BleepingComputer.com: Need someone to review my log to see if Combofix removed everything

Can I have someone review my log from combofix to see if it got everything? See below.


ComboFix 09-06-07.01 - Melissa 06/07/2009 15:48.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2036.1067 [GMT -4:00]
Running from: c:\users\Melissa\Desktop\ComboFix.exe
AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: PC-cillin Internet Security - Firewall *disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
SP: PC-cillin Internet Security - Spyware Protection *disabled* (Updated) {003DD9A8-02A6-43CF-81BA-5D403CAD001E}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Darrell\Desktop\PCenter.lnk
c:\users\Justin\Desktop\PCenter.lnk
c:\users\Melissa\AppData\Roaming\PCenter
c:\users\Melissa\AppData\Roaming\PCenter\dbases\cg.dat
c:\users\Melissa\AppData\Roaming\PCenter\dbases\mw.dat
c:\users\Melissa\AppData\Roaming\PCenter\dbases\rd.dat
c:\users\Melissa\AppData\Roaming\PCenter\dbases\sc.dat
c:\users\Melissa\AppData\Roaming\PCenter\dbases\sm.dat
c:\users\Melissa\AppData\Roaming\PCenter\dbases\sp.dat
c:\users\Melissa\AppData\Roaming\PCenter\keys\cg.key
c:\users\Melissa\AppData\Roaming\PCenter\keys\rd.key
c:\users\Melissa\AppData\Roaming\PCenter\keys\sc.key
c:\users\Melissa\AppData\Roaming\PCenter\keys\sp.key
c:\users\Melissa\AppData\Roaming\PCenter\temp\settings.ini
c:\users\Melissa\AppData\Roaming\PCenter\temp\spfilter
c:\users\Melissa\Desktop\PCenter.lnk
c:\windows\9g2234wesdf3dfgjf23
c:\windows\ld08.exe
c:\windows\pp10.exe
c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
.
((((((((((((((((((((((((( Files Created from 2009-05-07 to 2009-06-07 )))))))))))))))))))))))))))))))
.
2009-06-07 19:51 . 2009-06-07 19:51 -------- d-----w- c:\users\Justin\AppData\Local\temp
2009-06-07 19:51 . 2009-06-07 19:51 -------- d-----w- c:\users\Darrell\AppData\Local\temp
2009-06-07 19:37 . 2009-06-07 19:37 2136133632 --sha-w- \hiberfil.sys
2009-06-07 19:32 . 2009-06-07 19:33 680 ----a-w- c:\users\Melissa\AppData\Local\d3d9caps.dat
2009-06-06 01:13 . 2009-06-07 19:25 -------- d-sh--w- \Config.Msi
2009-06-06 00:47 . 2009-06-06 01:16 467744 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-06 00:19 . 2009-06-06 01:14 -------- d-----w- c:\programdata\ParetoLogic
2009-06-06 00:19 . 2009-06-06 01:14 -------- d-----w- c:\program files\Common Files\ParetoLogic
2009-06-06 00:19 . 2009-06-06 00:19 -------- d-----w- c:\programdata\ParetoLogic Anti-Virus PLUS
2009-06-06 00:11 . 2009-06-06 00:11 -------- d-----w- c:\users\Melissa\AppData\Local\Downloaded Installations
2009-06-04 06:18 . 2009-06-04 06:18 -------- d-----w- c:\program files\podmena
2009-06-04 06:18 . 2009-06-04 06:18 2 ---h--w- c:\windows\ro122807.dat
2009-05-30 19:31 . 2009-05-30 19:31 -------- d-----w- c:\program files\Coupons
2009-05-23 02:31 . 2009-05-23 02:31 738120 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-05-19 22:38 . 2009-05-19 22:38 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-07 19:39 . 2008-09-03 01:57 -------- d-----w- c:\programdata\Google Updater
2009-06-07 19:37 . 2008-04-08 02:40 2449948672 --sha-w- \pagefile.sys
2009-06-06 00:47 . 2009-06-06 00:47 32 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-04 05:12 . 2008-07-02 12:38 -------- d-----w- c:\program files\Common Files\Adobe
2009-04-20 23:26 . 2009-04-20 23:26 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-20 23:26 . 2009-04-20 23:26 -------- d-----w- c:\program files\iTunes
2009-04-20 23:26 . 2009-04-20 23:26 -------- d-----w- c:\program files\iPod
2009-04-20 23:26 . 2008-07-22 23:41 -------- d-----w- c:\program files\Common Files\Apple
2009-04-20 23:24 . 2009-04-20 23:24 -------- d-----w- c:\program files\QuickTime
2009-04-20 23:17 . 2009-04-20 23:17 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-03-19 20:32 . 2009-04-20 23:26 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 20:32 . 2009-03-19 20:32 23400 ----a-w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-15 16:38 . 2009-03-15 16:36 27460584 ----a-w- c:\programdata\TaxCut\2008\Update\US62016801eupd.exe
