How can I be sure if I am still infected with "Win32/Small.CA" virus".

From my XP computer:

DDS.txt

DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by alec at 16:09:57 on 2012-11-04
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3070.2208 [GMT 0:00]
.
AV: AVG Anti-Virus Business Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
\??\C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
\??\C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\WINDOWS\system32\IPSSVC.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\IProsetMonitor.exe
C:\Program Files\LENOVO\HOTKEY\CAMMUTE.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\OrangeMobileBroadband\OrangeMobileBroadband_Service.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files\lenovo\system update\suservice.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
C:\Program Files\InternetEverywhere\WTGService.exe
C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\TpShocks.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
C:\PROGRA~1\THINKV~1\AMSG\amsg.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Everything\Everything-1.2.1.451a.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Ditto\Ditto.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\X1\X1FileMonitor.exe
C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
\??\C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Program Files\ThinkPad\UltraNav Wizard\UNavTray.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\DOCUME~1\alec\LOCALS~1\Temp\nsf51.tmp\ns52.tmp
C:\DOCUME~1\alec\LOCALS~1\Temp\nsf51.tmp\MBR.DAT
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k eapsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k dot3svc
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = file:///C:/Docs/My_Clients/Traigh/web/t1/t1/launch.html
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: CmjBrowserHelperObject Object: {07A11D74-9D25-4fea-A833-8B0D76A5577A} - c:\program files\mindjet\mindmanager 7\Mm7InternetExplorer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg2012\avgssie.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: CmjBrowserHelperObject Object: {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 9\Mm8InternetExplorer.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Ditto] c:\program files\ditto\Ditto.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\documents and settings\alec\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [X1FileMonitor.exe] c:\progra~1\x1\X1FileMonitor.exe
mRun: [TpShocks] TpShocks.exe
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe
mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe
mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe
mRun: [AMSG] c:\progra~1\thinkv~1\amsg\amsg.exe
mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [TPFNF7] c:\progra~1\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe
mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe
mRun: [TP4EX] tp4ex.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [LenovoAutoScrollUtility] c:\program files\lenovo\virtscrl\virtscrl.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Everything] "c:\program files\everything\Everything-1.2.1.451a.exe" -startup
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [UserFaultCheck] c:\windows\system32\dumprep 0 -u
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUtQVoyVUItNkdPS0ItSkhGTkg"&"inst=NzctNTkwMDU3Nzk4LUZQOTIrNi1CQVI5Rysx LVRCOSsyLUZMKzktRjEwTSs1LVFJWDErNC1YMjAxMCsyLVZJUDEwKzEtRjEwTTEwQysxLUxJQys3Ny1TUDErMS1TVUQrMS1TMUkr MS1TVTMrMS1GTDEwKzEtRERUKzU4MTk1LUREMTBGKzEtU1QxMEZBUFArMQ"&"prod=90"&"ver=10.0.1392
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alec\startm~1\programs\startup\x1syst~1.lnk - c:\program files\x1\X1Systray.exe
StartupFolder: c:\docume~1\alec\startm~1\programs\startup\x1.lnk - c:\program files\x1\X1.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wnda3100v2\WNDA3100v2.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 9\Mm8InternetExplorer.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - c:\program files\mindjet\mindmanager 7\Mm7InternetExplorer.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {2DAD3559-2923-4935-AD49-B673D2539944} - hxxp://www-307.ibm.com/pc/support/acpir.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345139468843
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=928
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{0DBF38C9-7B96-46EE-B588-A6792696805A} : NameServer = 192.168.111.249 192.168.111.1 192.168.111.2 192.168.111.249
TCP: Interfaces\{0DBF38C9-7B96-46EE-B588-A6792696805A} : DHCPNameServer = 192.168.111.249 192.168.111.1 192.168.111.2
TCP: Interfaces\{450B557B-A608-4647-BF9C-369C1DFDADEF} : DHCPNameServer = 192.168.111.249
TCP: Interfaces\{DD09B0AC-6ADA-4A1A-BA13-91047B23163D} : DHCPNameServer = 192.168.1.254 192.168.1.254
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: ACNotify - ACNotify.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
Notify: LMIinit - LMIinit.dll
Notify: psfus - c:\program files\thinkvantage fingerprint software\psqlpwd.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli ACGina ACGina c:\program files\thinkvantage fingerprint software\psqlpwd.dll ACGina
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\alec\application data\mozilla\firefox\profiles\cd1s817r.default\
