Personal Antivirus

[rsmig29]

Hello,

My Dell Mini 9 (XP) cought a virus. I ran Combofix and HJT and these are the log files. Everything seems to be running fine know, however I need another opinion on this.  Your help is appreciated.

Combofix

ComboFix 09-12-11.05 - Habib 12/12/2009  19:00:43.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1014.621 [GMT -8:00]
Running from: c:\documents and settings\Habib\Desktop\rick.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Habib\Local Settings\Application Data\yjqetb
c:\documents and settings\Habib\Local Settings\Application Data\yjqetb\eunxsysguard.exe
c:\documents and settings\Habib\Start Menu\Programs\Startup\scandisk.dll
c:\documents and settings\Habib\Start Menu\Programs\Startup\scandisk.lnk
c:\recycler\S-1-5-21-803469907-3427563069-598470100-1006
c:\windows\system32\AVR10.exe
c:\windows\system32\critical_warning.html
c:\windows\system32\kohajawu.dll
c:\windows\system32\msmkkrqf.dll
c:\windows\system32\notepad.dll
c:\windows\system32\sofapohe.dll
c:\windows\system32\vidimofu.dll
c:\windows\system32\winhelper86.dll
c:\windows\system32\winlogon86.exe
c:\windows\system32\winupdate86.exe
c:\windows\system32\wlv4z5gv.dll

.
(((((((((((((((((((((((((   Files Created from 2009-11-13 to 2009-12-13  )))))))))))))))))))))))))))))))
.

2009-12-13 01:45 . 2009-12-13 01:45   8704   -c--a-w-   C:\ryiasu.exe
2009-12-13 01:45 . 2009-12-13 01:45   40960   -c--a-w-   C:\pdvwd.exe
2009-12-06 04:10 . 2009-12-06 04:10   --------   dc----w-   c:\program files\7-Zip
2009-12-06 02:43 . 2009-12-06 02:43   --------   dc----w-   C:\cabs
2009-11-25 16:45 . 2009-11-25 16:45   127325   -c--a-w-   c:\documents and settings\Habib\Application Data\Move Networks\uninstall.exe
2009-11-25 16:45 . 2009-11-26 02:33   --------   dc----w-   c:\documents and settings\Habib\Application Data\Move Networks
2009-11-19 18:11 . 2009-11-19 18:11   --------   dc----w-   c:\program files\Microsoft Synchronization Services
2009-11-19 18:11 . 2009-11-19 18:11   --------   dc----w-   c:\program files\Microsoft SQL Server Compact Edition
2009-11-19 18:02 . 2009-11-19 18:02   --------   dc----w-   c:\program files\Microsoft.NET
2009-11-19 18:00 . 2009-11-19 18:00   --------   dc----w-   c:\program files\Microsoft SDKs
2009-11-19 09:57 . 2009-11-19 18:18   --------   dc----w-   c:\program files\Microsoft SQL Server
2009-11-19 09:56 . 2009-11-19 18:09   193824   -c--a-w-   c:\documents and settings\All Users\Application Data\Microsoft\VBExpress\9.0\1033\ResourceCache.dll
2009-11-19 09:55 . 2009-11-19 18:08   416   -c--a-w-   c:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2009-11-19 09:54 . 2009-11-19 09:54   --------   dc----w-   c:\documents and settings\Habib\Local Settings\Application Data\Microsoft Help
2009-11-19 09:47 . 2009-11-19 18:11   --------   dc----w-   c:\program files\Microsoft Visual Studio 9.0
2009-11-19 09:47 . 2009-11-19 18:10   --------   dc----w-   c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-15 20:38 . 2009-11-15 21:43   --------   dc----w-   C:\cpp
2009-11-15 20:12 . 2009-11-15 20:14   --------   dc----w-   C:\Dev-Cpp
2009-11-14 20:12 . 2009-11-15 20:30   --------   dc----w-   c:\documents and settings\Habib\Application Data\Dev-Cpp

