niknak

Hi Chiaz, The problem still exists, bbc website is in my favorites, still getting "address not valid". Very frustrating.

ActiveScan report ;*********************************************************************************************************************************************************************************** ANALYSIS: 2009-10-05 14:36:54 PROTECTIONS: 1 MALWARE: 2 SUSPECTS: 0 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== McAfee VirusScan Yes Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\dukestreet\AppData\Roaming\Microsoft\Windows\Cookies\Low\dukestreet@doubleclick[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\dukestreet\AppData\Roaming\Microsoft\Windows\Cookies\Low\dukestreet@atdmt[2].txt ;=================================================================================================================================================================================== SUSPECTS Sent Location ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description ;=================================================================================================================================================================================== ;===================================================================================================================================================================================

Combo part 2 ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-01-08 4363504] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-09-04 200704] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-17 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-17 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-17 145944] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-08-05 3563520] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-27 30192] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-10-04 206064] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "DLBUCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll" [2007-02-12 73728] "McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-07 1176808] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-17 442460] c:\users\dukestreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2008-11-27 18:54 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):1a,f8,fd,0e,63,43,ca,01 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{1DD613C3-3C4A-4143-BCEA-F9A2646D05AE}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent "{F6E47C6E-0421-407B-A658-1F2B99348884}"= c:\program files\CyberLink\PowerDVD DX\PowerDVD.exe:CyberLink PowerDVD DX "{D05775A0-CDF2-4541-82FF-1F88529EB7F1}"= c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:CyberLink PowerDVD DX Resident Program "{96BCD348-C6F3-4863-B773-7398ACC33951}"= UDP:c:\windows\System32\dlbucoms.exe:Photo AIO Printer 942 Server "{0021A7C6-F629-4653-A305-1E81BA201631}"= TCP:c:\windows\System32\dlbucoms.exe:Photo AIO Printer 942 Server "{F05F013B-2CE5-4EE4-8949-366CE1E74DA1}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{28E72F42-681E-4857-91ED-570BB1F9D29F}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{8D29ED83-13D7-4A55-8BA7-57ED96B70F0A}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{91B84198-84B6-45A5-91EC-C644002C0456}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{B559162F-7D30-4E2D-9909-7FF3F14B6FEE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{6D83D18B-ACA1-4050-9628-702F089AFB19}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{61258463-6E77-4383-A671-814033A75144}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "TCP Query User{4DD629E0-DA1B-4250-8813-39AF2F9EA3EA}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{CD91FF88-07A0-4808-B0A3-28D56B30CB84}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{3CDA6459-46F9-4DB7-B732-0997E5B6DAF0}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger "UDP Query User{DE95746C-6150-4862-B0B3-F0B8C8EB814A}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger "TCP Query User{88973BEB-ACF2-481F-92F6-B40DEFE72DD1}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{A344739E-6156-4511-9283-FFF0005E09E2}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{3B8567D6-9BBF-4189-8A75-0466D226E2B1}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver "UDP Query User{BE42E5FF-1EAA-4BCC-8648-F7BD007D61E3}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver R1 RapportKELL;RapportKELL;c:\program files\Trusteer\Rapport\bin\RapportKELL.sys [03/09/2009 18:34 58856] R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [03/09/2009 18:34 333928] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\AEstSrv.exe [27/11/2008 21:23 73728] R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [24/09/2008 05:09 155648] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [16/02/2009 09:51 210216] R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [03/09/2009 18:34 967912] R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?] S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [27/11/2008 19:48 30192] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . Contents of the 'Scheduled Tasks' folder 2009-06-08 c:\windows\Tasks\DriverCure.job - c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-04-26 12:44] 2008-11-27 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-15 20:26] 2008-11-27 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-15 20:26] 2009-10-02 c:\windows\Tasks\ParetoLogic Registration.job - c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59] 2009-06-08 c:\windows\Tasks\ParetoLogic Update Version2.job - c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59] . . ------- Supplementary Scan ------- . uStart Page = hxxp://uk.yahoo.com/ uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s Trusted Zone: internet Trusted Zone: mcafee.com . