PDA

View Full Version : While running spybot the computer shuts down - dd included



shayna
2010-08-10, 08:47
I am having a problem with the way my computer is running.
I have tried to restore to before the problem but all the restore points fail.
I ran Avast it showed no virusis
I downloaded and ran spybot in regular and safe mode; I noticed while scanning files starting with virtumonde the computer just shuts down.
Tried a few things to remove virtumonde and they failed.


DDS (Ver_10-03-17.01) - FAT32x86
Run by Owner at 1:35:49.43 on Tue 08/10/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.446.224 [GMT -4:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Lynn Grossman\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www2.verizon.net/welcome/default.asp?variant=dsl
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13149&gct=&gc=1&q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - c:\program files\asksearch\bin\DefaultSearch.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-d0fc-e57af4d5fa7d} - c:\windows\downlo~1\vzbb.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
TB: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-d0fc-e57af4d5fa7d} - c:\windows\downlo~1\vzbb.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
mRun: [LaunchApp] Alaunch
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [SiS Windows KeyHook] c:\windows\system32\keyhook.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PCMService] "c:\program files\arcade\PCMService.exe"
mRun: [LManager] c:\program files\launch manager\QtZgAcer.EXE
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\Monitor.exe
mRun: [A Verizon App] c:\progra~1\verizo~1\helpsu~1\VERIZO~1.EXE
mRun: [Motive SmartBridge] c:\progra~1\verizo~1\helpsu~1\smartb~1\MotiveSB.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_05\bin\jusched.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_05\bin\npjpi150_05.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://stimulustv.webex.com/client/T27LB/training/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\lynngr~1\applic~1\mozilla\firefox\profiles\o2q3b6wl.default\
FF - prefs.js: browser.startup.homepage - hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJPI150_05.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-1-21 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-1-21 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
S2 PIEUsb;Single Frame Film Scanner;c:\windows\system32\drivers\usbscan.sys [2006-5-7 15104]

