A friend of mine complained about his computer running slow. I ran anti-virus and anti-spyware and found nothing out of the ordinary. Any help would be greatly appricated.

Please copy and past logs.Do not attatch them...thanks.


Ok.Lets download ComboFix.exe. This will give me a better view to the files running and also hidden on your computer and also those in the registry..Please visit this webpage for downloading and instructions for running the tool:

Go here ======> A guide and tutorial on using ComboFix <====== Go here

Please ensure you read this guide carefully and install the Recovery Console first.This applies to XP Pro and XP Home users only.If you have SP3 installed you will need to use SP2.Do not use for Vista.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should get a prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:

(1) Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
(2) Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New HijackThis log.

Caution: Never run and remove files with Combofix unless supervised by a qualified security analyst who is experienced in the use of Combofix. Mal use can cause serious computer problems

NOTE: Combofix prevents autorun of all CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you - please let me know.

Sorry I took so long to get back to you. My friend was out of town.

ComboFix.txt
ComboFix 08-10-24.01 - Jon Varner 2008-10-24 14:33:38.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.184 [GMT -4:00]
Running from: J:\Antivirus, Firewall, & Spyware\Spyware Removers\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\RECYCLER\ADAPT_Installer.exe
C:\WINDOWS\system32\bmqbrjvv.ini
C:\WINDOWS\system32\cfcvileu.ini
C:\WINDOWS\system32\cgaqkiwb.ini
C:\WINDOWS\system32\dgtcsbem.ini
C:\WINDOWS\system32\dpgxfdvr.ini
C:\WINDOWS\system32\eqaxwldc.ini
C:\WINDOWS\system32\fuemausj.ini
C:\WINDOWS\system32\ibdnapjo.ini
C:\WINDOWS\system32\khvlbwyq.ini
C:\WINDOWS\system32\ktbptvqq.ini
C:\WINDOWS\system32\lcqykhnb.ini
C:\WINDOWS\system32\LoqsvGgh.ini
C:\WINDOWS\system32\LoqsvGgh.ini2
C:\WINDOWS\system32\mdm.exe
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nnbnooub.ini
C:\WINDOWS\system32\NnoYGPVw.ini
C:\WINDOWS\system32\NnoYGPVw.ini2
C:\WINDOWS\system32\orBLknmp.ini
C:\WINDOWS\system32\orBLknmp.ini2
C:\WINDOWS\system32\QAyIknnn.ini
C:\WINDOWS\system32\QAyIknnn.ini2
C:\WINDOWS\system32\qkheudur.ini
C:\WINDOWS\system32\reflbkka.ini
C:\WINDOWS\system32\sufotodo.ini
C:\WINDOWS\system32\tqdkbhte.ini
C:\WINDOWS\system32\uaipxmme.ini
C:\WINDOWS\system32\vmeorcot.ini
C:\WINDOWS\system32\yGfedccf.ini
C:\WINDOWS\system32\yGfedccf.ini2
C:\WINDOWS\system32\ypxcdaik.ini
C:\WINDOWS\system32\yqrkwear.ini
F:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-09-24 to 2008-10-24 )))))))))))))))))))))))))))))))
.