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-10-05 13:16 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run DLBUCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... c:\users\DUKEST~1\AppData\Local\Temp\catchme.dll 53248 bytes executable scan completed successfully hidden files: 1 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(6368) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\program files\Trusteer\Rapport\bin\rooksbas.dll . Completion time: 2009-10-05 13:18 ComboFix-quarantined-files.txt 2009-10-05 12:18 ComboFix2.txt 2009-10-05 06:48 ComboFix3.txt 2009-10-04 15:04 Pre-Run: 192,748,445,696 bytes free Post-Run: 192,710,410,240 bytes free Current=1 Default=1 Failed=0 LastKnownGood=7 Sets=1,2,3,4,5,6,7 259 --- E O F --- 2009-10-03 07:00

Combo report : - ComboFix 09-10-04.01 - dukestreet 05/10/2009 13:10.3.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3034.1599 [GMT 1:00] Running from: c:\users\dukestreet\Downloads\ComboFix.exe Command switches used :: c:\users\dukestreet\Desktop\CFScript.lnk SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Resident AV is active . ((((((((((((((((((((((((( Files Created from 2009-09-05 to 2009-10-05 ))))))))))))))))))))))))))))))) . 2009-10-05 12:16 . 2009-10-05 12:16 -------- d-----w- c:\users\dukestreet\AppData\Local\temp 2009-10-05 12:16 . 2009-10-05 12:16 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-10-05 12:16 . 2009-10-05 12:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-10-04 14:41 . 2009-10-04 14:41 -------- d-----w- c:\users\dukestreet\AppData\Roaming\Malwarebytes 2009-10-04 14:41 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-04 14:41 . 2009-10-04 14:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-04 14:41 . 2009-10-04 14:41 -------- d-----w- c:\programdata\Malwarebytes 2009-10-04 14:41 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-03 07:12 . 2009-10-03 07:19 -------- dc----w- c:\windows\system32\DRVSTORE 2009-10-03 07:02 . 2009-10-03 07:02 -------- d-----w- c:\program files\Trend Micro 2009-10-03 07:00 . 2009-10-01 09:29 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-10-02 16:28 . 2009-10-05 11:42 -------- d-----w- c:\program files\Privacy and Registry Cleaner 2009-10-02 15:29 . 2009-10-02 15:29 -------- d-----w- c:\users\dukestreet\AppData\Local\Mozilla 2009-10-02 13:13 . 2009-10-02 13:14 -------- d-----w- c:\windows\system32\ca-ES 2009-10-02 13:13 . 2009-10-02 13:14 -------- d-----w- c:\windows\system32\eu-ES 2009-10-02 13:13 . 2009-10-02 13:14 -------- d-----w- c:\windows\system32\vi-VN 2009-10-02 12:43 . 2009-04-11 06:28 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll 2009-10-02 12:42 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll 2009-10-02 12:42 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2009-10-02 12:42 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2009-10-02 12:42 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2009-10-02 09:26 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2009-10-02 09:26 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-10-02 09:26 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-10-02 09:26 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-10-02 09:26 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2009-10-02 09:26 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-10-02 09:26 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-10-02 09:26 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-10-02 09:26 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2009-10-02 08:34 . 2009-10-02 08:34 -------- d-----w- c:\program files\AVG 2009-10-02 08:34 . 2009-10-02 08:34 -------- d-----w- c:\programdata\avg8 2009-10-02 07:40 . 2009-10-02 07:52 -------- d-----w- c:\program files\Free Window Registry Repair 2009-10-02 07:01 . 2009-10-02 07:01 -------- d-----w- c:\programdata\Yahoo! Companion 2009-10-01 17:00 . 2009-10-02 07:02 -------- d-----w- c:\program files\RegistryFix8 2009-09-30 10:32 . 2009-10-02 09:17 -------- d-----w- C:\4db11413268c14deff0971ae5ac8 2009-09-09 13:37 . 2009-09-09 13:37 -------- d-----w- c:\users\dukestreet\AppData\Roaming\Trusteer 2009-09-09 13:37 . 2009-09-09 13:37 -------- d-----w- c:\programdata\Trusteer 2009-09-09 13:37 . 2009-09-09 13:37 -------- d-----w- c:\program files\Trusteer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-03 15:01 . 2008-11-27 18:43 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-10-03 11:55 . 2009-01-09 16:36 -------- d-----w- c:\program files\dl_Cats 2009-10-03 07:12 . 2008-11-27 18:53 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-10-02 13:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-10-02 09:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\Reference Assemblies 2009-10-02 09:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild 2009-10-02 09:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games 2009-09-17 13:47 . 2009-09-17 13:47 4453282 ----a-w- c:\programdata\SPL7EE9.tmp 2009-09-09 18:31 . 2009-01-12 12:49 -------- d-----w- c:\programdata\Microsoft Help 2009-09-03 14:14 . 2009-09-03 14:14 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-08-29 00:27 . 2009-09-03 02:03 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-08-29 00:14 . 2009-09-03 02:03 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-08-14 16:27 . 2009-09-09 09:49 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-08-14 15:53 . 2009-09-09 09:49 17920 ----a-w- c:\windows\system32\netevent.dll 2009-08-14 13:49 . 