=============== Created Last 30 ================

2010-08-09 20:42:24 0 d-sh--w- C:\FOUND.103
2010-08-08 21:27:05 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-08-08 21:27:01 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-08-08 21:26:57 17408 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-08-08 21:26:52 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-08-08 21:26:43 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-08-08 21:26:35 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-08-08 21:26:29 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-08-08 21:26:27 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-08-08 21:26:22 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-08-08 21:26:21 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2010-08-08 21:26:01 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-08-08 21:24:59 11807 ----a-w- c:\windows\system32\dllcache\wadv07nt.sys
2010-08-08 21:23:56 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2010-08-08 21:22:57 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-08-08 21:21:53 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2010-08-08 21:21:51 4992 ----a-w- c:\windows\system32\dllcache\toside.sys
2010-08-08 21:21:47 230912 ----a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-08-08 21:21:43 241664 ----a-w- c:\windows\system32\dllcache\tosdvd02.sys
2010-08-08 21:21:39 28232 ----a-w- c:\windows\system32\dllcache\tos4mo.sys
2010-08-08 21:21:31 123995 ----a-w- c:\windows\system32\dllcache\tjisdn.sys
2010-08-08 21:21:25 138528 ----a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-08-08 21:21:21 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
2010-08-08 21:21:21 149376 ----a-w- c:\windows\system32\dllcache\tffsport.sys
2010-08-08 21:21:16 17129 ----a-w- c:\windows\system32\dllcache\tdkcd31.sys
2010-08-08 21:21:12 37961 ----a-w- c:\windows\system32\dllcache\tdk100b.sys
2010-08-08 21:21:02 30464 ----a-w- c:\windows\system32\dllcache\tbatm155.sys
2010-08-08 21:19:58 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys
2010-08-08 21:18:51 58368 ----a-w- c:\windows\system32\dllcache\smiminib.sys
2010-08-08 21:17:59 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
2010-08-08 21:16:57 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys
2010-08-08 21:15:57 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2010-08-08 21:14:59 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys
2010-08-08 21:14:52 9216 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-08-08 21:14:42 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys
2010-08-08 21:14:34 79104 ----a-w- c:\windows\system32\dllcache\rocket.sys
2010-08-08 21:14:32 30080 ----a-w- c:\windows\system32\dllcache\rndismpx.sys
2010-08-08 21:14:27 59648 ----a-w- c:\windows\system32\dllcache\rfcomm.sys
2010-08-08 21:14:27 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-08-08 21:14:19 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll
2010-08-08 21:14:12 13776 ----a-w- c:\windows\system32\dllcache\recagent.sys
2010-08-08 21:13:49 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2010-08-08 21:13:35 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2010-08-08 21:13:28 899146 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2010-08-08 21:13:22 41472 ----a-w- c:\windows\system32\dllcache\qvusd.dll
2010-08-08 21:13:17 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys
2010-08-08 21:13:10 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys
2010-08-08 21:13:10 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys
2010-08-08 21:13:10 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys
2010-08-08 21:13:09 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys
2010-08-08 21:13:09 33152 ----a-w- c:\windows\system32\dllcache\ql10wnt.sys
2010-08-08 21:13:08 6016 ----a-w- c:\windows\system32\dllcache\qic157.sys
2010-08-08 21:12:51 130942 ----a-w- c:\windows\system32\dllcache\ptserlv.sys
2010-08-08 21:12:48 112574 ----a-w- c:\windows\system32\dllcache\ptserlp.sys
2010-08-08 21:12:44 128286 ----a-w- c:\windows\system32\dllcache\ptserli.sys
2010-08-08 21:12:43 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll
2010-08-08 21:12:36 5632 ----a-w- c:\windows\system32\dllcache\ptpusb.dll
2010-08-08 21:12:32 33280 ----a-w- c:\windows\system32\dllcache\psisrndr.ax
2010-08-08 21:12:28 35328 ----a-w- c:\windows\system32\dllcache\psisload.dll
2010-08-08 21:12:27 363520 ----a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-08-08 21:12:20 16128 ----a-w- c:\windows\system32\dllcache\pscr.sys
2010-08-08 21:12:15 17664 ----a-w- c:\windows\system32\dllcache\ppa3.sys
2010-08-08 21:12:11 17792 ----a-w- c:\windows\system32\dllcache\ppa.sys
2010-08-08 21:12:04 7552 ----a-w- c:\windows\system32\dllcache\powerfil.sys
2010-08-08 21:10:56 30282 ----a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2010-08-08 21:10:49 26153 ----a-w- c:\windows\system32\dllcache\pcmlm56.sys
2010-08-08 21:10:47 29502 ----a-w- c:\windows\system32\dllcache\pca200e.sys
2010-08-08 21:10:43 30495 ----a-w- c:\windows\system32\dllcache\pc100nds.sys
2010-08-08 21:10:28 41984 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
2010-08-08 21:10:24 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2010-08-08 21:10:21 25216 ----a-w- c:\windows\system32\dllcache\ovsound2.sys
2010-08-08 21:10:18 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe
2010-08-08 21:10:14 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll
2010-08-08 21:10:11 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys
2010-08-08 21:10:07 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll
2010-08-08 21:10:04 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys
2010-08-08 21:10:01 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys
2010-08-08 21:09:57 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-08-08 21:09:54 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
2010-08-08 21:09:50 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
2010-08-08 21:09:47 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
2010-08-08 21:09:40 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-08-08 21:09:32 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-08-08 21:09:18 61056 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2010-08-08 21:09:06 1897408 ----a-w- c:\windows\system32\dllcache\nv4_mini.sys
2010-08-08 21:09:05 4274816 ----a-w- c:\windows\system32\dllcache\nv4_disp.dll
2010-08-08 21:09:01 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2010-08-08 21:08:57 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2010-08-08 21:08:50 180360 ----a-w- c:\windows\system32\dllcache\ntmtlfax.sys
2010-08-08 21:08:33 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-08-08 21:08:27 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2010-08-08 21:08:23 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-08-08 21:08:21 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2010-08-08 21:08:12 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-08-08 21:08:08 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-08-08 21:08:03 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2010-08-08 21:08:01 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2010-08-08 21:07:43 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2010-08-08 21:07:36 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2010-08-08 21:07:33 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-08-08 21:07:26 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2010-08-08 21:07:15 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll
2010-08-08 21:07:12 27936 ----a-w- c:\windows\system32\dllcache\n9i3d.sys
2010-08-08 15:56:54 0 d-sh--w- C:\FOUND.102
2010-08-08 00:51:58 0 d-sh--w- C:\FOUND.101
2010-08-07 23:01:22 0 ----a-w- c:\windows\system32\dllcache\SET4D1.tmp
2010-08-07 23:01:19 33088 ----a-w- c:\windows\system32\dllcache\n9i128v2.sys
2010-08-07 23:01:16 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2010-08-07 23:01:13 13664 ----a-w- c:\windows\system32\dllcache\n9i128.sys
2010-08-07 23:01:10 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-08-07 23:01:06 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-08-07 23:01:03 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-08-07 23:01:00 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-08-07 22:59:55 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2010-08-07 22:58:54 164586 ----a-w- c:\windows\system32\dllcache\mdgndis5.sys
2010-08-07 22:57:58 15744 ----a-w- c:\windows\system32\dllcache\lit220p.sys
2010-08-07 22:56:58 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys
2010-08-07 22:55:57 38528 ----a-w- c:\windows\system32\dllcache\ibmvcap.sys
2010-08-07 22:54:59 9759 ----a-w- c:\windows\system32\dllcache\hsf_inst.dll
2010-08-07 22:53:57 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2010-08-07 22:52:59 441728 ----a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-08-07 22:51:58 72192 ----a-w- c:\windows\system32\dllcache\es1969.sys
2010-08-07 22:50:56 20992 ----a-w- c:\windows\system32\dllcache\dshowext.ax
2010-08-07 22:49:58 29531 ----a-w- c:\windows\system32\dllcache\dgapci.sys
2010-08-07 22:48:59 44032 ----a-w- c:\windows\system32\dllcache\cnusd.dll
2010-08-07 22:47:59 9728 ----a-w- c:\windows\system32\dllcache\brserif.dll
2010-08-07 22:46:59 870784 ----a-w- c:\windows\system32\dllcache\ati3d1ag.dll
2010-08-07 22:45:38 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-08-07 15:58:49 0 d-----w- c:\program files\Uniblue
2010-08-07 14:45:10 0 d-sh--w- C:\FOUND.100
2010-08-06 19:00:02 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-08-06 19:00:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-08-06 18:44:07 0 d-----w- c:\docume~1\lynngr~1\applic~1\Uniblue
2010-08-06 17:44:58 0 d-----w- c:\windows\system32\wbem\Repository
2010-08-05 03:42:08 58368 ----a-w- C:\websiteupdating.doc
2010-08-04 15:05:38 0 d-sh--w- C:\FOUND.099
2010-08-03 19:30:45 162 ---ha-w- C:\~$DASPCA.doc
2010-08-03 19:30:44 594432 ----a-w- C:\BODASPCA.doc
2010-08-03 19:29:45 162 ---ha-w- C:\~$aug.doc
2010-08-03 04:21:38 51200 ----a-w- C:\aug.doc
2010-08-02 18:01:08 162 ---ha-w- C:\~$ACwebsite0updating[1].doc
2010-07-30 16:07:10 215920 ----a-w- c:\windows\system32\muweb.dll
2010-07-30 16:07:06 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-07-30 15:47:34 0 d-sh--w- C:\FOUND.098
2010-07-30 15:13:19 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-07-29 02:36:38 0 d-sh--w- C:\FOUND.097
2010-07-27 15:10:08 0 d-sh--w- C:\FOUND.096
2010-07-25 14:54:28 0 d-sh--w- C:\FOUND.095
2010-07-24 23:46:22 0 d-sh--w- C:\FOUND.094
2010-07-18 16:17:44 0 d-sh--w- C:\FOUND.093
2010-07-16 00:34:50 0 d-sh--w- C:\FOUND.092
2010-07-15 22:26:55 451 ----a-w- c:\windows\system32\eRLog.ini
2010-07-15 01:30:54 0 d-sh--w- C:\FOUND.091

