(Luckily, I had saved all this info in a file, so I didn't have to rerun it. I bet that I just previewed the posting and didn't realize I hadn't actually submitted it.) Here is the info:
1. Combofix:
ComboFix 09-10-01.05 - Rebecca 10/02/2009 22:08.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.639.233 [GMT -5:00]
Running from: d:\documents and settings\Rebecca\Desktop\ComboFix.exe
Command switches used :: d:\documents and settings\Rebecca\Desktop\CFScript.txt
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.
((((((((((((((((((((((((( Files Created from 2009-09-03 to 2009-10-03 )))))))))))))))))))))))))))))))
.
2009-10-01 04:04 . 2009-10-01 20:42 -------- d-----w- d:\documents and settings\Rebecca\Application Data\.purple
2009-09-20 21:25 . 2009-09-20 21:25 -------- d-----w- d:\program files\Trend Micro
2009-09-08 20:36 . 2009-06-21 21:44 153088 -c----w- d:\windows\system32\dllcache\triedit.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-02 12:01 . 2009-06-30 03:01 -------- d-----w- d:\documents and settings\Leah\Application Data\WTablet
2009-10-02 03:11 . 2008-01-31 00:31 -------- d-----w- d:\documents and settings\All Users\Application Data\Google Updater
2009-09-28 23:41 . 2008-01-27 07:20 -------- d-----w- d:\documents and settings\Leah\Application Data\.purple
2009-09-28 22:05 . 2008-02-06 22:48 -------- d-----w- d:\documents and settings\Leah\Application Data\gtk-2.0
2009-09-25 03:39 . 2008-09-13 19:02 -------- d-----w- d:\program files\Common Files\SMART Technologies
2009-09-21 01:21 . 2008-10-29 02:54 -------- d-----w- d:\documents and settings\Rebecca\Application Data\U3
2009-09-18 02:16 . 2009-06-07 22:58 -------- d-----w- d:\program files\Microsoft Silverlight
2009-09-09 02:39 . 2008-07-03 14:07 81984 ----a-w- d:\windows\system32\bdod.bin
2009-08-29 20:04 . 2009-08-29 20:04 -------- d-----w- d:\documents and settings\Leah\Application Data\Malwarebytes
2009-08-22 20:36 . 2009-02-03 22:03 104456 ----a-w- d:\windows\system32\drivers\bdfndisf.sys
2009-08-18 01:11 . 2009-08-18 01:11 -------- d-----w- d:\documents and settings\All Users\Application Data\TEMP
2009-08-18 01:11 . 2009-08-18 01:11 -------- d-----w- d:\program files\SpywareBlaster
2009-08-18 00:54 . 2009-08-18 00:54 -------- d-----w- d:\documents and settings\Maggie Tika\Application Data\SMART Technologies
2009-08-14 18:44 . 2009-08-14 04:54 -------- d-----w- d:\documents and settings\Maggie Tika\Application Data\.purple
2009-08-14 04:58 . 2009-08-14 04:58 -------- d-----w- d:\documents and settings\Maggie Tika\Application Data\gtk-2.0
2009-08-12 03:01 . 2009-08-12 03:01 -------- d-----w- d:\documents and settings\Rebecca\Application Data\WTablet
2009-08-08 21:52 . 2009-05-06 02:26 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2009-08-08 21:44 . 2009-08-08 21:44 -------- d-----w- d:\documents and settings\Maggie Tika\Application Data\Malwarebytes
2009-08-08 21:23 . 2009-08-08 21:23 -------- d-----w- d:\documents and settings\Maggie Tika\Application Data\WTablet
2009-08-05 09:01 . 2002-06-25 21:42 204800 ----a-w- d:\windows\system32\mswebdvd.dll
2009-08-04 17:38 . 2008-03-08 20:44 -------- d-----w- d:\program files\Common Files\AOL
2009-08-03 18:36 . 2009-05-06 02:26 38160 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 18:36 . 2009-05-06 02:26 19096 ----a-w- d:\windows\system32\drivers\mbam.sys
2009-07-17 19:01 . 2002-06-25 21:36 58880 ----a-w- d:\windows\system32\atl.dll
2009-07-16 03:14 . 2009-07-15 18:46 291 ----a-w- d:\windows\PowerReg.dat
2009-07-12 17:21 . 2004-08-04 07:56 233472 ------w- d:\windows\system32\wmpdxm.dll
1996-09-06 22:32 . 2009-07-21 06:41 114195 ----a-w- d:\program files\MONKEY2.EXE
1996-08-09 16:15 . 2009-07-21 06:41 24904 ----a-w- d:\program files\SOUNBLAS.IMS
1996-08-09 16:15 . 2009-07-21 06:41 20736 ----a-w- d:\program files\ADLIB.IMS
1992-05-15 18:32 . 2009-07-21 06:41 20062 ----a-w- d:\program files\SPEAKER.IMS
1992-05-15 18:32 . 2009-07-21 06:41 18976 ----a-w- d:\program files\ROLAND.IMS
1992-05-14 20:55 . 2009-07-21 06:41 18976 ----a-w- d:\program files\ROL_336.IMS
1992-05-14 20:54 . 2009-07-21 06:41 18976 ----a-w- d:\program files\ROL_334.IMS
1992-05-14 20:54 . 2009-07-21 06:41 18976 ----a-w- d:\program files\ROL_332.IMS
1992-05-14 20:49 . 2009-07-21 06:41 18976 ----a-w- d:\program files\ROL_330.IMS
1992-03-02 00:39 . 2009-07-21 06:41 9080329 ----a-w- d:\program files\MONKEY2.001
