Hello, Here is the log.
Thank you!!
ComboFix 09-07-09.06 - Michelle Hammann 07/09/2009 23:01.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.162 [GMT -4:00]
Running from: c:\documents and settings\Michelle Hammann\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Michelle Hammann\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
file zipped: c:\program files\PersonalAV\pav.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Michelle Hammann\Desktop\Personal Antivirus.lnk
c:\program files\PersonalAV
c:\program files\PersonalAV\pav.exe
c:\windows\system32\msxmlm.dll
.
((((((((((((((((((((((((( Files Created from 2009-06-10 to 2009-07-10 )))))))))))))))))))))))))))))))
.
2009-07-09 22:41 . 2009-05-14 09:58 61440 ----a-w- c:\windows\system32\ndisapi.dll
2009-07-09 22:41 . 2009-07-10 00:09 159744 ----a-w- c:\windows\system32\NetFilter.exe
2009-07-09 22:41 . 2009-06-22 14:58 24576 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2009-07-09 22:40 . 2009-07-09 22:40 -------- d-----w- c:\program files\Common Files\Uninstall
2009-07-03 14:00 . 2009-06-29 12:54 327688 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgldx86.sys
2009-07-03 14:00 . 2009-06-29 12:54 906520 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgemc.exe
2009-07-03 14:00 . 2009-06-29 12:53 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll
2009-07-03 14:00 . 2009-06-29 12:53 3402008 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2009-07-03 14:00 . 2009-06-29 12:53 1204504 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgabout.dll
2009-07-03 14:00 . 2009-06-29 12:53 3298072 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-07-03 14:00 . 2009-06-29 12:53 337176 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avglogx.dll
2009-07-03 14:00 . 2009-06-29 12:53 829208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcfgx.dll
2009-07-03 13:58 . 2009-06-29 12:51 1085208 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2009-07-03 13:58 . 2009-06-29 12:50 1454360 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2009-06-23 19:03 . 2009-06-23 19:03 152576 ----a-w- c:\documents and settings\Michelle Hammann\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-11 23:33 . 2009-06-11 23:33 -------- d-----w- c:\documents and settings\Michelle Hammann\Local Settings\Application Data\Unity
2009-06-11 23:33 . 2009-06-11 23:33 -------- d-----w- c:\program files\Unity
2009-06-11 18:44 . 2009-04-30 21:22 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-06-11 18:44 . 2009-04-30 21:22 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-10 01:44 . 2009-03-10 19:20 -------- d-----w- c:\documents and settings\All Users\Application Data\temp
2009-07-09 03:23 . 2009-02-20 23:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-07-03 13:59 . 2008-06-11 16:16 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-29 12:54 . 2008-06-11 16:16 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-29 12:54 . 2007-02-19 18:34 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-23 19:06 . 2003-12-15 12:02 -------- d-----w- c:\program files\Java
2009-06-15 07:04 . 2008-09-11 15:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-08 15:41 . 2009-05-22 19:30 -------- d-----w- c:\program files\MSECache
2009-05-23 18:09 . 2008-04-11 02:08 -------- d-----w- c:\program files\Safari
2009-05-23 18:06 . 2009-05-23 18:06 -------- d-----w- c:\program files\Bonjour
2009-05-20 21:12 . 2007-11-14 13:44 -------- d-----w- c:\program files\Coupons
2009-05-17 05:49 . 2004-02-12 14:28 -------- d-----w- c:\program files\Google
2009-05-15 20:03 . 2008-09-08 17:03 -------- d-----w- c:\program files\oDesk
2009-05-13 05:15 . 2004-02-06 22:05 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-11 13:25 . 2008-06-11 16:16 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-07 15:32 . 2002-08-29 11:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-17 12:26 . 2002-08-29 11:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2004-04-15 18:22 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2005-06-29 14:24 . 2005-06-29 14:24 774144 -c--a-w- c:\program files\RngInterstitial.dll
2004-11-28 20:26 . 2004-11-28 20:25 13642752 -c--a-w- c:\program files\WP11SP1DOEM.msp
.
((((((((((((((((((((((((((((( SnapShot@2009-07-10_01.27.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-10 01:42 . 2009-07-10 01:42 16384 c:\windows\Temp\Perflib_Perfdata_52c.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-30 68856]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"PhotoShow Deluxe Media Manager"="c:\progra~1\Comcast\COMCAS~1\data\xtras\mssysmgr.exe" [2005-05-09 192512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVDSentry"="c:\windows\System32\DSentry.exe" [2003-08-13 28672]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2003-08-27 204800]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2009-01-30 1553920]
"VerizonServicepoint.exe"="c:\program files\Verizon\VSP\VerizonServicepoint.exe" [2007-05-11 2061816]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-13 185632]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-29 1948440]
"Prefs"="c:\progra~1\oDesk\oDeskLaunch.exe" [2009-05-14 357696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"MSDRV"="NetFilter.exe" - c:\windows\SYSTEM32\NetFilter.exe [2009-07-10 159744]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2003-12-15 24576]
DING!.lnk - c:\program files\Southwest Airlines\Ding\Ding.exe [2005-5-17 462848]
Event Reminder.lnk - c:\program files\Broderbund\PrintMaster\PMremind.exe [2005-5-18 442368]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-29 12:54 11952 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Dell Computer\\Dell Picture Studio v2.0\\launch.exe"=
"c:\\WINDOWS\\SYSTEM32\\javaw.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [6/11/2008 12:16 PM 335752]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [6/11/2008 12:16 PM 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8/31/2008 8:49 AM 907032]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/11/2008 12:16 PM 298776]
S2 gupdate1c993b2e10f4b6c;Google Update Service (gupdate1c993b2e10f4b6c);c:\program files\Google\Update\GoogleUpdate.exe [2/20/2009 7:28 PM 133104]
--- Other Services/Drivers In Memory ---
*Deregistered* - NDISRD
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-07-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34]
2009-07-10 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 13:54]
2009-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-20 23:27]
2009-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-20 23:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://wapp.verizon.net/bookmarks/bmredir.asp?region=all&bw=fiber&cd=7.0unattached&bm=ho_central
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {0CE0F418-1010-442D-871C-3454827DD539} - hxxp://www.facefun.com/FaceFun_webinstall/FaceFun.cab
DPF: {6B1B6D11-E497-11D3-BE0C-005004AD2E83} - hxxp://www.imagestation.com/common/classes/ISUSPrintActiveX.cab
DPF: {C915801D-6F00-49CD-8A9A-8DE5C11ADDC1} - hxxp://www.photoworks.com/pixami/DragDropUploader.cab
FF - ProfilePath - c:\documents and settings\Michelle Hammann\Application Data\Mozilla\Firefox\Profiles\9wmqo51c.default\
FF - prefs.js: browser.search.selectedEngine - The Free Dictionary
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPUploader.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-07-09 23:12
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2009-07-10 23:24
ComboFix-quarantined-files.txt 2009-07-10 03:23
ComboFix2.txt 2009-07-10 01:36
Pre-Run: 27,286,683,648 bytes free
Post-Run: 27,274,829,824 bytes free
187 --- E O F --- 2009-06-15 07:04
Upload was successful