==================== Find3M ====================

2010-06-28 20:57:34 38848 ----a-w- c:\windows\avastSS.scr
2010-06-14 14:30:28 743936 ----a-w- c:\windows\system32\dllcache\helpsvc.exe
1999-05-07 09:22:00 8944 ----a-w- c:\windows\inf\USBSCAN.SYS

============= FINISH: 1:36:28.35 ===============



I posted this because the 'before you post said to post both files' I hope I was correct


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 4/10/2006 7:38:20 AM
System Uptime: 8/9/2010 11:47:10 PM (2 hours ago)

Motherboard: Acer, Inc. | | Lugano M
Processor: Mobile AMD Sempron(tm) Processor 3100+ | Socket A | 1584/400mhz

==== Disk Partitions =========================

C: is FIXED (FAT32) - 26 GiB total, 8.914 GiB free.
D: is FIXED (FAT32) - 27 GiB total, 24.392 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP965: 8/7/2010 12:00:17 PM - Restore Operation
RP966: 8/7/2010 8:53:03 PM - Restore Operation
RP967: 8/7/2010 8:57:19 PM - Restore Operation
RP968: 8/8/2010 9:52:24 PM - System Checkpoint

==== Installed Programs ======================

µTorrent
Acer eManager for Notebook
Acer GridVista
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.9
Adobe® Photoshop® Album Starter Edition 3.0
Agere Systems AC'97 Modem
Apple Software Update
Arcade 3.0
ArcSoft PhotoStudio 5.5
Ask Toolbar
avast! Free Antivirus
Camera Driver
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator 2.0
Canon MP150
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Critical Update for Windows Media Player 11 (KB959772)
CyberView X - SF v1.17c
Easy-WebPrint
ERUNT 1.1j
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
J2SE Runtime Environment 5.0 Update 5
K-Lite Codec Pack 5.4.4 (Basic)
Launch Manager
LiveUpdate 1.7 (Symantec Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Access 2003 Inside Out Sample Files
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Visio Professional 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NTI Backup NOW! 4
NTI CD & DVD-Maker
NTI CD & DVD-Maker Gold
Pandigital Photo Viewer 3.3
Pixillion Image Converter
PowerProducer
QuickTime
RealPlayer
Realtek AC'97 Audio
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
SiS 900 PCI Fast Ethernet Adapter Driver
SiS VGA Utilities
SiSAGP driver
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Verizon Broadband Toolbar
Verizon Online Help & Support
Verizon Servicepoint 1.5.20
WebEx
WebFldrs XP
Windows Driver Package - PIE Image 10/22/2002 1.1.1
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Yahoo! SiteBuilder

==== Event Viewer Messages From Past Week ========

8/9/2010 8:23:14 PM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
8/9/2010 8:23:14 PM, error: Service Control Manager [7001] - The Canon Camera Access Library 8 service depends on the Windows Image Acquisition (WIA) service which failed to start because of the following error: After starting, the service hung in a start-pending state.
8/9/2010 8:23:11 PM, error: Service Control Manager [7022] - The Distributed Link Tracking Client service hung on starting.
8/9/2010 8:22:41 PM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
8/9/2010 3:11:48 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
8/9/2010 3:11:48 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Canon\ZoomBrowser EX\Program\MFC80U.DLL. Reference error message: The operation completed successfully. .
8/9/2010 3:11:48 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
8/8/2010 5:27:07 PM, information: Windows File Protection [64017] - Windows File Protection file scan completed successfully.
8/8/2010 11:58:24 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Notebook Manager Service service to connect.
8/7/2010 7:05:54 PM, information: Windows File Protection [64020] - Windows File Protection scan found that the system file c:\windows\system32\rasmans.dll has a bad signature. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2180.
8/7/2010 7:05:53 PM, information: Windows File Protection [64020] - Windows File Protection scan found that the system file c:\windows\system32\rasmans.dll has a bad signature. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2908.
8/7/2010 6:44:40 PM, information: Windows File Protection [64016] - Windows File Protection file scan was started.
8/6/2010 6:19:22 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
8/6/2010 1:50:39 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
8/6/2010 1:50:33 PM, error: Service Control Manager [7022] - The avast! Antivirus service hung on starting.
8/5/2010 11:02:33 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
8/5/2010 10:53:09 AM, error: Service Control Manager [7000] - The Single Frame Film Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/4/2010 1:02:08 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/4/2010 1:00:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD AmdK8 aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
8/4/2010 1:00:53 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2010 1:00:53 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2010 1:00:53 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/4/2010 1:00:53 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