FF - prefs.js: browser.startup.homepage - file:///C:/Docs/My_Clients/Traigh/web/t1/t1/launch.html
FF - plugin: c:\documents and settings\alec\application data\mozilla\firefox\profiles\cd1s817r.default\extensions\logmeinclient@logmein.com\plugins\npLMI64. dll
FF - plugin: c:\documents and settings\alec\application data\mozilla\firefox\profiles\cd1s817r.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl .dll
FF - plugin: c:\documents and settings\alec\local settings\application data\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-7-11 31952]
R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2010-1-22 24264]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2011-12-28 22344]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 301920]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2010-4-1 13680]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2010-1-22 280640]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [2011-4-20 109728]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2012-7-25 12184]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\lenovo\hotkey\cammute.exe [2010-4-1 54632]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-9-29 374184]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-8-11 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-2-23 47640]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-31 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-10-31 676936]
R2 OrangeMobileBroadband_Service;OrangeMobileBroadband_Service;c:\program files\orangemobilebroadband\OrangeMobileBroadband_Service.exe [2011-1-25 333264]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-1-22 1645568]
R2 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\thinkpad\utilities\PWMEWSVC.exe [2011-6-9 1664064]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-8-13 3064000]
R2 smihlp2;SMI Helper Driver (smihlp2);c:\program files\thinkvantage fingerprint software\smihlp.sys [2009-3-13 12560]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\lenovo\hotkey\tphkload.exe [2012-9-30 131432]
R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2012-9-30 142696]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2008-5-14 520192]
R2 WSWNDA3100;WSWNDA3100;c:\program files\netgear\wnda3100v2\WifiSvc.exe [2011-6-12 272864]
R2 WTGService;WTGService;c:\program files\interneteverywhere\WTGService.exe [2010-12-19 308688]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-10-31 22856]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [2010-12-11 6609920]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2008-2-22 37312]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-22 135664]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2012-9-30 101736]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2011-6-12 642432]
S3 CH341ENUM;CH341ENUM;c:\windows\system32\drivers\CH34Enum.sys [2011-5-27 17664]
S3 CH341SER;CH341SER;c:\windows\system32\drivers\CH341SER.SYS [2011-5-27 39632]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 ewsercd;Huawei DataCard USB Serial Port;c:\windows\system32\drivers\ewsercd.sys [2011-1-25 100224]
S3 FSDFU;FSDFU;c:\windows\system32\drivers\fsdfu.sys [2011-4-15 10433]
S3 GTUHSBUS;GT UHS BUS;c:\windows\system32\drivers\gtuhsbus.sys [2010-12-19 66560]
S3 GTUHSNDISIPXP;GT UHS IP NDIS;c:\windows\system32\drivers\gtuhs51.sys [2010-12-19 107520]
S3 GTUHSSER;GT UHS SER;c:\windows\system32\drivers\gtuhsser.sys [2010-12-19 8064]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-22 135664]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2011-9-2 42648]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2011-9-2 12184]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2011-6-12 50704]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
S4 Hwsl2vic;Hwsl2vic; [x]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\TextPad.exe="c:\program files\textpad 5\TextPad.exe" -s "%1" [UserChoice]
FileExt: .js: jsfile="c:\program files\macromedia\dreamweaver mx 2004\Dreamweaver.exe" "%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-11-02 01:19:49 -------- d-----w- c:\windows\Microsoft Antimalware
2012-11-01 12:01:56 -------- d-----w- c:\program files\ESET
2012-10-31 12:24:35 -------- d-----w- c:\documents and settings\alec\application data\SUPERAntiSpyware.com
2012-10-31 12:24:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-31 12:24:04 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2012-10-31 10:41:31 -------- d-----w- c:\documents and settings\alec\application data\Malwarebytes
2012-10-31 10:41:21 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-10-31 10:41:17 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-31 10:41:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-26 10:21:43 -------- d-----w- C:\PSTs
2012-10-19 11:03:43 53248 ----a-r- c:\documents and settings\alec\application data\microsoft\installer\{6e6e7725-c7bc-4c39-8b3f-14b67331a120}\ARPPRODUCTICON.exe
2012-10-19 10:09:13 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-10-19 10:08:36 -------- d-----w- C:\Intel
2012-10-19 09:51:44 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-10-19 09:51:43 122168 ----a-w- c:\windows\system32\SynTPCo11.dll
2012-10-15 10:00:54 -------- d-----w- c:\documents and settings\alec\local settings\application data\Help
.
