Here's the ComboFix logfile
ComboFix 09-07-22.01 - audrey 07/22/2009 18:07.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1278.635 [GMT -4:00]
Running from: c:\documents and settings\audrey\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI
c:\windows\Installer\3d380e.msi
c:\windows\Installer\3d380f.msp
c:\windows\Installer\3d3810.msp
c:\windows\Installer\3d3811.msp
c:\windows\Installer\3d3812.msp
c:\windows\Installer\3d3813.msp
c:\windows\Installer\3d3814.msp
c:\windows\Installer\3d3815.msp
c:\windows\Installer\3d3816.msp
c:\windows\Installer\3d3817.msp
c:\windows\syssvc.exe
c:\windows\system32\comrepl.exe
c:\windows\system32\iehelper.dll
c:\windows\system32\lsp.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ISEXENG
-------\Legacy_ZESOFT
((((((((((((((((((((((((( Files Created from 2009-06-22 to 2009-07-22 )))))))))))))))))))))))))))))))
.
2009-07-22 21:16 . 2009-07-22 21:23 -------- d-----w- c:\documents and settings\audrey\Application Data\Reg Tool
2009-07-22 21:15 . 2009-07-22 21:15 -------- d-----w- c:\program files\Downloaded Installers
2009-07-22 20:49 . 2009-07-22 20:49 -------- d-----w- c:\program files\mmkbmj
2009-07-17 01:13 . 2009-07-17 01:16 -------- d-----w- c:\documents and settings\audrey\Local Settings\Application Data\Graboid
2009-07-17 01:12 . 2009-07-17 01:12 -------- d-----w- c:\program files\Mozilla ActiveX Control v1.7.12
2009-07-13 03:30 . 2009-07-13 03:30 -------- d-----w- c:\documents and settings\audrey\Application Data\ZoomBrowser EX
2009-07-13 03:30 . 2009-07-13 03:30 -------- d-----w- c:\program files\CONEXANT
2009-07-12 17:25 . 2009-04-30 22:57 199192 ----a-w- c:\windows\system32\lvci1201278.dll
2009-07-10 01:10 . 2009-02-12 09:35 38208 ----a-w- c:\documents and settings\audrey\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-07-10 01:10 . 2009-07-10 01:10 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-07-10 01:08 . 2009-07-10 01:08 86016 -c--a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-07-04 21:07 . 2009-07-04 21:07 -------- d-----w- c:\program files\Common Files\Logitech
2009-07-04 21:07 . 2009-07-04 21:07 -------- d-----w- c:\documents and settings\audrey\Local Settings\Application Data\Downloaded Installations
2009-06-29 22:05 . 2009-06-29 22:11 -------- d-----w- c:\documents and settings\audrey\Application Data\MSN6
2009-06-23 15:24 . 2009-06-23 15:24 -------- d-----w- c:\documents and settings\audrey\Local Settings\Application Data\CANON_INC
2009-06-23 01:28 . 2009-06-23 01:28 -------- dc----w- c:\documents and settings\All Users\Application Data\ZoomBrowser
2009-06-23 01:24 . 2009-06-23 01:24 -------- d-----w- c:\program files\Common Files\Canon
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-22 22:19 . 2009-05-01 00:53 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-07-22 22:19 . 2009-05-01 00:52 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-07-22 22:12 . 2009-05-01 01:15 -------- d-----w- c:\documents and settings\audrey\Application Data\Skype
2009-07-22 21:12 . 2009-05-01 01:17 -------- d-----w- c:\documents and settings\audrey\Application Data\skypePM
2009-07-13 03:35 . 2009-05-01 01:15 -------- d-----r- c:\program files\Skype
2009-07-13 03:27 . 2008-05-18 17:33 -------- d-----w- c:\program files\Google
2009-07-12 17:27 . 2009-05-01 00:55 -------- d-----w- c:\program files\Logitech
2009-07-12 17:26 . 2009-05-01 00:50 -------- d-----w- c:\program files\Common Files\LogiShrd
2009-07-12 17:22 . 2009-05-01 00:55 -------- dc----w- c:\documents and settings\All Users\Application Data\Logishrd
2009-07-10 02:42 . 2009-04-06 23:17 -------- dc----w- c:\documents and settings\All Users\Application Data\NOS
2009-07-10 02:42 . 2009-04-06 23:17 -------- d-----w- c:\program files\NOS
2009-07-10 01:13 . 2004-12-06 00:54 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-07 01:09 . 2008-11-09 22:42 1915520 -c--a-w- c:\documents and settings\audrey\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-07-01 17:08 . 2008-01-23 21:02 -------- d-----w- c:\program files\LimeWire
2009-07-01 16:53 . 2007-04-09 16:07 -------- d-----w- c:\documents and settings\audrey\Application Data\LimeWire
2009-06-23 01:31 . 2006-01-09 22:50 -------- d-----w- c:\program files\Canon
2009-06-16 14:55 . 2002-08-29 10:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:55 . 2002-08-29 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-09 18:03 . 2009-05-09 20:00 -------- dc----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-03 19:27 . 2003-05-30 14:00 1290752 ----a-w- c:\windows\system32\quartz.dll
2009-05-27 23:30 . 2008-06-19 20:42 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-14 21:28 . 2009-05-14 21:28 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-13 22:28 . 2009-05-13 22:28 152576 -c--a-w- c:\documents and settings\marie\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-09 22:48 . 2004-05-19 18:31 75128 -c--a-w- c:\documents and settings\audrey\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-08 14:39 . 2009-05-08 14:39 296208 -c--a-w- c:\documents and settings\All Users\Application Data\Logishrd\LQCVFX\Filters\VMSEF.dll