2009-09-09 09:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-08-14 13:49 . 2009-09-09 09:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-08-14 13:49 . 2009-09-09 09:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-08-14 13:49 . 2009-09-09 09:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-08-14 13:49 . 2009-09-09 09:49 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-08-14 13:49 . 2009-09-09 09:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-08-14 13:49 . 2009-09-09 09:49 10240 ----a-w- c:\windows\system32\finger.exe 2009-08-14 13:48 . 2009-09-09 09:49 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-08-14 13:48 . 2009-09-09 09:49 105984 ----a-w- c:\windows\system32\netiohlp.dll 2009-08-03 14:07 . 2009-08-03 14:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll 2009-08-03 14:07 . 2009-08-03 14:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll 2009-08-03 14:07 . 2009-08-03 14:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe 2009-07-21 21:52 . 2009-07-29 07:25 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-07-29 07:25 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-07-29 07:25 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-07-29 07:25 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-17 13:54 . 2009-08-13 08:43 71680 ----a-w- c:\windows\system32\atl.dll 2009-07-16 11:32 . 2008-11-27 18:49 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys 2009-07-15 12:40 . 2009-08-13 08:42 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-07-15 12:39 . 2009-08-13 08:42 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-15 12:39 . 2009-08-13 08:42 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-15 12:39 . 2009-08-13 08:42 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-07-11 19:01 . 2009-09-09 09:49 513536 ----a-w- c:\windows\system32\wlansvc.dll 2009-07-11 19:01 . 2009-09-09 09:49 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-07-11 19:01 . 2009-09-09 09:49 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-07-11 19:01 . 2009-09-09 09:49 65024 ----a-w- c:\windows\system32\wlanapi.dll 2009-07-11 17:03 . 2009-09-09 09:49 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2009-07-08 14:13 . 2009-07-08 14:13 720300 ----a-w- c:\programdata\SPL3895.tmp 2009-07-08 12:44 . 2008-11-27 18:49 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2009-07-08 12:44 . 2008-11-27 18:49 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys 2009-07-08 12:44 . 2008-11-27 18:49 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2009-07-08 12:44 . 2008-11-27 18:49 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2009-07-08 12:43 . 2008-11-27 18:49 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys 2008-11-27 20:10 . 2008-11-27 20:09 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((( SnapShot@2009-10-04_15.03.20 ))))))))))))))))))))))))))))))))))))))))) . + 2008-01-21 01:58 . 2009-10-05 11:31 47584 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:05 . 2009-10-05 11:31 67892 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2009-01-09 17:03 . 2009-10-04 15:03 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-01-09 17:03 . 2009-10-05 12:16 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-01-09 17:03 . 2009-10-05 12:16 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-01-09 17:03 . 2009-10-04 15:03 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-01-09 17:03 . 2009-10-05 12:16 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-01-09 17:03 . 2009-10-04 15:03 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-01-10 10:41 . 2009-10-05 06:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-01-10 10:41 . 2009-10-02 12:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-01-10 10:41 . 2009-10-05 06:52 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-01-10 10:41 . 2009-10-02 12:52 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-01-10 10:41 . 2009-10-05 06:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-01-10 10:41 . 2009-10-02 12:52 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-01-09 17:07 . 2009-10-05 11:31 9296 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3914775888-4088661394-887693425-1000_UserData.bin + 2009-10-05 07:01 . 2009-10-05 07:01 5148 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\D85350C5E0A1299BEB084ED15F14D40BD7FC6C58\D85350C5E0A1299BEB084ED15F14D40BD7FC6C58\Data.dat + 2009-10-05 07:19 . 2009-10-05 07:19 4798 c:\windows\System32\config\systemprofile\AppData\Roaming\SACore\Cache\DA39A3EE5E6B4B0D3255BFEF95601890AFD80709\4A2A30891E570CC07B14854E120DFAE4CB6520E1\4A2A30891E570CC07B14854E120DFAE4CB6520E1\Data.dat - 2009-10-04 14:15 . 2009-10-04 14:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-10-05 11:29 . 2009-10-05 11:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-10-04 14:15 . 2009-10-04 14:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-10-05 11:29 . 2009-10-05 11:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2006-11-02 10:33 . 2009-10-04 14:22 600378 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-10-05 11:34 600378 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-10-04 14:22 105852 c:\windows\System32\perfc009.dat + 2006-11-02 10:33 . 2009-10-05 11:34 105852 c:\windows\System32\perfc009.dat - 2009-05-04 10:33 . 2009-10-04 14:17 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-05-04 10:33 . 2009-10-05 07:02 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat .

Pc is running quicker but still freezes and fails to bring up relevant page, e.g. i type in AOL.com - Welcome to AOL and it goes to a yahoo search page. Registry error i mentioned in last post has gone however. i have no vista disk.