==================== Find3M ====================
.
2012-10-11 09:39:20 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-11 09:39:18 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ------w- c:\windows\system32\html.iec
2012-08-24 14:43:18 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:33:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58:09 2027520 ------w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 16:10:16.57 ===============

OK - From my XP machine.

# AdwCleaner v2.006 - Logfile created 11/04/2012 at 23:35:13
# Updated 30/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : alec - ALEC08
# Boot Mode : Normal
# Running from : C:\Documents and Settings\alec\My Documents\Downloads\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****
Folder Deleted : C:\Documents and Settings\alec\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\alec\Local Settings\Application Data\OpenCandy
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D360201-FFF5-11D1-8D03-00A0C959BC0A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D360201-FFF5-11D1-8D03-00A0C959BC0A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v9.0.1 (en-US)
Profile name : default
File : C:\Documents and Settings\alec\Application Data\Mozilla\Firefox\Profiles\cd1s817r.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v22.0.1229.94
File : C:\Documents and Settings\alec\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v10.63.3516.0
File : C:\Documents and Settings\alec\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [2236 octets] - [04/11/2012 23:35:13]
########## EOF - C:\AdwCleaner[S1].txt - [2296 octets] ##########

Hi

Er... so far both computer are running sort of okay, although still rather slow I'd say.
e.g. Photoshop 6 opens on XP (laptop) in 21 seconds from a cold start. My Home PC is better though - at about 7 seconds... All in all so far, so good. But any sign of actual virus or keylogging or the like (???)

J

OK, here is combofix.txt for my Home PC (Win 7)

ComboFix 12-11-05.03 - Alec 06/11/2012 0:38.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.8182.6416 [GMT 0:00]
Running from: c:\users\Alec\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2012-10-06 to 2012-11-06 )))))))))))))))))))))))))))))))
.
.
2012-11-05 01:17 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1B8B4153-A933-4ED1-B1DD-6FD2867BA156}\mpengine.dll
2012-11-04 00:50 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-01 03:20 . 2012-11-01 03:20 -------- d-----w- C:\TDSSKiller_Quarantine
2012-10-31 23:51 . 2012-10-31 23:51 -------- d-----w- c:\program files (x86)\ESET
2012-10-30 20:07 . 2012-10-30 20:07 -------- d-----w- c:\windows\Microsoft Antimalware
2012-10-30 16:23 . 2012-10-30 16:23 -------- d-----w- c:\users\Alec\AppData\Local\Apps
2012-10-30 10:11 . 2012-10-30 10:11 -------- d-----w- c:\users\Alec\AppData\Roaming\SUPERAntiSpyware.com
2012-10-30 10:11 . 2012-10-30 10:12 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-30 10:11 . 2012-10-30 10:11 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-10-30 10:00 . 2012-10-30 10:00 -------- d-----w- c:\users\Alec\AppData\Roaming\Malwarebytes
2012-10-30 10:00 . 2012-10-30 10:00 -------- d-----w- c:\programdata\Malwarebytes
2012-10-30 10:00 . 2012-10-30 10:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-30 10:00 . 2012-09-29 19:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-30 09:55 . 2012-10-30 09:55 -------- d-----w- c:\programdata\ATI
2012-10-30 09:55 . 2012-10-30 09:55 -------- d-----w- c:\program files (x86)\AMD AVT
2012-10-30 09:55 . 2012-10-30 09:55 -------- d-----w- c:\program files (x86)\AMD APP
2012-10-29 23:57 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-10-29 23:57 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-10-29 23:57 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2012-10-29 23:57 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-10-29 23:57 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-10-29 23:57 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-10-29 23:57 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-10-29 23:57 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-10-29 23:57 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-10-20 02:00 . 2012-09-29 01:36 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C9D1E8BB-B9B8-45EC-8C3A-A45FA73167BC}\gapaengine.dll
2012-10-18 17:11 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-16 17:19 . 2012-10-16 23:24 -------- d-----w- C:\zzz_kies_stuff
2012-10-16 17:15 . 2012-09-20 04:35 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-10-16 17:15 . 2012-09-20 04:35 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-10-14 09:17 . 2012-10-14 09:17 -------- d-----w- c:\program files (x86)\Microsoft
2012-10-13 09:27 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-13 09:27 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-13 09:27 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-13 09:27 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-13 09:27 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-13 09:27 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-13 09:27 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-13 09:27 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-13 09:27 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-13 09:27 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-12 23:50 . 2012-10-12 23:50 -------- d-----w- c:\windows\CheckSur
