Here is the combo fix log. I removed the other Java and the computer seems to be running ok.
Thank you
Becky
ComboFix 10-09-09.03 - Owner 09/09/2010 18:43:32.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.299 [GMT -4:00]
Running from: c:\documents and settings\Owner\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\My Documents\Downloads\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((( Files Created from 2010-08-09 to 2010-09-09 )))))))))))))))))))))))))))))))
.
2010-09-07 22:24 . 2010-09-07 22:24 -------- d-----w- C:\_OTM
2010-09-06 21:14 . 2010-09-06 21:14 -------- d-----w- c:\program files\ESET
2010-08-28 13:04 . 2010-08-28 13:04 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-08-28 13:01 . 2010-08-28 13:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-08-28 12:47 . 2010-08-28 12:47 -------- d--h--w- c:\windows\PIF
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-08 23:54 . 2009-07-12 03:30 -------- d-----w- c:\program files\Java
2010-09-04 23:31 . 2009-07-11 21:55 57472 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-08-28 22:07 . 2009-07-13 01:02 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-08-28 13:02 . 2009-07-12 13:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-28 11:35 . 2009-07-12 13:53 -------- d-----w- c:\program files\McAfee
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\windows\PIF ----
((((((((((((((((((((((((((((( SnapShot@2010-09-06_21.08.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-07 22:27 . 2010-09-07 22:27 16384 c:\windows\Temp\Perflib_Perfdata_7a8.dat
+ 2009-07-12 02:01 . 2009-08-06 23:24 35552 c:\windows\system32\wups.dll
+ 2009-07-12 02:01 . 2009-08-06 23:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2010-09-07 22:29 . 2010-09-07 22:29 176128 c:\windows\ERDNT\AutoBackup\9-7-2010\Users\00000002\UsrClass.dat
+ 2010-09-07 22:29 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\9-7-2010\ERDNT.EXE
+ 2010-09-06 22:44 . 2010-09-06 22:44 176128 c:\windows\ERDNT\AutoBackup\9-6-2010\Users\00000002\UsrClass.dat
+ 2010-09-06 22:44 . 2005-10-20 16:02 163328 c:\windows\ERDNT\AutoBackup\9-6-2010\ERDNT.EXE
+ 2010-09-07 22:29 . 2010-09-07 22:29 2035712 c:\windows\ERDNT\AutoBackup\9-7-2010\Users\00000001\NTUSER.DAT
+ 2010-09-06 22:44 . 2010-09-06 22:44 2031616 c:\windows\ERDNT\AutoBackup\9-6-2010\Users\00000001\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-09-19 1998576]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-12 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-26 142120]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280]
c:\documents and settings\Owner\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-10 22:45 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [6/23/2009 11:01 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [6/23/2009 11:01 AM 74480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [7/12/2009 10:17 AM 135336]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [7/12/2009 9:54 AM 88176]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [6/23/2009 11:01 AM 7408]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - APPMGMT
.
Contents of the 'Scheduled Tasks' folder
2010-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
2010-09-09 c:\windows\Tasks\User_Feed_Synchronization-{187F1E56-F43A-4693-880F-D322638AB6C3}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\oeyzpp30.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-09-09 18:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(616)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
- - - - - - - > 'explorer.exe'(1184)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2010-09-09 18:50:18
ComboFix-quarantined-files.txt 2010-09-09 22:50
ComboFix2.txt 2010-09-08 23:43
ComboFix3.txt 2010-09-06 21:10
Pre-Run: 17,329,086,464 bytes free
Post-Run: 17,322,184,704 bytes free
- - End Of File - - E3819B876B472C973168F059F7F58063