Hi, im also getting an error message if i try to open anything from the start menu "Illegal operation attempted on a registry key that has been marked for deletion"

------- Supplementary Scan ------- . uStart Page = hxxp://uk.yahoo.com/ uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s Trusted Zone: internet Trusted Zone: mcafee.com . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-10-05 07:46 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run DLBUCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(1696) c:\program files\McAfee\SiteAdvisor\saHook.dll c:\program files\Trusteer\Rapport\bin\rooksbas.dll . Completion time: 2009-10-05 7:48 ComboFix-quarantined-files.txt 2009-10-05 06:48 ComboFix2.txt 2009-10-04 15:04 Pre-Run: 193,828,962,304 bytes free Post-Run: 193,829,801,984 bytes free Current=1 Default=1 Failed=0 LastKnownGood=7 Sets=1,2,3,4,5,6,7 246 --- E O F --- 2009-10-03 07:00

Hi Chiaz, Ok, sorry, i have removed the ask toolbar and now include the report again, thanks! ComboFix 09-10-04.01 - dukestreet 05/10/2009 7:39.2.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3034.1876 [GMT 1:00] Running from: c:\users\dukestreet\Downloads\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Resident AV is active . ((((((((((((((((((((((((( Files Created from 2009-09-05 to 2009-10-05 ))))))))))))))))))))))))))))))) . 2009-10-05 06:46 . 2009-10-05 06:46 -------- d-----w- c:\users\dukestreet\AppData\Local\temp 2009-10-05 06:46 . 2009-10-05 06:46 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-10-05 06:46 . 2009-10-05 06:46 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-10-04 14:41 . 2009-10-04 14:41 -------- d-----w- c:\users\dukestreet\AppData\Roaming\Malwarebytes 2009-10-04 14:41 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-04 14:41 . 2009-10-04 14:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-04 14:41 . 2009-10-04 14:41 -------- d-----w- c:\programdata\Malwarebytes 2009-10-04 14:41 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-03 07:12 . 2009-10-03 07:19 -------- dc----w- c:\windows\system32\DRVSTORE 2009-10-03 07:02 . 2009-10-03 07:02 -------- d-----w- c:\program files\Trend Micro 2009-10-03 07:00 . 2009-10-01 09:29 195440 ------w- c:\windows\system32\MpSigStub.exe 2009-10-02 16:28 . 2009-10-02 16:34 -------- d-----w- c:\program files\Privacy and Registry Cleaner 2009-10-02 15:29 . 2009-10-02 15:29 -------- d-----w- c:\users\dukestreet\AppData\Local\Mozilla 2009-10-02 13:13 . 2009-10-02 13:14 -------- d-----w- c:\windows\system32\ca-ES 2009-10-02 13:13 . 2009-10-02 13:14 -------- d-----w- c:\windows\system32\eu-ES 2009-10-02 13:13 . 2009-10-02 13:14 -------- d-----w- c:\windows\system32\vi-VN 2009-10-02 12:43 . 2009-04-11 06:28 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll 2009-10-02 12:42 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll 2009-10-02 12:42 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2009-10-02 12:42 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2009-10-02 12:42 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2009-10-02 09:26 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2009-10-02 09:26 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-10-02 09:26 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-10-02 09:26 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-10-02 09:26 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2009-10-02 09:26 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-10-02 09:26 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-10-02 09:26 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-10-02 09:26 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2009-10-02 08:34 . 2009-10-02 08:34 -------- d-----w- c:\program files\AVG 2009-10-02 08:34 . 2009-10-02 08:34 -------- d-----w- c:\programdata\avg8 2009-10-02 07:40 . 2009-10-02 07:52 -------- d-----w- c:\program files\Free Window Registry Repair 2009-10-02 07:01 . 2009-10-02 07:01 -------- d-----w- c:\programdata\Yahoo! Companion 2009-10-01 17:00 . 2009-10-02 07:02 -------- d-----w- c:\program files\RegistryFix8 2009-09-30 10:32 . 2009-10-02 09:17 -------- d-----w- C:\4db11413268c14deff0971ae5ac8 2009-09-09 13:37 . 2009-09-09 13:37 -------- d-----w- c:\users\dukestreet\AppData\Roaming\Trusteer 2009-09-09 13:37 . 2009-09-09 13:37 -------- d-----w- c:\programdata\Trusteer 2009-09-09 13:37 . 2009-09-09 13:37 -------- d-----w- c:\program files\Trusteer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-03 15:01 . 2008-11-27 18:43 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-10-03 11:55 . 2009-01-09 16:36 -------- d-----w- c:\program files\dl_Cats 2009-10-03 07:12 . 2008-11-27 18:53 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-10-02 13:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-10-02 09:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\Reference Assemblies 2009-10-02 09:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild 2009-10-02 09:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games 2009-09-17 13:47 . 2009-09-17 13:47 4453282 ----a-w- c:\programdata\SPL7EE9.tmp 2009-09-09 18:31 . 2009-01-12 12:49 -------- d-----w- c:\programdata\Microsoft Help 2009-09-03 14:14 . 2009-09-03 14:14 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-08-29 00:27 . 2009-09-03 02:03 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-08-29 00:14 . 2009-09-03 02:03 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-08-14 16:27 . 2009-09-09 09:49 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-08-14 15:53 . 2009-09-09 09:49 17920 ----a-w- c:\windows\system32\netevent.dll 2009-08-14 13:49 . 2009-09-09 09:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-08-14 13:49 . 2009-09-09 09:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-08-14 13:49 . 2009-09-09 09:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-08-14 13:49 . 2009-09-09 09:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-08-14 13:49 . 2009-09-09 09:49 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-08-14 13:49 . 2009-09-09 09:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-08-14 13:49 . 2009-09-09 09:49 10240 ----a-w- c:\windows\system32\finger.exe 2009-08-14 13:48 . 2009-09-09 09:49 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-08-14 13:48 . 2009-09-09 09:49 105984 ----a-w- c:\windows\system32\netiohlp.dll 2009-08-03 14:07 . 2009-08-03 14:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll 2009-08-03 14:07 . 2009-08-03 14:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll 2009-08-03 14:07 . 2009-08-03 14:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe 2009-07-21 21:52 . 2009-07-29 07:25 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-07-29 07:25 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-07-29 07:25 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-07-29 07:25 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-17 13:54 . 2009-08-13 08:43 71680 ----a-w- c:\windows\system32\atl.dll 2009-07-16 11:32 . 2008-11-27 18:49 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys 2009-07-15 12:40 . 