2009-05-08 14:36 . 2009-05-08 14:36 6781200 -c--a-w- c:\documents and settings\All Users\Application Data\Logishrd\LQCVFX\Filters\MMSEF.dll
2009-05-08 14:13 . 2009-05-08 14:13 13584 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
2009-05-07 15:44 . 2002-08-29 10:00 344064 ----a-w- c:\windows\system32\localspl.dll
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-05-01 01:17 . 2009-05-01 01:17 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-05-01 01:00 . 2009-05-01 01:00 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2009-04-30 23:03 . 2009-05-01 00:51 23832 ----a-w- c:\windows\system32\drivers\lvuvcflt.sys
2009-04-30 23:03 . 2009-05-01 00:53 6754712 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2009-04-30 23:02 . 2009-05-01 00:53 539160 ----a-w- c:\windows\system32\LVUI2RC.dll
2009-04-30 23:02 . 2009-05-01 00:53 539160 ----a-w- c:\windows\system32\LVUI2.dll
2009-04-30 23:01 . 2009-05-01 00:52 265496 ----a-w- c:\windows\system32\drivers\lvrs.sys
2009-04-30 22:57 . 2009-05-01 00:53 416280 ----a-w- c:\windows\system32\lvcodec2.dll
2009-04-30 22:39 . 2009-05-01 00:52 34068 ----a-w- c:\windows\system32\Repository.reg
2009-04-30 20:00 . 2009-04-30 20:00 25624 ----a-w- c:\windows\system32\drivers\LVPr2Mon.sys
2009-04-29 04:56 . 2004-02-06 22:05 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2004-08-04 07:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2007-08-06 23:22 . 2007-08-06 23:22 559856 -c--a-w- c:\program files\WindowsXP-KB906569-v2-x86-ENU.exe
2005-01-15 16:19 . 2005-01-15 16:19 6427630 -c--a-w- c:\program files\photoshop_album_SE_2_0_1_E.zip
2007-01-16 22:10 . 2007-01-14 23:16 88 --sh--r- c:\windows\SYSTEM32\CF10A48B1D.sys
2007-01-16 22:34 . 2007-01-14 23:16 2828 --sha-w- c:\windows\SYSTEM32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-16 24264488]
"Reg Tool"="E:\Reg Tool.exe" [2009-07-21 37491976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-22 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-22 126976]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-08-06 114741]
"MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2006-01-17 135168]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"ADUserMon"="c:\program files\Iomega\AutoDisk\ADUserMon.exe" [2002-09-24 147456]
"mmtask"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2006-01-17 53248]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2006-03-22 1191936]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-14 148888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528]
c:\documents and settings\audrey\Start Menu\Programs\Startup\
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-9-15 344064]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-4-30 66864]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [10/10/2008 6:45 AM 13088]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [8/1/2008 1:00 PM 24652]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
.
Contents of the 'Scheduled Tasks' folder
2009-07-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2004-05-19 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\System32\OOBE\OOBEBALN.EXE [2002-08-29 07:56]
2009-07-22 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
2009-07-22 c:\windows\Tasks\Reg Tool Scan.job
- E:\Reg Tool.exe [2009-07-21 19:22]
.
- - - - ORPHANS REMOVED - - - -
BHO-{9FA4F5A4-CBC6-454a-A170-82D954252EF6} - c:\windows\system32\iehelper.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net/
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AIM Search - c:\program files\AIM Toolbar\AIMBar.dll/aimsearch.htm
IE: &Search - ?p=ZJxdm090YYUS
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to White List - c:\program files\ADVANCED SEARCHBAR\addtolist.js
IE: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
IE: Delete from White List - c:\program files\ADVANCED SEARCHBAR\delfromlist.js
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
Trusted Zone: turbotax.com
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-22 18:20
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
c:\windows\TEMP\TMP0000003671297561615DA370
scan completed successfully
hidden files: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Iomega Activity Disk2]
"ImagePath"="\"\""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2312)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\progra~1\Iomega\System32\AppServices.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\SYSTEM32\PSIService.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Iomega\AutoDisk\ADService.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\SYSTEM32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2009-07-22 18:37 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-22 22:36
ComboFix2.txt 2008-06-26 19:19
Pre-Run: 191,795,200 bytes free
Post-Run: 455,344,128 bytes free
223 --- E O F --- 2009-07-22 21:41
Can someone please tell me what to do next? Fast response is much appreciated.