2012-10-11 07:23 . 2012-10-31 08:49 -------- d-----w- C:\Temp
2012-10-10 02:06 . 2012-08-20 18:48 16384 ----a-w- c:\windows\system32\ntvdm64.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-26 13:25 . 2012-06-09 12:38 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-26 13:25 . 2012-06-09 12:38 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-29 01:36 . 2012-06-13 21:09 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-28 15:37 . 2012-09-28 15:37 221696 ----a-w- c:\windows\system32\clinfo.exe
2012-09-28 15:36 . 2012-09-28 15:36 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-09-28 15:36 . 2012-09-28 15:36 65536 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-09-28 15:36 . 2012-09-28 15:36 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-09-28 15:36 . 2012-09-28 15:36 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-09-28 15:36 . 2012-09-28 15:36 32635904 ----a-w- c:\windows\system32\amdocl64.dll
2012-09-28 15:32 . 2012-09-28 15:32 27341824 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-09-28 02:23 . 2012-09-28 02:23 5557928 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-09-28 02:21 . 2012-09-28 02:21 10697216 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-09-28 02:05 . 2012-09-28 02:05 70144 ----a-w- c:\windows\system32\coinst_9.002.dll
2012-09-28 02:03 . 2012-09-28 02:03 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-09-28 02:02 . 2012-09-28 02:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-09-28 02:02 . 2012-09-28 02:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-09-28 02:02 . 2012-09-28 02:02 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-09-28 02:02 . 2012-09-28 02:02 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-09-28 02:02 . 2012-09-28 02:02 16082432 ----a-w- c:\windows\system32\aticaldd64.dll
2012-09-28 01:59 . 2012-09-28 01:59 23825920 ----a-w- c:\windows\system32\atio6axx.dll
2012-09-28 01:57 . 2012-09-28 01:57 13703168 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-09-28 01:43 . 2011-04-20 01:09 935424 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-09-28 01:41 . 2012-04-06 02:20 1120768 ----a-w- c:\windows\system32\aticfx64.dll
2012-09-28 01:41 . 2012-09-28 01:41 19624960 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-09-28 01:39 . 2012-04-06 02:13 6536192 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-09-28 01:39 . 2012-09-28 01:39 442368 ----a-w- c:\windows\system32\atidemgy.dll
2012-09-28 01:39 . 2012-09-28 01:39 538112 ----a-w- c:\windows\system32\atieclxx.exe
2012-09-28 01:38 . 2012-09-28 01:38 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-09-28 01:36 . 2012-09-28 01:36 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-09-28 01:36 . 2012-09-28 01:36 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-09-28 01:36 . 2012-09-28 01:36 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-09-28 01:36 . 2012-09-28 01:36 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-09-28 01:31 . 2012-04-06 01:34 3127296 ----a-w- c:\windows\system32\atiumd6a.dll
2012-09-28 01:25 . 2012-04-06 01:23 6704640 ----a-w- c:\windows\system32\atiumd64.dll
2012-09-28 01:22 . 2012-07-28 01:51 7167488 ----a-w- c:\windows\system32\atidxx64.dll
2012-09-28 01:22 . 2012-09-28 01:22 2691584 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-09-28 01:13 . 2012-09-28 01:13 595456 ----a-w- c:\windows\system32\atiadlxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 405504 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-09-28 01:13 . 2012-09-28 01:13 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-09-28 01:13 . 2012-09-28 01:13 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-09-28 01:13 . 2012-09-28 01:13 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-09-28 01:12 . 2012-09-28 01:12 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-09-28 01:12 . 2012-09-28 01:12 460288 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-09-28 01:12 . 2012-09-28 01:12 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-09-28 01:11 . 2011-04-20 00:21 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-09-28 01:11 . 2012-04-06 01:09 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-09-28 01:11 . 2011-04-20 00:21 103424 ----a-w- c:\windows\system32\atiu9p64.dll
2012-09-28 01:10 . 2012-09-28 01:10 82944 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-09-28 01:09 . 2012-09-28 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-09-28 00:18 . 2012-06-08 11:32 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-09-26 19:57 . 2012-07-20 14:28 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-09-26 19:57 . 2012-07-20 15:15 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-09-24 22:16 . 2012-09-04 20:02 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-20 15:02 . 2012-09-20 15:02 1832760 ----a-w- c:\windows\system32\LogiLDA.DLL