2009-08-13 08:42 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-07-15 12:39 . 2009-08-13 08:42 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-15 12:39 . 2009-08-13 08:42 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-15 12:39 . 2009-08-13 08:42 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-07-11 19:01 . 2009-09-09 09:49 513536 ----a-w- c:\windows\system32\wlansvc.dll 2009-07-11 19:01 . 2009-09-09 09:49 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-07-11 19:01 . 2009-09-09 09:49 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-07-11 19:01 . 2009-09-09 09:49 65024 ----a-w- c:\windows\system32\wlanapi.dll 2009-07-11 17:03 . 2009-09-09 09:49 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2009-07-08 14:13 . 2009-07-08 14:13 720300 ----a-w- c:\programdata\SPL3895.tmp 2009-07-08 12:44 . 2008-11-27 18:49 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2009-07-08 12:44 . 2008-11-27 18:49 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys 2009-07-08 12:44 . 2008-11-27 18:49 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2009-07-08 12:44 . 2008-11-27 18:49 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2009-07-08 12:43 . 2008-11-27 18:49 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys 2008-11-27 20:10 . 2008-11-27 20:09 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((( SnapShot@2009-10-04_15.03.20 ))))))))))))))))))))))))))))))))))))))))) . + 2008-01-21 01:58 . 2009-10-05 06:27 47584 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:05 . 2009-10-05 06:27 67884 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2009-01-09 17:03 . 2009-10-04 15:03 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-01-09 17:03 . 2009-10-05 06:46 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-01-09 17:03 . 2009-10-05 06:46 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-01-09 17:03 . 2009-10-04 15:03 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-01-09 17:03 . 2009-10-05 06:46 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-01-09 17:03 . 2009-10-04 15:03 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-01-09 17:07 . 2009-10-05 06:27 9296 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3914775888-4088661394-887693425-1000_UserData.bin - 2009-10-04 14:15 . 2009-10-04 14:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-10-05 06:25 . 2009-10-05 06:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-10-04 14:15 . 2009-10-04 14:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-10-05 06:25 . 2009-10-05 06:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2006-11-02 10:33 . 2009-10-05 06:32 600378 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-10-04 14:22 600378 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-10-05 06:32 105852 c:\windows\System32\perfc009.dat - 2006-11-02 10:33 . 2009-10-04 14:22 105852 c:\windows\System32\perfc009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-01-08 4363504] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-09-04 200704] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-17 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-17 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-17 145944] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-08-05 3563520] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-27 30192] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-10-04 206064] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "DLBUCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll" [2007-02-12 73728] "McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-07 1176808] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-17 442460] c:\users\dukestreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2008-11-27 18:54 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):1a,f8,fd,0e,63,43,ca,01 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{1DD613C3-3C4A-4143-BCEA-F9A2646D05AE}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent "{F6E47C6E-0421-407B-A658-1F2B99348884}"= c:\program files\CyberLink\PowerDVD DX\PowerDVD.exe:CyberLink PowerDVD DX "{D05775A0-CDF2-4541-82FF-1F88529EB7F1}"= c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:CyberLink PowerDVD DX Resident Program "{96BCD348-C6F3-4863-B773-7398ACC33951}"= UDP:c:\windows\System32\dlbucoms.exe:Photo AIO Printer 942 Server "{0021A7C6-F629-4653-A305-1E81BA201631}"= TCP:c:\windows\System32\dlbucoms.exe:Photo AIO Printer 942 Server "{F05F013B-2CE5-4EE4-8949-366CE1E74DA1}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{28E72F42-681E-4857-91ED-570BB1F9D29F}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{8D29ED83-13D7-4A55-8BA7-57ED96B70F0A}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{91B84198-84B6-45A5-91EC-C644002C0456}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{B559162F-7D30-4E2D-9909-7FF3F14B6FEE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{6D83D18B-ACA1-4050-9628-702F089AFB19}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "{61258463-6E77-4383-A671-814033A75144}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger "TCP Query User{4DD629E0-DA1B-4250-8813-39AF2F9EA3EA}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{CD91FF88-07A0-4808-B0A3-28D56B30CB84}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{3CDA6459-46F9-4DB7-B732-0997E5B6DAF0}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger "UDP Query User{DE95746C-6150-4862-B0B3-F0B8C8EB814A}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger "TCP Query User{88973BEB-ACF2-481F-92F6-B40DEFE72DD1}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{A344739E-6156-4511-9283-FFF0005E09E2}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{3B8567D6-9BBF-4189-8A75-0466D226E2B1}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver "UDP Query User{BE42E5FF-1EAA-4BCC-8648-F7BD007D61E3}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver R1 RapportKELL;RapportKELL;c:\program files\Trusteer\Rapport\bin\RapportKELL.sys [03/09/2009 18:34 58856] R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [03/09/2009 18:34 333928] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\AEstSrv.exe [27/11/2008 21:23 73728] R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [24/09/2008 05:09 155648] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [16/02/2009 09:51 210216] R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [03/09/2009 18:34 967912] R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?] S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [27/11/2008 19:48 30192] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . Contents of the 'Scheduled Tasks' folder 2009-06-08 c:\windows\Tasks\DriverCure.job - c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-04-26 12:44] 2008-11-27 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-15 20:26] 2008-11-27 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-15 20:26] 2009-10-02 c:\windows\Tasks\ParetoLogic Registration.job - c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59] 2009-06-08 c:\windows\Tasks\ParetoLogic Update Version2.job - c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59] . .