==== End Of File ===========================

Blade81
2010-08-17, 09:05
Hi,

If help still needed post a fresh dds.txt log, please.

shayna
2010-08-18, 21:40
Please help me things are getting worse
Here is the latest scan:

DDS (Ver_10-03-17.01) - FAT32x86
Run by Lynn Grossman at 14:34:05.42 on Wed 08/18/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.446.224 [GMT -4:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
SVCHOST.EXE
C:\WINDOWS\Explorer.EXE
SVCHOST.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
SVCHOST.EXE
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Lynn Grossman\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www2.verizon.net/welcome/default.asp?variant=dsl
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13149&gct=&gc=1&q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: DefaultSearchHook Class: {c94e154b-1459-4a47-966b-4b843befc7db} - c:\program files\asksearch\bin\DefaultSearch.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-d0fc-e57af4d5fa7d} - c:\windows\downlo~1\vzbb.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
TB: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-d0fc-e57af4d5fa7d} - c:\windows\downlo~1\vzbb.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
mRun: [LaunchApp] Alaunch
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [SiS Windows KeyHook] c:\windows\system32\keyhook.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PCMService] "c:\program files\arcade\PCMService.exe"
mRun: [LManager] c:\program files\launch manager\QtZgAcer.EXE
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\Monitor.exe
mRun: [A Verizon App] c:\progra~1\verizo~1\helpsu~1\VERIZO~1.EXE
mRun: [Motive SmartBridge] c:\progra~1\verizo~1\helpsu~1\smartb~1\MotiveSB.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_05\bin\jusched.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_05\bin\npjpi150_05.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://stimulustv.webex.com/client/T27LB/training/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\lynngr~1\applic~1\mozilla\firefox\profiles\o2q3b6wl.default\
FF - prefs.js: browser.startup.homepage - hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJPI150_05.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-1-21 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-1-21 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
S2 PIEUsb;Single Frame Film Scanner;c:\windows\system32\drivers\usbscan.sys [2006-5-7 15104]