2012-09-04 20:02 . 2012-06-10 19:58 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-04 20:02 . 2012-06-10 19:58 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-30 21:03 . 2012-08-30 21:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 21:03 . 2012-03-20 19:44 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-24 11:15 . 2012-09-23 02:00 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-23 02:00 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-23 02:00 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-23 02:00 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-23 02:00 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-23 02:00 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-23 02:00 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-23 02:00 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-23 02:00 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-23 02:00 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-23 02:00 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-23 02:00 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-23 02:00 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-23 02:00 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-23 02:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-23 02:00 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-23 02:00 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-23 02:00 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-23 02:00 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-23 02:00 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-23 02:00 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-23 02:00 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 07:58 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 07:58 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 07:58 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 07:58 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-25 18:32 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 17:38 . 2012-10-13 09:28 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Ditto"="c:\program files\Ditto\Ditto.exe" [2012-01-03 1620480]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-07-17 39408]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-10-11 966072]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-10-11 842680]
"X1FileMonitor.exe"="c:\progra~2\X1\X1FileMonitor.exe" [2012-06-06 400024]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]
"MmDesignPartner.exe"="c:\program files (x86)\Mindjet\MindManager 10\MmDesignPartner.exe" [2012-02-27 13160]
"<NO NAME>"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-10-11 842680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" [2012-09-09 421888]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
c:\users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
X1 System Tray.lnk - c:\program files (x86)\X1\X1Systray.exe [2012-6-6 370840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Network Indicator.lnk - c:\program files (x86)\NetworkIndicator\NetworkIndicator.exe [2012-6-12 344064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R3 ALSysIO;ALSysIO;c:\users\Alec\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 Tunman0;Tunman0; [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-08 1255736]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-03-30 151656]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2012-03-12 190120]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-12 375208]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2012-04-02 15928]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys [2012-01-18 25632]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-01-24 18216]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{90EF4A5E-85DB-4825-96F5-1AB93C2A8EEB}]
2012-02-27 03:49 1409 ----a-r- c:\program files (x86)\Mindjet\MindManager 10\sys\MmInternetExplorerActiveSetup.vbs
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-08 14:18]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-08 14:18]
.
2012-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-163801654-3582672073-2290200179-1000Core.job
- c:\users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08 14:08]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-163801654-3582672073-2290200179-1000UA.job
- c:\users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-08 14:08]
.
2012-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-163801654-3582672073-2290200179-1001Core.job
- c:\users\Alec\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17 09:23]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-163801654-3582672073-2290200179-1001UA.job
- c:\users\Alec\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17 09:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2012-04-02 57928]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = file:///C:/Docs/My_Clients/Traigh/web/t1/t1/launch.html
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE:
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send Image To MindManager - c:\program files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/201
IE: Send Link To MindManager - c:\program files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/203
IE: Send Page To MindManager - c:\program files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/204
IE: Send Text To MindManager - c:\program files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll/202
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\0kzq9qdh.default\
FF - prefs.js: browser.startup.homepage - file:///C:/Docs/My_Clients/Traigh/web/t1/t1/launch.html
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-20941199.sys
SafeBoot-38931270.sys
SafeBoot-75327038.sys
AddRemove-Cardiffsoft ArchiveAssistXpress™_is1 - c:\program files (x86)\Cardiffsoft\ArchiveAssistXpress\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe ,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe ,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\X1\X1FileMonitor.exe
.
