Attention of ComboFix log experts please

ESBN

D-A-L Newbie

My network stopped working in Normal Mode,It worked only in Safe Mode. I ran Combo Fix and the problem was solved. Can any ComboFix log expert tell me what was the problem?
your help would be highly appreciated

ESBN

D-A-L Newbie

Here is the log report


ComboFix 08-11-21.05 - ESAB 11/22/2008 14:50:41.1 - FAT32x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1256.20.1033.18.159 [GMT 2:00]
Running from: c:\documents and settings\ESAB\My Documents\Downloads\Programs\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\BM30b324d6.txt
c:\windows\BM30b324d6.xml
c:\windows\cookies.ini
c:\windows\pskt.ini
c:\windows\system32\mfiibbsp.ini
c:\windows\system32\mklhjnie.ini
c:\windows\system32\mwhktmhp.ini
c:\windows\system32\nkiubumv.ini
c:\windows\system32\OXFPqBeg.ini
c:\windows\system32\OXFPqBeg.ini2
c:\windows\system32\pqoqpqay.ini
c:\windows\system32\qjtcrouv.ini
c:\windows\system32\ufbfrhrq.ini
c:\windows\system32\winsusrm.dll
c:\windows\system32\xGikQXbc.ini
c:\windows\system32\xGikQXbc.ini2
c:\windows\system32\yobgmbph.ini

.
((((((((((((((((((((((((( Files Created from 2008-10-22 to 2008-11-22 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-11-18 15:06 --------- d-----w c:\program files\Common Files\Nero
2008-11-18 15:01 --------- d-----w c:\program files\Common Files\Ahead
2008-11-17 14:34 16,384 ----a-w c:\windows\DCEBoot.exe
2008-11-16 13:07 --------- d-----w c:\documents and settings\ESAB\Application Data\Design Science
2008-11-16 10:49 --------- d-----w c:\program files\Common Files\L&H
2008-11-16 10:48 --------- d-----w c:\program files\Microsoft Works
2008-11-14 04:57 --------- d-----w c:\program files\Common Files\Download Manager
2008-11-09 08:08 50,176 ----a-w c:\windows\uninstyler.exe
2008-11-09 07:18 --------- d-----w c:\program files\AnswersThatWork
2008-11-08 21:35 --------- d-----w c:\documents and settings\ESAB\Application Data\Real Desktop
2008-11-08 21:34 --------- d-----w c:\program files\Real Desktop
2008-11-05 14:28 --------- d-----w c:\documents and settings\LocalService\Application Data\agi
2008-11-05 14:28 --------- d-----w c:\documents and settings\ESAB\Application Data\Webshots
2008-11-05 14:21 --------- d-----w c:\program files\Webshots
2008-11-05 14:13 348,160 ----a-w c:\windows\system32\msvcr71.dll
2008-11-05 14:13 339,968 ----a-w c:\windows\system32\pythoncom25.dll
2008-11-05 14:13 2,117,632 ----a-w c:\windows\system32\python25.dll
2008-11-05 14:13 114,688 ----a-w c:\windows\system32\pywintypes25.dll
2008-11-05 14:04 --------- d-----w c:\program files\AGI
2008-11-02 20:05 --------- d-----w c:\program files\Anark
2008-11-01 14:35 --------- d-----w c:\program files\Common Files\ParetoLogic
2008-11-01 11:11 --------- d-----w c:\documents and settings\All Users\Application Data\ParetoLogic Anti-Spyware
2008-10-25 11:49 --------- d-----w c:\documents and settings\ESAB\Application Data\Reallusion
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:21 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-16 18:19 --------- d-----w c:\program files\Opera
2008-10-16 18:09 --------- d-----w c:\program files\Java
2008-10-16 17:47 --------- d-----w c:\program files\Common Files\Java