=============== Created Last 30 ================

2010-08-18 18:04:36 0 d-sh--w- C:\FOUND.109
2010-08-18 15:18:08 0 d-sh--w- C:\FOUND.108
2010-08-17 23:20:22 0 d-sh--w- C:\FOUND.107
2010-08-17 16:16:06 0 d-sh--w- C:\FOUND.106
2010-08-12 14:54:56 0 d-sh--w- C:\FOUND.105
2010-08-12 02:38:20 0 d-sh--w- C:\FOUND.104
2010-08-10 19:23:04 0 d-----w- C:\VundoFix Backups
2010-08-09 20:42:24 0 d-sh--w- C:\FOUND.103
2010-08-08 21:27:05 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-08-08 21:27:01 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-08-08 21:26:57 17408 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-08-08 21:26:52 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-08-08 21:26:43 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-08-08 21:26:35 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-08-08 21:26:29 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-08-08 21:26:27 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-08-08 21:26:22 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-08-08 21:26:21 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2010-08-08 21:26:01 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-08-08 21:24:59 11807 ----a-w- c:\windows\system32\dllcache\wadv07nt.sys
2010-08-08 21:23:56 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2010-08-08 21:22:57 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-08-08 21:21:53 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2010-08-08 21:21:51 4992 ----a-w- c:\windows\system32\dllcache\toside.sys
2010-08-08 21:21:47 230912 ----a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-08-08 21:21:43 241664 ----a-w- c:\windows\system32\dllcache\tosdvd02.sys
2010-08-08 21:21:39 28232 ----a-w- c:\windows\system32\dllcache\tos4mo.sys
2010-08-08 21:21:31 123995 ----a-w- c:\windows\system32\dllcache\tjisdn.sys
2010-08-08 21:21:25 138528 ----a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-08-08 21:21:21 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
2010-08-08 21:21:21 149376 ----a-w- c:\windows\system32\dllcache\tffsport.sys
2010-08-08 21:21:16 17129 ----a-w- c:\windows\system32\dllcache\tdkcd31.sys
2010-08-08 21:21:12 37961 ----a-w- c:\windows\system32\dllcache\tdk100b.sys
2010-08-08 21:21:02 30464 ----a-w- c:\windows\system32\dllcache\tbatm155.sys
2010-08-08 21:19:58 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys
2010-08-08 21:18:51 58368 ----a-w- c:\windows\system32\dllcache\smiminib.sys
2010-08-08 21:17:59 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
2010-08-08 21:16:57 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys
2010-08-08 21:15:57 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2010-08-08 21:14:59 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys
2010-08-08 21:14:52 9216 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-08-08 21:14:42 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys
2010-08-08 21:14:34 79104 ----a-w- c:\windows\system32\dllcache\rocket.sys
2010-08-08 21:14:32 30080 ----a-w- c:\windows\system32\dllcache\rndismpx.sys
2010-08-08 21:14:27 59648 ----a-w- c:\windows\system32\dllcache\rfcomm.sys
2010-08-08 21:14:27 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-08-08 21:14:19 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll
2010-08-08 21:14:12 13776 ----a-w- c:\windows\system32\dllcache\recagent.sys
2010-08-08 21:13:49 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2010-08-08 21:13:35 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2010-08-08 21:13:28 899146 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2010-08-08 21:13:22 41472 ----a-w- c:\windows\system32\dllcache\qvusd.dll
2010-08-08 21:13:17 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys
2010-08-08 21:13:10 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys
2010-08-08 21:13:10 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys
2010-08-08 21:13:10 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys
2010-08-08 21:13:09 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys
2010-08-08 21:13:09 33152 ----a-w- c:\windows\system32\dllcache\ql10wnt.sys
2010-08-08 21:13:08 6016 ----a-w- c:\windows\system32\dllcache\qic157.sys
2010-08-08 21:12:51 130942 ----a-w- c:\windows\system32\dllcache\ptserlv.sys
2010-08-08 21:12:48 112574 ----a-w- c:\windows\system32\dllcache\ptserlp.sys
2010-08-08 21:12:44 128286 ----a-w- c:\windows\system32\dllcache\ptserli.sys
2010-08-08 21:12:43 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll
2010-08-08 21:12:36 5632 ----a-w- c:\windows\system32\dllcache\ptpusb.dll
2010-08-08 21:12:32 33280 ----a-w- c:\windows\system32\dllcache\psisrndr.ax
2010-08-08 21:12:28 35328 ----a-w- c:\windows\system32\dllcache\psisload.dll
2010-08-08 21:12:27 363520 ----a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-08-08 21:12:20 16128 ----a-w- c:\windows\system32\dllcache\pscr.sys
2010-08-08 21:12:15 17664 ----a-w- c:\windows\system32\dllcache\ppa3.sys
2010-08-08 21:12:11 17792 ----a-w- c:\windows\system32\dllcache\ppa.sys
2010-08-08 21:12:04 7552 ----a-w- c:\windows\system32\dllcache\powerfil.sys
2010-08-08 21:10:56 30282 ----a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2010-08-08 21:10:49 26153 ----a-w- c:\windows\system32\dllcache\pcmlm56.sys
2010-08-08 21:10:47 29502 ----a-w- c:\windows\system32\dllcache\pca200e.sys
2010-08-08 21:10:43 30495 ----a-w- c:\windows\system32\dllcache\pc100nds.sys
2010-08-08 21:10:28 41984 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
2010-08-08 21:10:24 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2010-08-08 21:10:21 25216 ----a-w- c:\windows\system32\dllcache\ovsound2.sys
2010-08-08 21:10:18 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe
2010-08-08 21:10:14 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll
2010-08-08 21:10:11 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys
2010-08-08 21:10:07 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll
2010-08-08 21:10:04 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys
2010-08-08 21:10:01 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys
2010-08-08 21:09:57 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-08-08 21:09:54 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
2010-08-08 21:09:50 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
2010-08-08 21:09:47 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
2010-08-08 21:09:40 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-08-08 21:09:32 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-08-08 21:09:18 61056 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2010-08-08 21:09:06 1897408 ----a-w- c:\windows\system32\dllcache\nv4_mini.sys
2010-08-08 21:09:05 4274816 ----a-w- c:\windows\system32\dllcache\nv4_disp.dll
2010-08-08 21:09:01 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2010-08-08 21:08:57 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2010-08-08 21:08:50 180360 ----a-w- c:\windows\system32\dllcache\ntmtlfax.sys
2010-08-08 21:08:33 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-08-08 21:08:27 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2010-08-08 21:08:23 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-08-08 21:08:21 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2010-08-08 21:08:12 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-08-08 21:08:08 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-08-08 21:08:03 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2010-08-08 21:08:01 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2010-08-08 21:07:43 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2010-08-08 21:07:36 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2010-08-08 21:07:33 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-08-08 21:07:26 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2010-08-08 21:07:15 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll
2010-08-08 21:07:12 27936 ----a-w- c:\windows\system32\dllcache\n9i3d.sys
2010-08-08 15:56:54 0 d-sh--w- C:\FOUND.102
2010-08-08 00:51:58 0 d-sh--w- C:\FOUND.101
2010-08-07 23:01:22 0 ----a-w- c:\windows\system32\dllcache\SET4D1.tmp
2010-08-07 23:01:19 33088 ----a-w- c:\windows\system32\dllcache\n9i128v2.sys
2010-08-07 23:01:16 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2010-08-07 23:01:13 13664 ----a-w- c:\windows\system32\dllcache\n9i128.sys
2010-08-07 23:01:10 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-08-07 23:01:06 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-08-07 23:01:03 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-08-07 23:01:00 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-08-07 22:59:55 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2010-08-07 22:58:54 164586 ----a-w- c:\windows\system32\dllcache\mdgndis5.sys
2010-08-07 22:57:58 15744 ----a-w- c:\windows\system32\dllcache\lit220p.sys
2010-08-07 22:56:58 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys
2010-08-07 22:55:57 38528 ----a-w- c:\windows\system32\dllcache\ibmvcap.sys
2010-08-07 22:54:59 9759 ----a-w- c:\windows\system32\dllcache\hsf_inst.dll
2010-08-07 22:53:57 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2010-08-07 22:52:59 441728 ----a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-08-07 22:51:58 72192 ----a-w- c:\windows\system32\dllcache\es1969.sys
2010-08-07 22:50:56 20992 ----a-w- c:\windows\system32\dllcache\dshowext.ax
2010-08-07 22:49:58 29531 ----a-w- c:\windows\system32\dllcache\dgapci.sys
2010-08-07 22:48:59 44032 ----a-w- c:\windows\system32\dllcache\cnusd.dll
2010-08-07 22:47:59 9728 ----a-w- c:\windows\system32\dllcache\brserif.dll
2010-08-07 22:46:59 870784 ----a-w- c:\windows\system32\dllcache\ati3d1ag.dll
2010-08-07 22:45:38 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-08-07 15:58:49 0 d-----w- c:\program files\Uniblue
2010-08-07 14:45:10 0 d-sh--w- C:\FOUND.100
2010-08-06 19:00:02 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-08-06 19:00:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-08-06 18:44:07 0 d-----w- c:\docume~1\lynngr~1\applic~1\Uniblue
2010-08-06 17:44:58 0 d-----w- c:\windows\system32\wbem\Repository
2010-08-05 03:42:08 58368 ----a-w- C:\websiteupdating.doc
2010-08-04 15:05:38 0 d-sh--w- C:\FOUND.099
2010-08-03 19:30:45 162 ---ha-w- C:\~$DASPCA.doc
2010-08-03 19:30:44 594432 ----a-w- C:\BODASPCA.doc
2010-08-03 19:29:45 162 ---ha-w- C:\~$aug.doc
2010-08-03 04:21:38 51200 ----a-w- C:\aug.doc
2010-08-02 18:01:08 162 ---ha-w- C:\~$ACwebsite0updating[1].doc
2010-07-30 16:07:10 215920 ----a-w- c:\windows\system32\muweb.dll
2010-07-30 16:07:06 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-07-30 15:47:34 0 d-sh--w- C:\FOUND.098
2010-07-30 15:13:19 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-07-29 02:36:38 0 d-sh--w- C:\FOUND.097
2010-07-27 15:10:08 0 d-sh--w- C:\FOUND.096
2010-07-25 14:54:28 0 d-sh--w- C:\FOUND.095
2010-07-24 23:46:22 0 d-sh--w- C:\FOUND.094

