[MissCamaro]

This is my first time using this forum. I have trend micro anti virus and it recently said I have skynet virus. I kinda snooped around to see what could be done so I downloaded combofix and this is the report it gave me(I have no idea what it means btw)My computer is redirecting my internet, cant locate my cd burner even though it works, and i put in my camera memmory stick and wont read it...still. Trend Micro said I have 104 skynet viruses. Please help me, im not total computer literate but im a fast learner!


ComboFix 09-07-05.04 - HP_Administrator 07/06/2009 10:17.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.958.660 [GMT -7:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\Combo-Fix.exe
AV: Trend Micro Internet Security *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Trend Micro Personal Firewall *enabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\HP_Administrator\Application Data\FunWebProducts
c:\documents and settings\HP_Administrator\Application Data\FunWebProducts\Data\HP_Administrator\avatar.dat
c:\documents and settings\HP_Administrator\Local Settings\Temporary Internet Files\_tmBD.tmp
c:\documents and settings\HP_Administrator\Local Settings\Temporary Internet Files\stb06759.tmp
C:\install.exe
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn-new.html
c:\program files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn-new.html
c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn.html
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MSG.DLL
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\01AC568A
c:\program files\MyWebSearch\bar\Cache\01AC5BBA
c:\program files\MyWebSearch\bar\Cache\01AC632C
c:\program files\MyWebSearch\bar\Cache\01AC65DC.bin
c:\program files\MyWebSearch\bar\Cache\01AC6782.bin
c:\program files\MyWebSearch\bar\Cache\01AC68BA.bin
c:\program files\MyWebSearch\bar\Cache\01AC6A31.bin
c:\program files\MyWebSearch\bar\Cache\01AC6BA8.bin
c:\program files\MyWebSearch\bar\Cache\0218DD12.bin
c:\program files\MyWebSearch\bar\Cache\0218DFF1.bin
c:\program files\MyWebSearch\bar\Cache\0218E1F4.bin
c:\program files\MyWebSearch\bar\Cache\0218E57E.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\MyWebSearch\bar\Settings\setting2.htm
c:\program files\MyWebSearch\bar\Settings\settings.dat
c:\program files\SelectRebates
c:\program files\SelectRebates\FFToolbar\chrome.manifest
c:\program files\SelectRebates\FFToolbar\chrome\content\options.js
c:\program files\SelectRebates\FFToolbar\chrome\content\options.xul
c:\program files\SelectRebates\FFToolbar\chrome\content\sahtoolbar.js
c:\program files\SelectRebates\FFToolbar\chrome\content\sahtoolbar.xul
c:\program files\SelectRebates\FFToolbar\chrome\locale\en-US\contents.rdf
c:\program files\SelectRebates\FFToolbar\chrome\locale\en-US\sahtoolbar.dtd
c:\program files\SelectRebates\FFToolbar\chrome\locale\en-US\sahtoolbar.dtd.skin
c:\program files\SelectRebates\FFToolbar\chrome\locale\en-US\sahtoolbar.properties
c:\program files\SelectRebates\FFToolbar\chrome\skin\3rdParty.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\add-folderplus.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\add-plussign.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\alert-blue.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\alert-red.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\bluebar.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\dollarsign.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\FindWords.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\gripper.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\icon-magnifying.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\invite.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\invite2.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\my-blue.