2008-10-16 12:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 12:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 12:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 12:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 12:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 12:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 12:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 12:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 12:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 12:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 12:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 12:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 12:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 12:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 12:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 12:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 12:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:34 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
2008-10-10 08:30 --------- d-----w c:\documents and settings\ESAB\Application Data\Any Video Converter
2008-10-10 07:19 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-08 20:44 --------- d-----w c:\program files\Trend Micro
2008-10-08 20:33 80,400 ----a-w c:\windows\system32\drivers\tmtdi.sys
2008-10-08 20:33 50,192 ----a-w c:\windows\system32\drivers\tmactmon.sys
2008-10-08 20:33 49,680 ----a-w c:\windows\system32\drivers\tmevtmgr.sys
2008-10-08 20:33 36,368 ----a-w c:\windows\system32\drivers\tmpreflt.sys
2008-10-08 20:33 334,352 ----a-w c:\windows\system32\drivers\TM_CFW.sys
2008-10-08 20:33 205,328 ----a-w c:\windows\system32\drivers\tmxpflt.sys
2008-10-08 20:33 144,912 ----a-w c:\windows\system32\drivers\tmcomm.sys
2008-10-08 20:33 1,195,448 ----a-w c:\windows\system32\drivers\vsapint.sys
2008-10-07 22:20 --------- d-----w c:\documents and settings\ESAB\Application Data\M8 Software
2008-10-03 17:41 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
2008-10-03 15:31 81,984 ----a-w c:\windows\system32\bdod.bin
2008-10-02 10:19 --------- d-----w c:\documents and settings\All Users\Application Data\Babylon
2008-09-30 14:53 --------- d-sh--w c:\program files\Common Files\WindowsLiveInstaller
2008-09-30 14:52 --------- d-----w c:\program files\Windows Live
2008-09-30 14:51 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-09-28 10:36 --------- d-----w c:\program files\ReflexiveArcade
2008-09-25 16:43 --------- d-----w c:\documents and settings\ESAB\Application Data\Babylon
2008-09-23 04:40 --------- d-----w c:\program files\Xing
2008-09-21 22:49 720,896 ----a-w c:\windows\iun6002.exe
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-15 12:12 1,846,400 ------w c:\windows\system32\dllcache\win32k.sys
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\dllcache\msxml6.dll
2008-09-08 10:41 333,824 ------w c:\windows\system32\dllcache\srv.sys
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 17:15 1,106,944 ------w c:\windows\system32\dllcache\msxml3.dll
2008-08-27 08:24 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
2008-08-25 08:38 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-08-25 08:38 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-08-23 05:56 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
2008-08-23 05:54 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [10/08/2008 10:33 PM 497008]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [10/08/2008 10:33 PM 970808]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [09/07/2008 03:31 AM 185896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [10/08/2008 10:33 PM 497008]