ComboFix 09-10-03.01 - dukestreet 04/10/2009 15:55.1.2 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3034.1710 [GMT 1:00]Running from: c:\users\dukestreet\Downloads\ComboFix.exeSP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Resident AV is active.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\$recycle.bin\S-1-5-21-2773397201-2855733099-4214572315-500c:\$recycle.bin\S-1-5-21-3914775888-4088661394-887693425-500c:\program files\QUAD Utilitiesc:\program files\QUAD Utilities\QUAD RegistryCleaner\program.logc:\program files\QUAD Utilities\QUAD RegistryCleaner\Styles\Vista.cjstylesc:\windows\system32\oem5.inf.((((((((((((((((((((((((( Files Created from 2009-09-04 to 2009-10-04 ))))))))))))))))))))))))))))))).2009-10-04 15:02 . 2009-10-04 15:02 -------- d-----w- c:\users\Default\AppData\Local\temp2009-10-04 14:41 . 2009-10-04 14:41 -------- d-----w- c:\users\dukestreet\AppData\Roaming\Malwarebytes2009-10-04 14:41 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2009-10-04 14:41 . 2009-10-04 14:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2009-10-04 14:41 . 2009-10-04 14:41 -------- d-----w- c:\programdata\Malwarebytes2009-10-04 14:41 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys2009-10-03 07:12 . 2009-10-03 07:19 -------- dc----w- c:\windows\system32\DRVSTORE2009-10-03 07:02 . 2009-10-03 07:02 -------- d-----w- c:\program files\Trend Micro2009-10-03 07:00 . 2009-10-01 09:29 195440 ------w- c:\windows\system32\MpSigStub.exe2009-10-02 16:28 . 2009-10-02 16:34 -------- d-----w- c:\program files\Privacy and Registry Cleaner2009-10-02 15:29 . 2009-10-02 15:29 -------- d-----w- c:\users\dukestreet\AppData\Local\Mozilla2009-10-02 13:13 . 2009-10-02 13:14 -------- d-----w- c:\windows\system32\ca-ES2009-10-02 13:13 . 2009-10-02 13:14 -------- d-----w- c:\windows\system32\eu-ES2009-10-02 13:13 . 2009-10-02 13:14 -------- d-----w- c:\windows\system32\vi-VN2009-10-02 12:43 . 2009-04-11 06:28 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll2009-10-02 12:42 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll2009-10-02 12:42 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll2009-10-02 12:42 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe2009-10-02 12:42 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll2009-10-02 09:26 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll2009-10-02 09:26 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe2009-10-02 09:26 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll2009-10-02 09:26 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll2009-10-02 09:26 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll2009-10-02 09:26 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll2009-10-02 09:26 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll2009-10-02 09:26 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll2009-10-02 09:26 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe2009-10-02 08:34 . 2009-10-02 08:34 -------- d-----w- c:\program files\AVG2009-10-02 08:34 . 2009-10-02 08:34 -------- d-----w- c:\programdata\avg82009-10-02 07:40 . 2009-10-02 07:52 -------- d-----w- c:\program files\Free Window Registry Repair2009-10-02 07:01 . 2009-10-02 07:01 -------- d-----w- c:\programdata\Yahoo! Companion2009-10-01 17:00 . 2009-10-02 07:02 -------- d-----w- c:\program files\RegistryFix82009-09-30 10:32 . 2009-10-02 09:17 -------- d-----w- C:\4db11413268c14deff0971ae5ac82009-09-09 13:37 . 2009-09-09 13:37 -------- d-----w- c:\users\dukestreet\AppData\Roaming\Trusteer2009-09-09 13:37 . 2009-09-09 13:37 -------- d-----w- c:\programdata\Trusteer2009-09-09 13:37 . 2009-09-09 13:37 -------- d-----w- c:\program files\Trusteer.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-10-03 15:01 . 2008-11-27 18:43 -------- d--h--w- c:\program files\InstallShield Installation Information2009-10-03 11:55 . 2009-01-09 16:36 -------- d-----w- c:\program files\dl_Cats2009-10-03 07:12 . 2008-11-27 18:53 -------- d-----w- c:\program files\Common Files\PX Storage Engine2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar2009-10-02 13:14 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery2009-10-02 13:14 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender2009-10-02 09:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\Reference Assemblies2009-10-02 09:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild2009-10-02 09:16 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games2009-09-17 13:47 . 2009-09-17 13:47 4453282 ----a-w- c:\programdata\SPL7EE9.tmp2009-09-09 18:31 . 2009-01-12 12:49 -------- d-----w- c:\programdata\Microsoft Help2009-09-03 14:14 . 2009-09-03 14:14 -------- d-----w- c:\programdata\Office Genuine Advantage2009-08-29 00:27 . 2009-09-03 02:03 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll2009-08-29 00:14 . 2009-09-03 02:03 28672 ----a-w- c:\windows\system32\Apphlpdm.dll2009-08-14 16:27 . 2009-09-09 09:49 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys2009-08-14 15:53 . 2009-09-09 09:49 17920 ----a-w- c:\windows\system32\netevent.dll2009-08-14 13:49 . 2009-09-09 09:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE2009-08-14 13:49 . 2009-09-09 09:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE2009-08-14 13:49 . 2009-09-09 09:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE2009-08-14 13:49 . 