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\my-gray.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\my-green.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\my-red.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\Options.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\S.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\SAH-LogoHotSpots.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\SAH-logotext.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\SAH-mainlogo-v1.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\SAH-mainlogo-v2.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\sahtoolbar.css
c:\program files\SelectRebates\FFToolbar\chrome\skin\Scissors.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\Search.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\shoppingcart.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\singleperson.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\star.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\thumb2.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\Thumbs.db
c:\program files\SelectRebates\FFToolbar\chrome\skin\toolbar-images-ALL.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\Toolbar_HelpAndFeedback.png
c:\program files\SelectRebates\FFToolbar\chrome\skin\Wrench.png
c:\program files\SelectRebates\FFToolbar\defaults\preferences\sahtoolbar.js
c:\program files\SelectRebates\FFToolbar\install.rdf
c:\program files\SelectRebates\SahImages\bg-gradient.gif
c:\program files\SelectRebates\SahImages\button-close.gif
c:\program files\SelectRebates\SahImages\sah-logopop.gif
c:\program files\SelectRebates\SelectAlerts.dat
c:\program files\SelectRebates\SelectRebates.exe
c:\program files\SelectRebates\SelectRebates.ini
c:\program files\SelectRebates\SelectRebatesA.dat
c:\program files\SelectRebates\SelectRebatesApi.exe
c:\program files\SelectRebates\SelectRebatesB.dat
c:\program files\SelectRebates\SelectRebatesBT.dat
c:\program files\SelectRebates\SelectRebatesDownload.exe
c:\program files\SelectRebates\SelectRebatesUninstall.exe
c:\program files\SelectRebates\SRebates.dll
c:\program files\SelectRebates\SRFF3.dll
c:\program files\SelectRebates\Toolbar\Add.bmp
c:\program files\SelectRebates\Toolbar\AdvancedOptions.html
c:\program files\SelectRebates\Toolbar\basis.xml
c:\program files\SelectRebates\Toolbar\Basis.xml.dym
c:\program files\SelectRebates\Toolbar\Blank.bmp
c:\program files\SelectRebates\Toolbar\button-CloseWindow.gif
c:\program files\SelectRebates\Toolbar\i_clipboard.bmp
c:\program files\SelectRebates\Toolbar\i_help.bmp
c:\program files\SelectRebates\Toolbar\i_magnifying.bmp
c:\program files\SelectRebates\Toolbar\icons.bmp
c:\program files\SelectRebates\Toolbar\ImageCache\alert-red.bmp
c:\program files\SelectRebates\Toolbar\Invite.bmp
c:\program files\SelectRebates\Toolbar\logo.bmp
c:\program files\SelectRebates\Toolbar\logo_24.bmp
c:\program files\SelectRebates\Toolbar\logo_HotSpots.bmp
c:\program files\SelectRebates\Toolbar\MyNew.bmp
c:\program files\SelectRebates\Toolbar\MyNone.bmp
c:\program files\SelectRebates\Toolbar\MyPage.bmp
c:\program files\SelectRebates\Toolbar\Rate.bmp
c:\program files\SelectRebates\Toolbar\RightControls.dym
c:\program files\SelectRebates\Toolbar\sah_logo_bars.gif
c:\program files\SelectRebates\Toolbar\Scissors.bmp
c:\program files\SelectRebates\Toolbar\Tools.bmp
c:\program files\SelectRebates\Toolbar\Tools2.bmp
c:\windows\kb913800.exe
c:\windows\system32\drivers\SKYNETrblkotqf.sys
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\SKYNETcdpjques.dat
c:\windows\system32\SKYNETfwvygwpu.dll
c:\windows\system32\SKYNETlkloafha.dll
c:\windows\system32\SKYNETtdoydrnu.dat
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SKYNETpjmknepq
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService


((((((((((((((((((((((((( Files Created from 2009-06-06 to 2009-07-06 )))))))))))))))))))))))))))))))
.

2009-06-30 02:09 . 2006-06-04 04:29 48640 ----a-w- c:\windows\system32\hpzll4pi.dll
2009-06-30 02:07 . 2004-08-04 06:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-06-30 02:07 . 2004-08-04 06:08 31616 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-06-30 02:06 . 2009-06-30 02:27 124500 ----a-w- c:\windows\HPHins12.dat
2009-06-30 02:06 . 2006-07-07 03:49 14916 ------w- c:\windows\hphmdl12.dat
2009-06-30 02:03 . 2006-05-16 20:25 77824 ----a-w- c:\windows\system32\hpzids01.dll
2009-06-30 01:58 . 2006-06-22 03:03 56 ----a-w- C:\ut9x.bat
2009-06-30 01:58 . 2006-06-19 21:08 54 ----a-w- C:\ut.bat
2009-06-30 01:50 . 2009-06-30 01:50 -------- d-----w- c:\temp\FixEngine
2009-06-30 01:46 . 2009-06-30 01:46 10134 ----a-r- c:\documents and settings\HP_Administrator\Application Data\Microsoft\Installer\{4CCC7F68-A437-4559-A840-F5E010934951}\ARPPRODUCTICON.exe
2009-06-30 01:46 . 2009-06-30 01:46 -------- d-----w- c:\windows\Downloaded Installations
2009-06-30 01:42 . 2004-08-04 06:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-06-30 01:42 . 2004-08-04 06:01 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
2009-06-29 22:12 . 2004-08-10 04:00 25600 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-06-29 22:06 . 2009-06-29 22:06 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-29 22:04 . 2009-06-29 22:05 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-06-29 22:04 . 2009-06-29 22:04 -------- d-----w- c:\windows\system32\LogFiles
2009-06-15 01:52 . 2009-06-15 01:52 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\AdobeUM
2009-06-13 22:50 . 2009-06-13 22:50 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-06-13 22:17 . 2009-06-13 22:17 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-06-12 01:29 . 2009-06-20 22:08 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Apple Computer
2009-06-12 01:27 . 2009-03-19 23:32 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-12 01:27 . 2008-04-17 19:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-12 00:53 . 2009-06-12 01:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-12 00:47 . 2009-06-12 01:29 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Apple Computer
2009-06-10 21:00 . 2009-06-10 21:00 -------- d-----w- c:\program files\System Search Dispatcher
2009-06-10 21:00 . 2009-06-10 21:00 -------- d-----w- c:\program files\DoubleD
2009-06-10 20:59 . 2009-06-10 20:59 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\DoubleD

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-05 23:52 . 2009-05-28 17:36 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\LimeWire
2009-07-04 08:38 . 2009-05-28 17:35 -------- d-----w- c:\program files\LimeWire
2009-06-30 02:28 . 2006-01-01 13:34 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\HP
2009-06-30 02:13 . 2006-06-16 04:32 -------- d-----w- c:\program files\HP
2009-06-27 02:05 . 2006-06-16 04:48 -------- d-----w- c:\program files\HP Games
2009-06-12 01:26 . 2009-06-12 01:25 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-12 01:26 . 2009-06-12 01:25 -------- d-----w- c:\program files\iTunes
2009-06-12 01:25 . 2009-06-12 01:25 -------- d-----w- c:\program files\iPod
2009-06-12 01:25 . 2009-06-12 00:53 -------- d-----w- c:\program files\Common Files\Apple
2009-06-12 01:25 . 2009-06-12 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-12 01:21 . 2009-06-12 01:21 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-12 01:02 . 2009-06-12 01:02 -------- d-----w- c:\program files\Bonjour
2009-06-12 00:59 . 2009-06-12 00:54 -------- d-----w- c:\program files\QuickTime
2009-06-12 00:54 . 2009-06-12 00:53 -------- d-----w- c:\program files\Apple Software Update
2009-06-06 20:23 . 2009-06-05 04:19 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Download Manager
2009-06-05 18:42 . 2009-06-12 00:53 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-05 18:42 . 2009-06-12 00:53 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-04 00:06 . 2006-06-16 04:53 -------- d-----w- c:\program files\Hewlett-Packard
2009-06-04 00:04 . 2009-06-04 00:04 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-06-03 23:52 . 2009-06-03 23:52 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\WinBatch
2009-06-02 10:10 . 2006-06-16 04:45 51976 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-02 10:03 . 2009-06-02 10:03 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-05-31 23:49 . 2009-05-31 23:49 594 ----a-w- c:\windows\eReg.dat
2009-05-31 23:41 . 2009-05-31 23:41 -------- d-----w- c:\program files\Maxis
2009-05-28 17:29 . 2009-05-28 17:29 -------- d-----w- c:\program files\Microsoft
2009-05-28 17:27 . 2009-05-28 17:27 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-28 17:27 . 2006-06-16 04:13 -------- d-----w- c:\program files\Java
2009-05-28 17:26 . 2009-05-28 17:26 152576 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-28 04:48 . 2009-05-28 04:48 -------- d-----w- c:\program files\MSXML 4.0
2009-05-28 00:11 . 2009-05-28 00:11 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Viewpoint
2009-05-07 15:44 . 2004-08-10 04:00 344064 ------w- c:\windows\system32\localspl.dll
2009-04-29 04:31 . 2004-08-10 04:00 668160 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:31 . 2004-08-10 04:00 81920 ------w- c:\windows\system32\ieencode.dll
2009-04-17 09:58 . 2004-08-10 04:00 1846656 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 15:11 . 2004-08-10 04:00 584192 ----a-w- c:\windows\system32\rpcrt4.dll
2007-03-11 23:30 . 2006-01-01 11:39 32 --sha-w- c:\windows\SMINST\HPCD.SYS
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2008-07-29 497008]
"Aim6"="c:\program files\AIM6\aim6.exe" [2009-05-19 49968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-30 67584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-25 7311360]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"DISCover"="c:\program files\DISC\DISCover.exe" [2006-03-16 1077248]
"DiscUpdateManager"="c:\program files\DISC\DiscUpdMgr.exe" [2006-03-16 61440]
"DMAScheduler"="c:\program files\HP DigitalMedia Archive\DMAScheduler.exe" [2006-03-20 90112]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-04-01 995528]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-28 148888]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-27 413696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-06-16 180269]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-03-08 16010240]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" - c:\windows\arpwrmsg.exe [2005-08-03 77312]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-01-25 1519616]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2008-07-29 497008]