1992-03-02 00:39 . 2009-07-21 06:41 11135 ----a-w- d:\program files\MONKEY2.000
2009-04-05 23:06 . 2008-10-30 22:34 49664 ----a-w- d:\program files\mozilla firefox\components\FFComm.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-10-01_03.42.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-26 23:16 . 2009-10-02 12:03 25214 d:\windows\Installer\{E58956AD-FB7D-470B-9B1D-BCE7803BCB65}\PeaceShieldIcon.exe
- 2008-01-26 23:16 . 2008-01-26 23:16 25214 d:\windows\Installer\{E58956AD-FB7D-470B-9B1D-BCE7803BCB65}\PeaceShieldIcon.exe
+ 2008-01-26 23:16 . 2009-10-02 12:03 34304 d:\windows\Installer\{E58956AD-FB7D-470B-9B1D-BCE7803BCB65}\Icon3829960D.exe
- 2008-01-26 23:16 . 2008-01-26 23:16 34304 d:\windows\Installer\{E58956AD-FB7D-470B-9B1D-BCE7803BCB65}\Icon3829960D.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-31 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mediafour Mac Volume Notifications"="d:\program files\Common Files\Mediafour\MACVNTFY.EXE" [2002-12-17 61440]
"MediafourGettingStartedWithMacDrive6"="d:\program files\Mediafour\MacDrive\MacDrive.exe" [2004-08-26 86016]
"MDDiskProtect.exe"="d:\program files\Mediafour\MacDrive\MDDiskProtect.exe" [2005-04-15 106496]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-11 39792]
"SunJavaUpdateSched"="d:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"BDAgent"="d:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-08-22 782336]
"BitDefender Antiphishing Helper"="d:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2009-04-05 69632]
d:\documents and settings\Leah\Start Menu\Programs\Startup\
PowerReg Scheduler.exe [2009-7-15 256000]
d:\documents and settings\All Users\Start Menu\Programs\Startup\
SMART Board Tools.lnk - d:\program files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe [2008-8-12 9618728]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MacDrive-iTunes compatibility]
2003-11-07 15:24 61440 ----a-r- d:\program files\Common Files\Mediafour\MacDriveiTunesPatch.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Messenger\\msmsgs.exe"=
"d:\\Program Files\\SMART Technologies\\SMART Board Drivers\\SMARTSNMPAgent.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R0 MDPMGRNT;MDPMGRNT;d:\windows\system32\drivers\MDPMGRNT.SYS [4/30/2006 9:57 AM 16640]
R1 MDFSYSNT;MDFSYSNT;d:\windows\system32\drivers\MDFSYSNT.SYS [6/16/2006 11:53 AM 212864]
R2 BDVEDISK;BDVEDISK;d:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [10/6/2008 5:16 PM 82696]
R2 TabletServicePen;TabletServicePen;d:\windows\system32\Pen_Tablet.exe [6/29/2009 10:00 PM 1373480]
R2 Viewpoint Manager Service;Viewpoint Manager Service;d:\program files\Viewpoint\Common\ViewpointService.exe [3/8/2008 3:46 PM 24652]
R3 bdfm;BDFM;d:\windows\system32\drivers\bdfm.sys [9/18/2008 11:09 AM 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;d:\windows\system32\drivers\bdfndisf.sys [2/3/2009 5:03 PM 104456]
S3 Arrakis3;BitDefender Arrakis Server;d:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [7/17/2008 12:06 PM 118784]
S3 ati2mpaa;ati2mpaa;d:\windows\system32\drivers\ati2mpaa.sys [1/26/2008 11:39 AM 281856]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service;d:\program files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe [7/31/2008 2:51 AM 1037608]
S3 SMART Web Server;SMART Web Server;d:\program files\SMART Technologies\SMART Board Drivers\WebServer.exe [7/31/2008 2:50 AM 1205544]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - 032EA6C7
*NewlyCreated* - B20438B4
*Deregistered* - 032ea6c7
*Deregistered* - b20438b4
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
Contents of the 'Scheduled Tasks' folder
2009-10-03 d:\windows\Tasks\Google Software Updater.job
- d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-31 12:58]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/IE: &Search
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Rebecca\Application Data\Mozilla\Firefox\Profiles\0wky5sab.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com/igFF - component: d:\program files\Mozilla Firefox\components\FFComm.dll
FF - plugin: d:\documents and settings\Leah\Application Data\Move Networks\plugins\npqmp071503000010.dll
FF - plugin: d:\progra~1\SONYON~1\npsoe.dll
FF - plugin: d:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: d:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
.