==================== Find3M ====================

2010-06-28 20:57:34 38848 ----a-w- c:\windows\avastSS.scr
2010-06-14 14:30:28 743936 ----a-w- c:\windows\system32\dllcache\helpsvc.exe
1999-05-07 09:22:00 8944 ----a-w- c:\windows\inf\USBSCAN.SYS

============= FINISH: 14:34:59.31 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 4/10/2006 7:38:20 AM
System Uptime: 8/18/2010 2:08:25 PM (0 hours ago)

Motherboard: Acer, Inc. | | Lugano M
Processor: Mobile AMD Sempron(tm) Processor 3100+ | Socket A | 1584/400mhz

==== Disk Partitions =========================

C: is FIXED (FAT32) - 26 GiB total, 9.804 GiB free.
D: is FIXED (FAT32) - 27 GiB total, 24.391 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP968: 8/8/2010 9:52:24 PM - System Checkpoint
RP969: 8/10/2010 1:39:07 PM - System Checkpoint
RP970: 8/11/2010 3:39:05 PM - System Checkpoint
RP971: 8/12/2010 8:00:28 PM - System Checkpoint
RP972: 8/13/2010 10:26:57 PM - System Checkpoint
RP973: 8/15/2010 1:17:31 AM - Software Distribution Service 3.0
RP974: 8/16/2010 11:16:41 AM - System Checkpoint
RP975: 8/17/2010 12:32:24 PM - System Checkpoint

==== Installed Programs ======================

µTorrent
Acer eManager for Notebook
Acer GridVista
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.9
Adobe® Photoshop® Album Starter Edition 3.0
Agere Systems AC'97 Modem
Apple Software Update
Arcade 3.0
ArcSoft PhotoStudio 5.5
Ask Toolbar
avast! Free Antivirus
Camera Driver
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator 2.0
Canon MP150
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Critical Update for Windows Media Player 11 (KB959772)
CyberView X - SF v1.17c
Easy-WebPrint
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
J2SE Runtime Environment 5.0 Update 5
K-Lite Codec Pack 5.4.4 (Basic)
Launch Manager
LiveUpdate 1.7 (Symantec Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Access 2003 Inside Out Sample Files
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Visio Professional 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NTI Backup NOW! 4
NTI CD & DVD-Maker
NTI CD & DVD-Maker Gold
Pandigital Photo Viewer 3.3
Pixillion Image Converter
PowerProducer
QuickTime
RealPlayer
Realtek AC'97 Audio
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
SiS 900 PCI Fast Ethernet Adapter Driver
SiS VGA Utilities
SiSAGP driver
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Verizon Broadband Toolbar
Verizon Online Help & Support
Verizon Servicepoint 1.5.20
WebEx
WebFldrs XP
Windows Driver Package - PIE Image 10/22/2002 1.1.1
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Yahoo! SiteBuilder

==== Event Viewer Messages From Past Week ========

8/18/2010 11:21:09 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
8/18/2010 11:21:09 AM, error: Service Control Manager [7001] - The Canon Camera Access Library 8 service depends on the Windows Image Acquisition (WIA) service which failed to start because of the following error: After starting, the service hung in a start-pending state.
8/18/2010 11:21:06 AM, error: Service Control Manager [7022] - The Distributed Link Tracking Client service hung on starting.
8/18/2010 11:20:36 AM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
8/13/2010 5:21:04 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.
8/12/2010 11:14:18 AM, error: Service Control Manager [7000] - The Single Frame Film Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

==== End Of File ===========================

Blade81
2010-08-18, 23:15
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

µTorrent


I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).