2009-09-09 09:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE2009-08-14 13:49 . 2009-09-09 09:49 19968 ----a-w- c:\windows\system32\ARP.EXE2009-08-14 13:49 . 2009-09-09 09:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE2009-08-14 13:49 . 2009-09-09 09:49 10240 ----a-w- c:\windows\system32\finger.exe2009-08-14 13:48 . 2009-09-09 09:49 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys2009-08-14 13:48 . 2009-09-09 09:49 105984 ----a-w- c:\windows\system32\netiohlp.dll2009-08-03 14:07 . 2009-08-03 14:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll2009-08-03 14:07 . 2009-08-03 14:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll2009-08-03 14:07 . 2009-08-03 14:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe2009-07-21 21:52 . 2009-07-29 07:25 915456 ----a-w- c:\windows\system32\wininet.dll2009-07-21 21:47 . 2009-07-29 07:25 109056 ----a-w- c:\windows\system32\iesysprep.dll2009-07-21 21:47 . 2009-07-29 07:25 71680 ----a-w- c:\windows\system32\iesetup.dll2009-07-21 20:13 . 2009-07-29 07:25 133632 ----a-w- c:\windows\system32\ieUnatt.exe2009-07-17 13:54 . 2009-08-13 08:43 71680 ----a-w- c:\windows\system32\atl.dll2009-07-16 11:32 . 2008-11-27 18:49 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys2009-07-15 12:40 . 2009-08-13 08:42 8147456 ----a-w- c:\windows\system32\wmploc.DLL2009-07-15 12:39 . 2009-08-13 08:42 313344 ----a-w- c:\windows\system32\wmpdxm.dll2009-07-15 12:39 . 2009-08-13 08:42 4096 ----a-w- c:\windows\system32\dxmasf.dll2009-07-15 12:39 . 2009-08-13 08:42 7680 ----a-w- c:\windows\system32\spwmp.dll2009-07-11 19:01 . 2009-09-09 09:49 513536 ----a-w- c:\windows\system32\wlansvc.dll2009-07-11 19:01 . 2009-09-09 09:49 293376 ----a-w- c:\windows\system32\wlanmsm.dll2009-07-11 19:01 . 2009-09-09 09:49 302592 ----a-w- c:\windows\system32\wlansec.dll2009-07-11 19:01 . 2009-09-09 09:49 65024 ----a-w- c:\windows\system32\wlanapi.dll2009-07-11 17:03 . 2009-09-09 09:49 127488 ----a-w- c:\windows\system32\L2SecHC.dll2009-07-08 14:13 . 2009-07-08 14:13 720300 ----a-w- c:\programdata\SPL3895.tmp2009-07-08 12:44 . 2008-11-27 18:49 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys2009-07-08 12:44 . 2008-11-27 18:49 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys2009-07-08 12:44 . 2008-11-27 18:49 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys2009-07-08 12:44 . 2008-11-27 18:49 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys2009-07-08 12:43 . 2008-11-27 18:49 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys2008-11-27 20:10 . 2008-11-27 20:09 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-01-08 4363504]"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-09-04 200704]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-17 150040]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-17 170520]"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-17 145944]"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-08-05 3563520]"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-27 30192]"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328]"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-10-04 206064]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]"DLBUCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll" [2007-02-12 73728]"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-07 1176808]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-17 442460]c:\users\dukestreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0)[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]2008-11-27 18:54 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]SetupExecute REG_MULTI_SZ \0[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]@=""[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]@=""[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]@="Service"[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]"VistaSp2"=hex(b):1a,f8,fd,0e,63,43,ca,01[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]"{1DD613C3-3C4A-4143-BCEA-F9A2646D05AE}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent"{F6E47C6E-0421-407B-A658-1F2B99348884}"= c:\program files\CyberLink\PowerDVD DX\PowerDVD.exe:CyberLink PowerDVD DX"{D05775A0-CDF2-4541-82FF-1F88529EB7F1}"= c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:CyberLink PowerDVD DX Resident Program"{96BCD348-C6F3-4863-B773-7398ACC33951}"= UDP:c:\windows\System32\dlbucoms.exe:Photo AIO Printer 942 Server"{0021A7C6-F629-4653-A305-1E81BA201631}"= TCP:c:\windows\System32\dlbucoms.exe:Photo AIO Printer 942 Server"{F05F013B-2CE5-4EE4-8949-366CE1E74DA1}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook"{28E72F42-681E-4857-91ED-570BB1F9D29F}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove"{8D29ED83-13D7-4A55-8BA7-57ED96B70F0A}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove"{91B84198-84B6-45A5-91EC-C644002C0456}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{B559162F-7D30-4E2D-9909-7FF3F14B6FEE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote"{6D83D18B-ACA1-4050-9628-702F089AFB19}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger"{61258463-6E77-4383-A671-814033A75144}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger"TCP Query User{4DD629E0-DA1B-4250-8813-39AF2F9EA3EA}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer"UDP Query User{CD91FF88-07A0-4808-B0A3-28D56B30CB84}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer"TCP Query User{3CDA6459-46F9-4DB7-B732-0997E5B6DAF0}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= UDP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger"UDP Query User{DE95746C-6150-4862-B0B3-F0B8C8EB814A}c:\\program files\\yahoo!