- - - - ORPHANS REMOVED - - - -
ShellIconOverlayIdentifiers-Mediafour Mac Volume Icons - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-10-02 22:20
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(916)
d:\program files\Common Files\Mediafour\MacDriveiTunesPatch.dll
- - - - - - - > 'winlogon.exe'(3688)
d:\program files\Common Files\Mediafour\MacDriveiTunesPatch.dll
- - - - - - - > 'explorer.exe'(3568)
d:\windows\system32\WININET.dll
d:\program files\Common Files\Mediafour\MACVICON.DLL
d:\windows\system32\ieframe.dll
- - - - - - - > 'explorer.exe'(4980)
d:\windows\system32\WININET.dll
d:\program files\Common Files\Mediafour\MACVICON.DLL
d:\windows\system32\ieframe.dll
.
Completion time: 2009-10-03 22:24
ComboFix-quarantined-files.txt 2009-10-03 03:24
ComboFix2.txt 2009-10-01 03:47
Pre-Run: 52,252,327,936 bytes free
Post-Run: 52,219,445,248 bytes free
161 --- E O F --- 2009-09-09 08:06
2. Find File:
D:\Documents and Settings\Leah\Start Menu\Programs\Startup\PowerReg Scheduler.exe - 256000 Bytes
3. MBAM log:
Malwarebytes' Anti-Malware 1.41
Database version: 2897
Windows 5.1.2600 Service Pack 3
10/2/2009 11:25:54 PM
mbam-log-2009-10-02 (23-25-54).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 198323
Time elapsed: 48 minute(s), 34 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
4. Hijack This
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:28:00 PM, on 10/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
D:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Pen_Tablet.exe
D:\Program Files\Viewpoint\Common\ViewpointService.exe
D:\WINDOWS\system32\Pen_Tablet.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
D:\WINDOWS\system32\Pen_Tablet.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Common Files\Mediafour\MACVNTFY.EXE
D:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
D:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\notepad.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\notepad.exe
D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Rebecca\Local Settings\temp\_AZTMP0_\FileFind.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - D:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Mediafour Mac Volume Notifications] "D:\Program Files\Common Files\Mediafour\MACVNTFY.EXE" /auto
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "D:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [MDDiskProtect.exe] D:\Program Files\Mediafour\MacDrive\MDDiskProtect.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-21-1214440339-1454471165-682003330-1005\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe (User 'Leah')
O4 - HKUS\S-1-5-21-1214440339-1454471165-682003330-1005\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe (User 'Leah')
O4 - HKUS\S-1-5-21-1214440339-1454471165-682003330-1005\..\Run: [PicoZip] D:\Program Files\PicoZip\PicoZipTray.exe (User 'Leah')
O4 - HKUS\S-1-5-21-1214440339-1454471165-682003330-1005\..\Run: [AdobeUpdater] "D:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" (User 'Leah')
O4 - S-1-5-21-1214440339-1454471165-682003330-1005 Startup: PowerReg Scheduler.exe (User 'Leah')
O4 - Global Startup: SMART Board Tools.lnk = D:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupda ... 1405060188O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 1405448451O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
http://www.adobe.com/products/acrobat/nos/gp.cabO18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - D:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: MacDrive-iTunes compatibility - D:\Program Files\Common Files\Mediafour\MacDriveiTunesPatch.dll
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L.
http://www.bitdefender.com - D:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SMART Board Service - SMART Technologies - D:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
O23 - Service: SMART SNMP Agent Service - SMART Technologies ULC - D:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe
O23 - Service: SMART Web Server - Unknown owner - D:\Program Files\SMART Technologies\SMART Board Drivers\WebServer.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - D:\WINDOWS\system32\Pen_Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - D:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - D:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
--
End of file - 8632 bytes
5. How is computer running now?
The computer seems to be running fine now. On the Malware Bytes scan, it said it found 4 worm agents in the System Volume Information -- restore files. Are these files safe? Should they be deleted?
Thank you so much for your help!