After that:


Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.


Please continue as follows:


Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.


Click Yes to allow ComboFix to continue scanning for malware.


When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

shayna
2010-08-19, 00:56
Combofx ran but failed before it wrote a log :eek:

Blade81
2010-08-19, 07:19
Could you give more details how it failed, please? Also, see if c:\ComboFix.txt file was created.

shayna
2010-08-19, 07:39
In DOS it said that it shut down windows to save it from damage. I should check any software or hardware just installed. No txt file was created.
One thing that was different from the discription of the running of Combofix is that the MicroSoft control (sorry don't remember the correct name) installed while Combofix was running instead of me having to install it after it ran (ie created the txt file)

Blade81
2010-08-19, 08:02
Hi,

Try to run ComboFix in safe mode making sure protection software is disabled.

shayna
2010-08-19, 08:42
I found a file called PkgClnup.log it contains the following:

C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\CBA.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\INSTSCAN.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\MSGSYS.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\MSVCRT.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\N32CALL.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\NAVCUST2.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\NAVEX32A.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\NAVINS95.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\NAVINSNT.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\NAVKRNLN.VXD
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\NTS.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\OADIST.EXE
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\PDS.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\PMIGQVB.EXE
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\PMIGRATE.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\QCONVERT.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\QSPAK32.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\REGSVR32.EXE
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\RTVSTOP.EXE
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\S32NAVN.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\scandlvr.dll
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\TRANSMAN.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\VIRSCAN1.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\VIRSCAN2.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\VIRSCAN3.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Support\VIRSCAN4.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\CmnDISNR
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\CmnDISNR\Mfc42.dll
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\MSINotes\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\MSINotes\Nlnvp.dll
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\ProgAT\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\ProgAT\Go.Bat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\ProgAT\NavDX.Exe
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\ProgAT\NavDX.Ovl
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\ProgNEC\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\ProgNEC\Go.Bat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\ProgNEC\NavDX.Exe
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\ProgNEC\NavDX.Ovl
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\Registry\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\Registry\ClnUp.Reg
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\Registry\ClnUpNT.Reg
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\Registry\CmnCU.Reg
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\Registry\CmnLM.Reg
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\Registry\CmnLM9x.Reg
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\Registry\CmnLMNT.Reg
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\Symantec\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\Symantec\S32STAT.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\WinSysNS\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\WinSysNS\Mfc42.dll
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\WinSysNS\Msvcirt.dll
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data\WinSysNS\Msvcrt.dll
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\LiveUpdt\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\LiveUpdt\lusetup.exe
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\SevInst\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\SevInst\sevinst.exe
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\CATALOG.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\NAVENG.EXP
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\NAVENG.SYS
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\NAVENG.VXD
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\NAVENG32.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\NAVEX15.EXP
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\NAVEX15.SYS
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\NAVEX15.VXD
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\NAVEX32A.DLL
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\NCSACERT.TXT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\scrauth.dat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\symaveng.cat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\symaveng.inf
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\TECHNOTE.TXT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\tinf.dat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\tinfidx.dat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\tinfl.dat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\tscan1.dat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\tscan1hd.dat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\vdefmgmt.dat
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN.INF
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN1.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN2.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN3.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN4.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN5.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN6.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN7.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN8.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCAN9.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\VIRSCANT.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\WHATSNEW.TXT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\VirDefs\ZDONE.DAT
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Data1.cab
C:\DOCUME~1\LYNNGR~1\LOCALS~1\Temp\~SMI5A26\Symantec AntiVirus Client.msi\Setup.wis

Blade81
2010-08-19, 09:10
That's not ComboFix related file.

Post fresh dds logs, please.

shayna
2010-08-19, 09:19
DDS (Ver_10-03-17.01) - FAT32x86
Run by Lynn Grossman at 2:16:30.06 on Thu 08/19/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.446.30 [GMT -4:00]

AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Lynn Grossman\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
uInternet Connection Wizard,ShellNext = hxxp://www2.verizon.net/welcome/default.asp?variant=dsl
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13149&gct=&gc=1&q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-d0fc-e57af4d5fa7d} - c:\windows\downlo~1\vzbb.dll
TB: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-d0fc-e57af4d5fa7d} - c:\windows\downlo~1\vzbb.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [LaunchApp] Alaunch
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [SiS Windows KeyHook] c:\windows\system32\keyhook.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PCMService] "c:\program files\arcade\PCMService.exe"
mRun: [LManager] c:\program files\launch manager\QtZgAcer.EXE
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\Monitor.exe
mRun: [A Verizon App] c:\progra~1\verizo~1\helpsu~1\VERIZO~1.EXE
mRun: [Motive SmartBridge] c:\progra~1\verizo~1\helpsu~1\smartb~1\MotiveSB.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_05\bin\jusched.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_05\bin\npjpi150_05.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://stimulustv.webex.com/client/T27LB/training/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\lynngr~1\applic~1\mozilla\firefox\profiles\o2q3b6wl.default\
FF - prefs.js: browser.startup.homepage - hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJPI150_05.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-1-21 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-1-21 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
S2 PEVSystemStart;PEVSystemStart;c:\combofix\PEV.cfxxe [2010-8-19 256512]
S2 PIEUsb;Single Frame Film Scanner;c:\windows\system32\drivers\usbscan.sys [2006-5-7 15104]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]