2008-10-24 12:27 . 2008-10-24 12:33 <DIR> d-------- C:\Program Files\Microsoft SQL Server
2008-10-24 11:39 . 2008-10-24 11:39 <DIR> d-------- C:\Program Files\Microsoft Works
2008-10-24 11:31 . 2008-10-24 12:36 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-10-24 11:18 . 2008-10-24 11:36 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-10-24 11:15 . 2008-10-24 13:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-10-24 11:13 . 2008-10-24 11:13 <DIR> dr-h----- C:\MSOCache
2008-10-20 00:38 . 2008-10-24 00:17 <DIR> d-------- C:\Program Files\LimeWire
2008-10-15 13:07 . 2008-08-14 06:11 2,189,184 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 13:07 . 2008-08-14 06:09 2,145,280 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 13:07 . 2008-08-14 05:33 2,066,048 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 13:07 . 2008-08-14 05:33 2,023,936 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-15 13:07 . 2008-09-15 08:12 1,846,400 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 13:07 . 2008-09-08 06:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-04 14:49 . 2008-10-04 14:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-10-04 08:41 . 2008-10-24 01:43 <DIR> d-------- C:\Documents and Settings\Jon Varner\Application Data\BearShare
2008-10-03 02:15 . 2008-10-03 02:15 <DIR> d-------- C:\Temp
2008-10-03 01:59 . 2007-08-01 22:47 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-10-03 00:43 . 2008-10-03 01:59 <DIR> d-------- C:\Documents and Settings\Default User\.housecall6.6
2008-10-03 00:26 . 2008-10-03 00:47 <DIR> d-------- C:\Documents and Settings\Jon Varner\.housecall6.6
2008-10-02 23:26 . 2008-10-02 23:26 <DIR> d-------- C:\rsit
2008-10-02 23:12 . 2008-10-02 23:12 <DIR> d-------- C:\Documents and Settings\Jon Varner\Application Data\Malwarebytes
2008-10-02 23:12 . 2008-10-02 23:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-24 17:34 . 2008-09-24 17:34 <DIR> d--hs---- C:\Documents and Settings\Jon Varner\PrivacIE
2008-09-24 17:23 . 2008-09-24 17:24 <DIR> d--h-c--- C:\WINDOWS\ie8

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-10-24 18:50 11,760,928 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-10-24 18:47 301,600 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-10-24 18:43 31,340 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-10-24 18:43 165,752 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-10-24 04:16 --------- d-----w C:\Documents and Settings\Jon Varner\Application Data\LimeWire
2008-10-23 03:34 --------- d-----w C:\Program Files\Pirate Poppers
2008-10-23 03:34 --------- d-----w C:\Documents and Settings\Jon Varner\Application Data\PlayFirst
2008-10-20 04:02 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-19 19:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-10-17 08:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-10-12 23:19 --------- d-----w C:\Program Files\Shockwave.com
2008-10-05 19:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2008-10-04 17:36 --------- d-----w C:\Program Files\Yahoo!
2008-10-04 17:33 --------- d-----w C:\Program Files\Windows Live
2008-10-04 12:40 --------- d-----w C:\Program Files\BearShare Applications
2008-09-28 03:26 --------- d-----w C:\Program Files\bfgclient
2008-09-17 20:53 --------- d-----w C:\Program Files\regclean
2008-09-14 13:23 --------- d-----w C:\Documents and Settings\Jon Varner\Application Data\regclean
2008-09-13 19:14 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-09-13 18:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-13 18:52 --------- d-----w C:\Program Files\GameTap
2008-09-13 18:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\GameTap
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-04 03:14 --------- d-----w C:\Documents and Settings\Jon Varner\Application Data\Yahoo!
2008-08-29 00:33 --------- d-----w C:\Program Files\PeerGuardian2
2008-08-24 19:37 --------- d-----w C:\Program Files\Google
2008-08-09 01:29 262,144 ----a-w C:\ntuser.dat
2008-02-27 23:48 0 -c--a-w C:\Program Files\temp01
1998-12-09 02:53 99,840 ----a-w C:\Program Files\Common Files\IRAABOUT.DLL
1998-12-09 02:53 70,144 ----a-w C:\Program Files\Common Files\IRAMDMTR.DLL
1998-12-09 02:53 48,640 -c--a-w C:\Program Files\Common Files\IRALPTTR.DLL
1998-12-09 02:53 31,744 -c--a-w C:\Program Files\Common Files\IRAWEBTR.DLL
1998-12-09 02:53 186,368 ----a-w C:\Program Files\Common Files\IRAREG.DLL
1998-12-09 02:53 17,920 -c--a-w C:\Program Files\Common Files\IRASRIAL.DLL
2008-07-22 06:36 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008071420080 721\index.dat
2008-07-22 06:36 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008072220080 723\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
2008-07-28 06:46 160496 --a------ C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInsta nce.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"Search Protection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"Messenger (Yahoo!)"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2008-09-19 4347120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-20 185896]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2008-02-08 227856]
"VTPreset"="VTPreset.exe" [2004-02-24 C:\WINDOWS\system32\VTPreset.exe]
"LTMSG"="LTMSG.exe" [2003-07-14 C:\WINDOWS\ltmsg.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-11-29 C:\WINDOWS\KHALMNPR.Exe]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-02-20 789008]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoBandCustomize"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-01-09 13:30 72208 c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
--a------ 2008-07-26 12:48 2468200 C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
.
Contents of the 'Scheduled Tasks' folder