c:\documents and settings\ESAB\Start Menu\Programs\Startup\
RemindMe.lnk - d:\program files\RemindMe\RemindMe.exE [2003-09-09 319488]
Ela-Salaty.lnk - e:\program files\Ela-Salaty\Salaty.exe [2007-03-05 5090816]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
GoBack.lnk - d:\program files\Roxio\GoBack\GBTray.exe [2008-09-01 524288]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"rightsTest"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\SUPERAntiSpyware\SASSEH.DLL" [05/13/2008 10:13 AM 77824]
"{51C55F9E-C308-4c95-89AB-8858D8AFD819}"= "d:\program files\ParetoLogic\Anti-Spyware\PASShlExt.dll" [04/12/2007 12:47 AM 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
04/19/2007 01:41 PM 294912 d:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^أوقات الصلاة.lnk]
backup=c:\windows\pss\أوقات الصلاة.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^ESAB^Start Menu^Programs^Startup^Webshots.lnk]
backup=c:\windows\pss\Webshots.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3380174a
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitDefender Antiphishing Helper
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM30b324d6

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VC7Player
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows LSASS Service
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CameraFixer]
--a------ 12/06/2005 01:08 PM 20480 c:\windows\CameraFixer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 09/28/2006 10:21 PM 57344 d:\program files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 04/14/2008 03:12 AM 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 04/14/2008 03:12 AM 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 10/18/2007 11:34 AM 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 07/09/2001 11:50 AM 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ParetoLogic Anti-Spyware]
--a------ 08/01/2007 01:56 PM 2643312 d:\program files\ParetoLogic\Anti-Spyware\Pareto_AS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Real Desktop]
--a------ 10/05/2008 09:05 PM 5910528 c:\program files\Real Desktop\Real Desktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Crawler]
--------- 02/03/2004 09:06 AM 454656 c:\progra~1\RCrawler\rcrawler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
--a------ 12/31/2003 05:39 PM 40960 c:\windows\vsnpstd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoloSchedule]
--a------ 10/19/2008 09:09 PM 303104 d:\srnmic~1\SOLOCFG.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoloSentry]
--a------ 10/20/2008 09:02 AM 77824 d:\srnmic~1\SOLOSENT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoloSysCheck]
--a------ 10/19/2008 09:12 PM 237568 d:\srnmic~1\SYSCHECK.COM

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 06/10/2008 04:27 AM 144784 c:\program files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 05/28/2008 10:33 AM 1506544 d:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 09/07/2008 03:31 AM 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Virtual Drive]
--a------ 01/01/2001 03:00 AM 57344 d:\program files\FarStone\VirtualDrive\vdtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 10/27/2007 07:51 AM 3810544 d:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationA gent]
--a------ 04/14/2008 03:12 AM 110592 c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 04/16/2007 03:28 PM 577536 c:\windows\soundman.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\PROGRAM FILES\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"d:\\PROGRAM FILES\\FarStone\\VirtualDrive\\NETSRV.EXE"=
"d:\\PROGRAM FILES\\FarStone\\VirtualDrive\\mgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\SRN Micro\\SOLOCFG.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"1440:UDP"= 1440:UDP:Windows Media Format SDK (firefox.exe)

R2 cdant;cdant;c:\windows\system32\drivers\cdant.sys [2008-09-01 35661]
R2 UxTuneUp;TuneUp Design Expansion;c:\windows\System32\svchost.exe -k netsvcs [2004-08-04 14336]
S1 ntiomin;ntiomin; []
S2 AGWinService;AG Windows Service; []
S3 SmartCd;SmartCd;c:\windows\system32\Drivers\SmartC d.sys [2008-09-01 9792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{6cc501bc-af45-11dd-8efe-806d6172696f}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder

2008-11-14 c:\windows\Tasks\1-Click Maintenance.job
- d:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [12/19/2006 04:53 PM]

2008-11-18 c:\windows\Tasks\Pareto UNS.job
- c:\program files\Common Files\ParetoLogic\UUS\UUS.dll\Pareto_Update.exe []

2008-11-18 c:\windows\Tasks\ParetoLogic Update.job
- c:\program files\Common Files\ParetoLogic\UUS\Pareto_Update.exe [08/01/2007 01:39 PM]

2008-11-01 c:\windows\Tasks\ParetoLogic Anti-Spyware.job
- d:\program files\ParetoLogic\Anti-Spyware\Pareto_AS.exe [08/01/2007 01:56 PM]
.
- - - - ORPHANS REMOVED - - - -

ShellExecuteHooks-{6809e580-a3a7-11d1-9a00-00a0c945b006} - (no file)
ShellExecuteHooks-{47836122-9D2E-476C-9763-B1D366F704E1} - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\ESAB\Application Data\Mozilla\Firefox\Profiles\1p4ic47h.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - Yahoo!
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdsplay.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npwmsdrm.dll
FF -: plugin - c:\program files\Yahoo!\Shared\npYState.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-22 14:55:24
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: c:\windows\explorer.exe
-> ?:\windows\system32\PSAPI.DLL
.
------------------------ Other Running Processes ------------------------
.
d:\program files\Roxio\GoBack\GBPoll.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
.
************************************************** ************************
.
Completion time: 11/22/2008 14:59:09 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-22 12:59:00

Pre-Run: 7,827,959,808 bytes free
Post-Run: 8,249,098,240 bytes free

272 --- E O F --- 2008-11-12 22:23:17