2008-04-08 03:08 . 2008-04-08 02:52 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-07 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-01-18 17920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-25 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-25 129560]
"pccguide.exe"="c:\program files\Trend Micro\Internet Security 14\pccguide.exe" [2006-11-21 1807960]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-16 29744]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-05-11 4452352]
c:\users\Darrell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]
c:\users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiSpywareOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{84698A51-01D6-4824-B40C-99FA75C8AE8C}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{043D1056-8D62-48BA-AD14-B6B392B8A28F}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8619F972-E60E-4A5D-89B6-CB6E388AC168}"= UDP:c:\program files\TurboTax\Home & Business 2007\32bit\ttax.exe:TurboTax
"{6CD23430-85CB-4E8E-A297-FFC97E9A062B}"= TCP:c:\program files\TurboTax\Home & Business 2007\32bit\ttax.exe:TurboTax
"{DE74EB12-6B10-459E-B3FD-21C2354F29E6}"= UDP:c:\program files\TurboTax\Home & Business 2007\32bit\updatemgr.exe:TurboTax Update Manager
"{D07808FE-0B57-4484-8D9B-3A75D6D7B201}"= TCP:c:\program files\TurboTax\Home & Business 2007\32bit\updatemgr.exe:TurboTax Update Manager
"{05E29575-3205-49BA-9E46-8DDD08ED95F0}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EA473134-A9CE-4E53-911D-A2D0A8A1395F}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{B7929DD6-A724-4649-B2C0-05C0813BDB12}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{50E97E11-5AAD-43D9-AABB-4D862115E821}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
R1 podmenadrv;podmenadrv;c:\program files\podmena\podmena.sys [6/4/2009 2:18 AM 9472]
R2 podmena;podmena;c:\windows\system32\svchost.exe -k podmena [9/30/2008 4:13 PM 21504]
R2 tmpreflt;tmpreflt;c:\windows\System32\drivers\tmpreflt.sys [4/7/2008 3:26 PM 36368]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\System32\drivers\TM_CFW.sys [4/7/2008 3:26 PM 280392]
S2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\TRENDM~1\INTERN~1\Tmntsrv.exe [11/9/2007 6:19 AM 345696]
S2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [11/9/2007 6:19 AM 923216]
S2 tmproxy;Trend Micro Proxy Service;c:\progra~1\TRENDM~1\INTERN~1\tmproxy.exe [11/9/2007 6:19 AM 566872]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [4/7/2008 3:37 PM 29744]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
podmena REG_MULTI_SZ podmena
.
Contents of the 'Scheduled Tasks' folder
2009-06-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-07 22:47]
2009-06-07 c:\windows\Tasks\User_Feed_Synchronization-{CFE98ADA-C25A-46F6-BF2C-411C3C78B086}.job
- c:\windows\system32\msfeedssync.exe [2008-09-30 07:33]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6080408
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
Trusted Zone: turbotax.com
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} - file:///E:/MEMDISC/ALBUM_A/VIEW/PLUGIN/HPODPCFC.CAB
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-07 15:52
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-06-07 15:54
ComboFix-quarantined-files.txt 2009-06-07 19:54
Pre-Run: 179,606,753,280 bytes free
Post-Run: 179,738,710,016 bytes free
160 --- E O F --- 2009-03-15 16:24



Thanks!!

ComboFix logs should not to be posted or discussed outside the HijackThis forums. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please create a new topic in the Am I Infected forum.
http://www.bleepingcomputer.com/forums/forum103.html
Explain the nature of your problem. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.

If needed, we will direct you to our HJT Preparation Guide.

This topic is now closed.
The BC Staff