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-13 03:05 . 2008-12-14 22:54   --------   dc----w-   c:\program files\Dell Video Chat
2009-12-13 02:26 . 2009-08-30 05:48   --------   dc----w-   c:\program files\Malwarebytes' Anti-Malware
2009-12-13 01:56 . 2008-12-14 22:35   --------   dc----w-   c:\program files\Dell
2009-11-25 16:45 . 2009-08-13 19:21   4187512   -c--a-w-   c:\documents and settings\Habib\Application Data\Move Networks\plugins\npqmp071505000011.dll
2009-11-09 02:44 . 2009-11-09 02:30   --------   dc----w-   c:\program files\PerlEdit
2009-11-09 02:42 . 2009-09-13 16:20   --------   dc----w-   c:\documents and settings\Habib\Application Data\codeblocks
2009-11-03 18:50 . 2009-10-26 04:49   --------   dc----w-   c:\program files\Eraser
2009-11-02 05:10 . 2009-10-13 05:18   --------   dc----w-   c:\program files\ActiveState Komodo Edit 5
2009-10-31 04:34 . 2009-10-31 04:34   --------   dc----w-   c:\program files\Ss-Tools
2009-10-29 07:46 . 2008-04-25 20:33   832512   -c--a-w-   c:\windows\system32\wininet.dll
2009-10-29 07:46 . 2008-04-25 20:33   78336   -c--a-w-   c:\windows\system32\ieencode.dll
2009-10-29 07:46 . 2008-04-25 20:33   17408   -c--a-w-   c:\windows\system32\corpol.dll
2009-10-27 05:40 . 2008-12-31 02:36   --------   dc----w-   c:\program files\Yahoo!
2009-10-27 05:17 . 2009-10-26 03:50   --------   dc----w-   c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-26 04:11 . 2009-10-26 03:58   --------   dc----w-   c:\documents and settings\Habib\Application Data\Apple Computer
2009-10-26 03:58 . 2009-10-26 03:54   --------   dc----w-   c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-10-26 03:53 . 2009-10-26 03:53   --------   dc----w-   c:\program files\Bonjour
2009-10-26 03:46 . 2009-10-26 03:46   --------   dc----w-   c:\documents and settings\All Users\Application Data\Apple
2009-10-21 05:38 . 2008-04-25 20:33   75776   -c--a-w-   c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2008-04-25 20:33   25088   -c--a-w-   c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-14 00:23   265728   -c--a-w-   c:\windows\system32\drivers\http.sys
2009-10-19 05:23 . 2009-10-19 05:23   0   -c--a-w-   c:\windows\nsreg.dat
2009-10-15 20:59 . 2009-10-15 20:59   --------   dc----w-   c:\documents and settings\Habib\Application Data\MSNInstaller
2009-10-15 20:23 . 2009-09-17 04:33   144   -c--a-w-   c:\documents and settings\Habib\Application Data\wklnhst.dat
2009-10-15 05:09 . 2009-10-15 05:09   --------   dc----w-   c:\program files\TinyCAD
2009-10-15 05:02 . 2009-10-15 05:02   --------   dc----w-   c:\program files\Advanced Circuits
2009-10-15 05:02 . 2009-10-15 05:02   --------   dc----w-   c:\documents and settings\All Users\Application Data\PCB Artist
2009-10-15 05:02 . 2008-12-14 22:30   --------   dc-h--w-   c:\program files\InstallShield Installation Information
2009-10-13 10:30 . 2008-04-25 20:33   270336   -c--a-w-   c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2008-04-25 20:33   149504   -c--a-w-   c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2008-04-25 20:33   79872   -c--a-w-   c:\windows\system32\raschap.dll
2009-10-11 18:36 . 2009-10-11 18:36   987   -c--a-w-   c:\windows\gvimdiff.bat
2009-10-11 18:36 . 2009-10-11 18:36   987   -c--a-w-   c:\windows\gview.bat
2009-10-11 18:36 . 2009-10-11 18:36   987   -c--a-w-   c:\windows\evim.bat
2009-10-11 18:36 . 2009-10-11 18:36   979   -c--a-w-   c:\windows\gvim.bat
2009-10-11 18:36 . 2009-10-11 18:36   662   -c--a-w-   c:\windows\vimdiff.bat
2009-10-11 18:36 . 2009-10-11 18:36   662   -c--a-w-   c:\windows\view.bat
2009-10-11 18:36 . 2009-10-11 18:36   658   -c--a-w-   c:\windows\vim.bat
2009-10-11 18:36 . 2009-10-11 16:46   688   -c--a-w-   c:\windows\vimtutor.bat
2009-10-05 22:18 . 2009-10-05 22:18   353792   -c--a-w-   c:\windows\system32\pythoncom26.dll
2009-10-05 22:18 . 2009-10-05 22:18   107520   -c--a-w-   c:\windows\system32\pywintypes26.dll
2009-10-05 22:17 . 2009-10-05 22:17   1060864   -c--a-w-   c:\windows\system32\MFC71.dll
2009-10-05 22:17 . 2009-10-05 22:17   348160   -c--a-w-   c:\windows\system32\msvcr71.dll
2009-10-05 22:16 . 2009-10-05 22:16   2257408   -c--a-w-   c:\windows\system32\python26.dll
2009-09-24 17:55 . 2009-09-24 17:55   34192   -c--a-w-   c:\documents and settings\Habib\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2008-12-14 22:53 . 2008-12-14 22:53   75   -csh--r-   c:\windows\CT4CET.bin
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SightSpeed"="c:\program files\Dell Video Chat\DellVideoChat.exe" [2008-08-15 4812664]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-14 1343488]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-13 16876032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-14 137752]
"BTMeter"="c:\program files\Battery Meter\BTMeter.exe" [2008-07-11 537896]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-30 604776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter]
2009-06-03 21:46   206064   -c--a-w-   c:\program files\Dell Support Center\bin\sprtcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SightSpeed]
2008-08-15 21:03   4812664   -c--a-w-   c:\program files\Dell Video Chat\DellVideoChat.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-12-31 03:14   136600   -c--a-w-   c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLSS]
2008-07-11 20:15   492840   -c--a-w-   c:\program files\Wireless Select Switch\WLSS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"CiSvc"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\X\\xampp\\apache\\bin\\httpd.exe"=
"c:\\X\\xampp\\mysql\\bin\\mysqld.exe"=
"c:\\Program Files\\PerlEdit\\pe.exe"=
"c:\\Program Files\\Dell Video Chat\\DellVideoChat.exe"=

