-02-19 16:56]
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-STYLEXP - c:\program files\TGTSoft\StyleXP\StyleXP.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.5.0_06\bin\jusched.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

.
------- Supplementary Scan -------
.
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
FF - ProfilePath - c:\documents and settings\Hussein\Application Data\Mozilla\Firefox\Profiles\wgtg0rz1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-19 16:56:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\windows\system32\khfGvvtt.dll 68697 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(740)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\infra.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\windows\system32\biologon.dll
c:\program files\Protector Suite QL\homepass.dll
c:\program files\Protector Suite QL\bio.dll
c:\program files\Protector Suite QL\remote.dll
c:\windows\system32\iifefETj.dll
c:\program files\Protector Suite QL\crypto.dll
c:\program files\Protector Suite QL\mysafe.dll

- - - - - - - > 'lsass.exe'(800)
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\infra.dll
c:\program files\Protector Suite QL\homefus2.dll

- - - - - - - > 'explorer.exe'(3528)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\khfGvvtt.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\acs.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\ThpSrv.exe
c:\windows\system32\TODDSrv.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\ThpSrv.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\windows\system32\TPSBattM.exe
c:\program files\Protector Suite QL\psqltray.exe
c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-02-19 16:59:29 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-19 14:59:11

Pre-Run: 38,077,460,480 bytes free
Post-Run: 39,319,474,176 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

369 --- E O F --- 2009-02-18 14:24:58

#1
abbes

Posted 19 February 2009 - 09:08 AM

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us