\\messenger\\yahoomessenger.exe"= TCP:c:\program files\yahoo!\messenger\yahoomessenger.exe:Yahoo! Messenger"TCP Query User{88973BEB-ACF2-481F-92F6-B40DEFE72DD1}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer"UDP Query User{A344739E-6156-4511-9283-FFF0005E09E2}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer"TCP Query User{3B8567D6-9BBF-4189-8A75-0466D226E2B1}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver"UDP Query User{BE42E5FF-1EAA-4BCC-8648-F7BD007D61E3}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast AdverR1 RapportKELL;RapportKELL;c:\program files\Trusteer\Rapport\bin\RapportKELL.sys [03/09/2009 18:34 58856]R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [03/09/2009 18:34 333928]R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\AEstSrv.exe [27/11/2008 21:23 73728]R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [24/09/2008 05:09 155648]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [16/02/2009 09:51 210216]R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [03/09/2009 18:34 967912]R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [04/10/2009 15:41 38224]S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [27/11/2008 19:48 30192]--- Other Services/Drivers In Memory ---*NewlyCreated* - MBAMSWISSARMY[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12.Contents of the 'Scheduled Tasks' folder2009-06-08 c:\windows\Tasks\DriverCure.job- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-04-26 12:44]2008-11-27 c:\windows\Tasks\McDefragTask.job- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-15 20:26]2008-11-27 c:\windows\Tasks\McQcTask.job- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-15 20:26]2009-10-02 c:\windows\Tasks\ParetoLogic Registration.job- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]2009-06-08 c:\windows\Tasks\ParetoLogic Update Version2.job- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]..------- Supplementary Scan -------.uStart Page = hxxp://uk.yahoo.com/uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%sTrusted Zone: internetTrusted Zone: mcafee.comFF - ProfilePath - c:\users\dukestreet\AppData\Roaming\Mozilla\Firefox\Profiles\trxdbfhb.default\FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dllFF - plugin: c:\program files\Veetle\Player\npvlc.dllFF - plugin: c:\program files\Veetle\plugins\npVeetle.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-10-04 16:03Windows 6.0.6002 Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run DLBUCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.Completion time: 2009-10-04 16:04ComboFix-quarantined-files.txt 2009-10-04 15:04Pre-Run: 193,892,249,600 bytes freePost-Run: 193,901,031,424 bytes freeCurrent=1 Default=1 Failed=0 LastKnownGood=7 Sets=1,2,3,4,5,6,7237 --- E O F --- 2009-10-03 07:00

thanks for your help, here is the info you requested in two parts..:) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:59:13, on 03/10/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\system32\taskeng.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\DellTPad\Apntex.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = %s - Yahoo! Search Results R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [DLBUCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe -rem O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\aestsrv.exe O23 - Service: dlbu_device - - C:\Windows\system32\dlbucoms.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing) -- End of file - 10726 bytes

Here is the log thanks! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:59:13, on 03/10/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\system32\taskeng.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\DellTPad\Apntex.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskeng.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = %s - Yahoo! Search Results R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [DLBUCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLBUtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe -rem O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: http://*.mcafee.com O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\aestsrv.exe O23 - Service: dlbu_device - - C:\Windows\system32\dlbucoms.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_85b55258\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing) -- End of file - 10726 bytes

Hi, newbie here, hoping someone can help me out. Last couple of days Internet Explorer has been running slowly, some pages do not load at all, just a "http" in the address bar or "address not valid". Its really annoying and i can only assume its malware of some sort. Im running Mcafee on Vista, on a Dell Inspiron laptop. Im trying to avoid paid support from Dell who want £67 plus vat for a single issue. I have attempted to read up on this on the forums but if im honest im clueless and i dont want to attempt anything and then make the issue worse! Any help greatly greatly appreciated! Thanks!