**************************************************************************
.
Completion time: 2012-11-06 00:44:17 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-06 00:44
.
Pre-Run: 194,411,483,136 bytes free
Post-Run: 194,457,554,944 bytes free
.
- - End Of File - - C781DBDE3589CD1FFB86C5DCBD17AE4F

OK and here is my log.txt from my XP Pro laptop:

ComboFix 12-11-05.03 - alec 6/Nov/2012 1:01.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3070.2241 [GMT 0:00]
Running from: c:\documents and settings\alec\Desktop\ComboFix.exe
AV: AVG Anti-Virus Business Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\alec\WINDOWS
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2012-10-06 to 2012-11-06 )))))))))))))))))))))))))))))))
.
.
2012-11-02 01:19 . 2012-11-02 01:19 -------- d-----w- c:\windows\Microsoft Antimalware
2012-11-01 12:01 . 2012-11-01 12:01 -------- d-----w- c:\program files\ESET
2012-10-31 12:24 . 2012-10-31 12:24 -------- d-----w- c:\documents and settings\alec\Application Data\SUPERAntiSpyware.com
2012-10-31 12:24 . 2012-10-31 12:25 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-31 12:24 . 2012-10-31 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-10-31 10:41 . 2012-10-31 10:41 -------- d-----w- c:\documents and settings\alec\Application Data\Malwarebytes
2012-10-31 10:41 . 2012-10-31 10:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-10-31 10:41 . 2012-10-31 10:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-31 10:41 . 2012-09-29 19:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-30 13:03 . 2012-10-30 13:03 -------- d-----w- c:\documents and settings\alec\Application Data\Sonic
2012-10-26 10:21 . 2012-11-06 00:01 -------- d-----w- C:\PSTs
2012-10-19 11:03 . 2012-10-19 11:03 53248 ----a-r- c:\documents and settings\alec\Application Data\Microsoft\Installer\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}\ARPPRODUCTICON.exe
2012-10-19 10:09 . 2012-01-16 10:06 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-10-19 10:08 . 2012-10-19 10:08 -------- d-----w- C:\Intel
2012-10-19 09:51 . 2009-08-07 08:49 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2012-10-19 09:51 . 2012-07-05 20:44 122168 ----a-w- c:\windows\system32\SynTPCo11.dll
2012-10-15 10:00 . 2012-10-15 10:00 -------- d-----w- c:\documents and settings\alec\Local Settings\Application Data\Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-05 15:03 . 2010-02-23 15:40 83912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-11-05 15:03 . 2010-02-23 15:40 52648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2012-11-05 15:03 . 2010-02-23 15:40 31144 ----a-w- c:\windows\system32\LMIport.dll
2012-11-05 15:03 . 2010-02-23 15:40 92072 ----a-w- c:\windows\system32\LMIinit.dll
2012-10-11 09:39 . 2012-04-18 09:38 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-11 09:39 . 2011-06-09 22:38 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 15:14 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec
2012-08-24 14:43 . 2011-07-11 00:14 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-08-24 13:53 . 2004-08-04 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:33 . 2004-08-04 12:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58 . 2004-08-03 22:59 2027520 ------w- c:\windows\system32\ntkrnlpa.exe
2011-12-21 07:24 . 2012-04-21 10:54 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\documents and settings\alec\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\documents and settings\alec\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\documents and settings\alec\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\documents and settings\alec\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ditto"="c:\program files\Ditto\Ditto.exe" [2010-12-23 831488]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-22 39408]
"X1FileMonitor.exe"="c:\progra~1\X1\X1FileMonitor.exe" [2012-06-06 400024]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"="TpShocks.exe" [2012-06-21 180224]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2012-04-12 3662400]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-14 487424]
"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"AMSG"="c:\progra~1\THINKV~1\AMSG\amsg.exe" [2009-09-03 436800]
"AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-01-09 868352]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2009-12-01 256576]
"TPFNF7"="c:\progra~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2010-03-26 62312]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2011-10-20 433216]
"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2011-10-20 191552]
"TP4EX"="tp4ex.exe" [2005-10-17 65536]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-13 110592]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"LenovoAutoScrollUtility"="c:\program files\Lenovo\VIRTSCRL\virtscrl.exe" [2011-10-20 101440]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"Everything"="c:\program files\Everything\Everything-1.2.1.451a.exe" [2009-11-24 760320]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-02-02 122940]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-18 421888]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2012-07-05 2342200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start AVG | Free Uninstall Survey" [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\alec\Start Menu\Programs\Startup\