c:\documents and settings\Default User\Start Menu\Programs\Startup\
Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-6-15 27136]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Updates From HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2006-6-15 36903]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\DISC\\DISCover.exe"=
"c:\\Program Files\\DISC\\DiscStreamHub.exe"=
"c:\\Program Files\\DISC\\myFTP.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [1/1/2006 5:09 AM 50192]
R2 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security\TmPfw.exe [1/1/2006 5:09 AM 497008]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [7/29/2008 9:06 AM 36368]
R2 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [1/1/2006 5:09 AM 677128]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [3/23/2006 11:51 AM 24652]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [7/29/2008 9:06 AM 335376]
.
Contents of the 'Scheduled Tasks' folder

2009-06-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL
HKLM-Run-SelectRebates - c:\program files\SelectRebates\SelectRebates.exe
HKLM-Run-PCDrProfiler - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://aimzones.aol.com/homepage
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=63&bd=PAVILION&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=63&bd=PAVILION&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Search - http://edits.mywebse...?p=ZYxdm034YYUS
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: trymedia.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-06 10:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\TEMP\SEP20.tmp 0 bytes


**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2860)
c:\docume~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Trend Micro\BM\TMBMSRV.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\arservice.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\spool\drivers\w32x86\3\HPZIPM12.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Trend Micro\Internet Security\SfCtlCom.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\wscntfy.exe
c:\program files\AIM6\aolsoftware.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 2009-07-06 10:32 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-06 17:31

Pre-Run: 160,129,855,488 bytes free
Post-Run: 160,953,974,784 bytes free

416 --- E O F --- 2009-07-06 04:35

[Advertisements]

So i tried to clean the computer with what this site gave me and i still have some. I use trend mirco and it says i have 108 viruses quarentined. they are un deletable as well. what can i do to get rid of them? I ran combofix which took a few out. please help me!

[MissCamaro]

So i tried to clean the computer with what this site gave me and i still have some. I use trend mirco and it says i have 108 viruses quarentined. they are un deletable as well. what can i do to get rid of them? I ran combofix which took a few out. please help me!