2008-10-24 C:\WINDOWS\Tasks\RegClean Scheduled Scan.job
- C:\Documents and Settings\Jon Varner\My Documents\RegClean\RegClean.exe [2008-06-05 09:34]

2008-10-24 C:\WINDOWS\Tasks\RegClean Scheduled Scan.job
- C:\Documents and Settings\Jon Varner\My Documents\RegClean [2008-10-18 05:19]

2008-10-24 C:\WINDOWS\Tasks\User_Feed_Synchronization-{14BC561F-5695-4FAA-B766-4DE3CC54EFC4}.job
- C:\WINDOWS\system32\msfeedssync.exe [2008-08-22 03:05]
.
- - - - ORPHANS REMOVED - - - -

BHO-{13E26D0E-68BE-4282-9FF2-55DD02896398} - (no file)
BHO-{3cc44dd9-694a-4d00-ac0f-c9d8a20a93d9} - (no file)
BHO-{5E039BEE-CA1B-48D1-9F11-6EBF85E0DD60} - (no file)
BHO-{60601eca-87f6-4c6b-902b-a5741e1bc0cb} - (no file)
BHO-{85BB88D4-BE9B-4DBD-BAC7-3F2E3D858D8E} - (no file)
BHO-{9D2F1E28-377D-4888-B54D-EBD37F857842} - (no file)
BHO-{A1FD6805-7C5F-4122-9511-F9176405CA9A} - (no file)
BHO-{A39DFE53-7345-4822-B0CE-E96FB6EF8B03} - (no file)
BHO-{c19fba8d-14e2-40f9-a63b-ffefc3579278} - (no file)
BHO-{E90DC930-8800-46BD-8F14-46624C3472E2} - (no file)
Notify-fccBTjKE - fccBTjKE.dll


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Jon Varner\Application Data\Mozilla\Firefox\Profiles\im9716h1.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.yahoo.com/?fr=fptb-yff3
FF -: plugin - C:\Program Files\GameTap\bin\Release\npgametaptool.dll
FF -: plugin - C:\Program Files\Yahoo!\Shared\npYState.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-24 14:48:04
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\VCOM\Fix-It\MXTASK.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
C:\PROGRA~1\VCOM\Fix-It\MXTASK.exe
C:\WINDOWS\system32\wscntfy.exe
.
************************************************** ************************
.
Completion time: 2008-10-24 14:55:31 - machine was rebooted [Jon Varner]
ComboFix-quarantined-files.txt 2008-10-24 18:55:24

Pre-Run: 24,217,026,560 bytes free
Post-Run: 25,697,423,360 bytes free

213 --- E O F --- 2008-10-16 16:46:05


HijackThis.txt
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:05:25 PM, on 10/24/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
F:\PortableApps\PortableAppsMenu\PortableAppsMenu. exe
F:\PortableApps\FirefoxPortable\FirefoxPortable.ex e
F:\PortableApps\FirefoxPortable\App\firefox\firefo x.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInsta nce.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - (no file)
O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommo...ad/tgctlcm.cab
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} (TPIR Control) - http://www.worldwinner.com/games/v50/tpir/tpir.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47...familyfeud.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Fix-It Task Manager - V Communications, Inc. - C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 6791 bytes

Thats removed a lot of malware.You should be fine now.

This will clear away any of the files and folders that were created by ComboFix.

Go to :
Start > Run then copy and paste the following highlighted text below into the box and click OK.



ComboFix /u