X1 System Tray.lnk - c:\program files\X1\X1Systray.exe [2012-6-6 370840]
X1.lnk - c:\program files\X1\X1.exe [2012-6-6 903832]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
NETGEAR WNDA3100v2 Smart Wizard.lnk - c:\program files\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2011-6-12 4577760]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-09-27 19:03 66328 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-11-05 15:03 92072 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2009-12-01 13:41 100104 ------w- c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\utorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\alec\\Desktop\\utorrent.exe"=
"c:\\Program Files\\WinSCP\\WinSCP.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\alec\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgwdsvc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*isabled:Windows Remote Management
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/Apr/2012 03:50 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [11/Jul/2011 00:13 31952]
R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [22/Jan/2010 03:29 24264]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [28/Dec/2011 05:40 22344]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [11/Jul/2011 00:13 237408]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11/Jul/2011 00:14 301920]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [01/Apr/2010 17:55 13680]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/Jul/2011 16:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/Jul/2011 21:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11/Jul/2012 18:54 116608]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [14/Feb/2012 03:53 193288]
R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [22/Jan/2010 03:29 280640]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [20/Apr/2011 21:37 109728]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [25/Jul/2012 09:44 12184]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\HOTKEY\cammute.exe [01/Apr/2010 17:55 54632]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [29/Sep/2010 17:50 374704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11/Aug/2008 12:41 12856]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [31/Oct/2012 10:43 399432]
R2 OrangeMobileBroadband_Service;OrangeMobileBroadband_Service;c:\program files\OrangeMobileBroadband\OrangeMobileBroadband_Service.exe [25/Jan/2011 17:14 333264]
R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.exe [22/Jan/2010 03:29 1645568]
R2 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\ThinkPad\Utilities\PWMEWSVC.exe [09/Jun/2011 22:36 1664064]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [02/Oct/2012 12:13 3064000]
R2 smihlp2;SMI Helper Driver (smihlp2);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [13/Mar/2009 14:47 12560]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22/Apr/2011 12:21 92592]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\Lenovo\HOTKEY\tphkload.exe [30/Sep/2012 12:27 131432]
R2 TPHKSVC;On Screen Display;c:\program files\Lenovo\HOTKEY\TPHKSVC.exe [30/Sep/2012 12:27 142696]
R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [14/May/2008 16:25 520192]
R2 WTGService;WTGService;c:\program files\InternetEverywhere\WTGService.exe [19/Dec/2010 17:10 308688]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [31/Oct/2012 10:41 22856]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [11/Dec/2010 17:36 6609920]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [22/Feb/2008 15:54 37312]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\Lenovo\HOTKEY\micmute.exe [30/Sep/2012 12:27 101736]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [31/Oct/2012 10:41 676936]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [07/Jun/2012 18:12 160944]
S2 WSWNDA3100;WSWNDA3100;c:\program files\NETGEAR\WNDA3100v2\WifiSvc.exe [12/Jun/2011 22:38 272864]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [12/Jun/2011 22:38 642432]
S3 CH341ENUM;CH341ENUM;c:\windows\system32\drivers\CH34Enum.sys [27/May/2011 00:26 17664]
S3 CH341SER;CH341SER;c:\windows\system32\drivers\CH341SER.SYS [27/May/2011 00:26 39632]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18/Dec/2009 09:58 11336]
S3 ewsercd;Huawei DataCard USB Serial Port;c:\windows\system32\drivers\ewsercd.sys [25/Jan/2011 23:21 100224]
S3 FSDFU;FSDFU;c:\windows\system32\drivers\fsdfu.sys [15/Apr/2011 12:29 10433]
S3 GTUHSBUS;GT UHS BUS;c:\windows\system32\drivers\gtuhsbus.sys [19/Dec/2010 17:10 66560]
S3 GTUHSNDISIPXP;GT UHS IP NDIS;c:\windows\system32\drivers\gtuhs51.sys [19/Dec/2010 17:10 107520]
S3 GTUHSSER;GT UHS SER;c:\windows\system32\drivers\gtuhsser.sys [19/Dec/2010 17:10 8064]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [02/Sep/2011 06:31 42648]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [02/Sep/2011 06:31 12184]
S4 Hwsl2vic;Hwsl2vic; [x]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-05 c:\windows\Tasks\AdobeAAMUpdater-1.0-ALEC08-alec.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-05-20 02:44]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-22 01:10]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-22 01:10]
.