R0 EMSC;COMPAL Embedded System Control;c:\windows\system32\drivers\EMSC.sys [12/14/2008 2:29 PM 9856]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [12/14/2008 3:36 PM 93968]
R3 OA004Afx;Provides a software interface to control audio effects of OA004 camera.;c:\windows\system32\drivers\OA004Afx.sys [12/14/2008 3:36 PM 148056]
R3 OA004Ufd;Creative Camera OA004 Upper Filter Driver;c:\windows\system32\drivers\OA004Ufd.sys [12/14/2008 3:36 PM 144672]
R3 OA004Vid;Creative Camera OA004 Function Driver;c:\windows\system32\drivers\OA004Vid.sys [12/14/2008 3:36 PM 269760]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Habib\Application Data\Mozilla\Firefox\Profiles\qpktbm3w.default\
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\documents and settings\Habib\Application Data\Move Networks\plugins\npqmp071505000011.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

BHO-{457e5cea-4a8c-401c-a637-1a6145026291} - vidimofu.dll
BHO-{C5B24B16-23F2-41AD-F4E4-00ABC39C0004} - c:\windows\system32\wlv4z5gv.dll
HKCU-Run-oxsrnvre - c:\documents and settings\Habib\Local Settings\Application Data\yjqetb\eunxsysguard.exe
HKLM-Run-notepad - c:\windows\system32\notepad.dll
HKLM-Run-jvkphb - c:\windows\system32\msmkkrqf.dll
HKLM-Run-oxsrnvre - c:\documents and settings\Habib\Local Settings\Application Data\yjqetb\eunxsysguard.exe
HKLM-Run-gebogawuya - kohajawu.dll
SharedTaskScheduler-{C5B24B16-23F2-41AD-F4E4-00ABC39C0004} - c:\windows\system32\wlv4z5gv.dll
MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
MSConfigStartUp-mcagent_exe - c:\program files\McAfee.com\Agent\mcagent.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-12 19:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3572)
c:\windows\system32\WININET.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\netdde.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\wdfmgr.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Completion time: 2009-12-12  19:14:35 - machine was rebooted
ComboFix-quarantined-files.txt  2009-12-13 03:14

Pre-Run: 5,416,386,560 bytes free
Post-Run: 5,529,640,960 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 5C97FCC9E818B2E8C52C40BEF549F80E

HJT
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 7:59:50 PM, on 12/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Battery Meter\BTMeter.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0081214
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BTMeter] C:\Program Files\Battery Meter\BTMeter.exe
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKCU\..\Run: [SightSpeed] "C:\Program Files\Dell Video Chat\DellVideoChat.exe" -bootmode
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.1.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

--
End of file - 5217 bytes

[cat-bomb]

Welcome the Computer Hope message boards.

I have noticed you have not followed the guidelines set by Evilfantasy. Please follow the guidelines he has posted Here. After you have done them, a malware removal specialist such as Evilfantasy or CBMatt Will come shortly to assist you.