2012-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-527237240-448539723-725345543-1003Core.job
- c:\documents and settings\alec\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-04 07:40]
.
2012-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-527237240-448539723-725345543-1003UA.job
- c:\documents and settings\alec\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-04 07:40]
.
2012-10-12 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:54]
.
2012-11-06 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2010-01-22 04:05]
.
2012-11-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 17f18bca-1a68-4687-8c5c-9f7f1c3651e3.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2012-11-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 46ee4301-baa1-43cb-bbc4-8b32836b328b.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
------- Supplementary Scan -------
.
uStart Page = file:///C:/Docs/My_Clients/Traigh/web/t1/t1/launch.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\documents and settings\alec\Application Data\Mozilla\Firefox\Profiles\cd1s817r.default\
FF - prefs.js: browser.startup.homepage - file:///C:/Docs/My_Clients/Traigh/web/t1/t1/launch.html
.
- - - - ORPHANS REMOVED - - - -
.
Notify-ACNotify - ACNotify.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-11-06 01:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SynTPEnh = %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe????????????????????????????????????????????????????????? ???????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe ,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1208)
c:\program files\ThinkPad\ConnectUtilities\ACNotify.dll
c:\program files\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\program files\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\program files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll
c:\program files\ThinkPad\ConnectUtilities\ACHelper.dll
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\LMIinit.dll
c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\program files\ThinkVantage Fingerprint Software\homefus2.dll
c:\program files\ThinkVantage Fingerprint Software\infql2.dll
c:\program files\ThinkVantage Fingerprint Software\homepass.dll
c:\program files\ThinkVantage Fingerprint Software\bio.dll
c:\program files\ThinkVantage Fingerprint Software\qlbase.dll
c:\program files\ThinkVantage Fingerprint Software\ps2css.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'lsass.exe'(1264)
c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
c:\program files\ThinkVantage Fingerprint Software\homefus2.dll
c:\program files\ThinkVantage Fingerprint Software\infql2.dll
.
- - - - - - - > 'explorer.exe'(5364)
c:\windows\system32\WININET.dll
c:\documents and settings\alec\Application Data\Dropbox\bin\DropboxExt.14.dll
c:\progra~1\X1\X1BandLoader.dll
c:\progra~1\X1\x1bandworker.dll
c:\progra~1\X1\x1icons2.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\IPSSVC.EXE
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\acs.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\LENOVO\HOTKEY\tposdsvc.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\lenovo\system update\suservice.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\system32\TpKmpSVC.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\program files\RealVNC\VNC4\WinVNC4.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\TpShocks.exe
c:\windows\system32\rundll32.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\rundll32.exe
c:\progra~1\ThinkPad\UTILIT~1\SCHTASK.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Synaptics\SynTP\SynTPLpr.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\progra~1\X1\X1Service.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\progra~1\X1\textExtractor.exe
.
**************************************************************************
.
Completion time: 2012-11-06 01:21:23 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-06 01:21
.
Pre-Run: 14,752,395,264 bytes free
Post-Run: 14,938,726,400 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 7C9DBE99147BA215530A3C42159406DE

Wait, I'm not sure if this is the same thing but here is c:\ComboFix.txt

attached