=============== Created Last 30 ================

2010-08-19 05:33:00 0 d-sh--w- C:\FOUND.112
2010-08-19 05:27:00 0 d-s---w- C:\ComboFix
2010-08-18 22:01:00 0 d-sh--w- C:\FOUND.111
2010-08-18 21:32:39 32768 --sh--w- C:\Recycled
2010-08-18 21:20:12 0 d-sh--w- C:\FOUND.110
2010-08-18 20:58:37 0 d-sha-r- C:\cmdcons
2010-08-18 20:54:41 98816 ----a-w- c:\windows\sed.exe
2010-08-18 20:54:41 77312 ----a-w- c:\windows\MBR.exe
2010-08-18 20:54:41 256512 ----a-w- c:\windows\PEV.exe
2010-08-18 20:54:41 161792 ----a-w- c:\windows\SWREG.exe
2010-08-18 18:04:36 0 d-----w- C:\FOUND.109
2010-08-18 15:18:08 0 d-----w- C:\FOUND.108
2010-08-17 23:20:22 0 d-----w- C:\FOUND.107
2010-08-17 16:16:06 0 d-----w- C:\FOUND.106
2010-08-12 14:54:56 0 d-----w- C:\FOUND.105
2010-08-12 02:38:20 0 d-----w- C:\FOUND.104
2010-08-10 19:23:04 0 d-----w- C:\VundoFix Backups
2010-08-09 20:42:24 0 d-----w- C:\FOUND.103
2010-08-08 21:27:05 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-08-08 21:27:01 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-08-08 21:26:57 17408 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-08-08 21:26:52 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-08-08 21:26:43 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-08-08 21:26:35 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-08-08 21:26:29 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-08-08 21:26:27 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-08-08 21:26:22 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-08-08 21:26:21 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2010-08-08 21:26:01 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-08-08 21:24:59 11807 ----a-w- c:\windows\system32\dllcache\wadv07nt.sys
2010-08-08 21:23:56 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2010-08-08 21:22:57 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-08-08 21:21:53 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2010-08-08 21:21:51 4992 ----a-w- c:\windows\system32\dllcache\toside.sys
2010-08-08 21:21:47 230912 ----a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-08-08 21:21:43 241664 ----a-w- c:\windows\system32\dllcache\tosdvd02.sys
2010-08-08 21:21:39 28232 ----a-w- c:\windows\system32\dllcache\tos4mo.sys
2010-08-08 21:21:31 123995 ----a-w- c:\windows\system32\dllcache\tjisdn.sys
2010-08-08 21:21:25 138528 ----a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-08-08 21:21:21 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
2010-08-08 21:21:21 149376 ----a-w- c:\windows\system32\dllcache\tffsport.sys
2010-08-08 21:21:16 17129 ----a-w- c:\windows\system32\dllcache\tdkcd31.sys
2010-08-08 21:21:12 37961 ----a-w- c:\windows\system32\dllcache\tdk100b.sys
2010-08-08 21:21:02 30464 ----a-w- c:\windows\system32\dllcache\tbatm155.sys
2010-08-08 21:19:58 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys
2010-08-08 21:18:51 58368 ----a-w- c:\windows\system32\dllcache\smiminib.sys
2010-08-08 21:17:59 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
2010-08-08 21:16:57 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys
2010-08-08 21:15:57 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2010-08-08 21:14:59 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys
2010-08-08 21:14:52 9216 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-08-08 21:14:42 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys
2010-08-08 21:14:34 79104 ----a-w- c:\windows\system32\dllcache\rocket.sys
2010-08-08 21:14:32 30080 ----a-w- c:\windows\system32\dllcache\rndismpx.sys
2010-08-08 21:14:27 59648 ----a-w- c:\windows\system32\dllcache\rfcomm.sys
2010-08-08 21:14:27 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-08-08 21:14:19 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll
2010-08-08 21:14:12 13776 ----a-w- c:\windows\system32\dllcache\recagent.sys
2010-08-08 21:13:49 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2010-08-08 21:13:35 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2010-08-08 21:13:28 899146 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2010-08-08 21:13:22 41472 ----a-w- c:\windows\system32\dllcache\qvusd.dll
2010-08-08 21:13:17 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys
2010-08-08 21:13:10 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys
2010-08-08 21:13:10 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys
2010-08-08 21:13:10 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys
2010-08-08 21:13:09 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys
2010-08-08 21:13:09 33152 ----a-w- c:\windows\system32\dllcache\ql10wnt.sys
2010-08-08 21:13:08 6016 ----a-w- c:\windows\system32\dllcache\qic157.sys
2010-08-08 21:12:51 130942 ----a-w- c:\windows\system32\dllcache\ptserlv.sys
2010-08-08 21:12:48 112574 ----a-w- c:\windows\system32\dllcache\ptserlp.sys
2010-08-08 21:12:44 128286 ----a-w- c:\windows\system32\dllcache\ptserli.sys
2010-08-08 21:12:43 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll
2010-08-08 21:12:36 5632 ----a-w- c:\windows\system32\dllcache\ptpusb.dll
2010-08-08 21:12:32 33280 ----a-w- c:\windows\system32\dllcache\psisrndr.ax
2010-08-08 21:12:28 35328 ----a-w- c:\windows\system32\dllcache\psisload.dll
2010-08-08 21:12:27 363520 ----a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-08-08 21:12:20 16128 ----a-w- c:\windows\system32\dllcache\pscr.sys
2010-08-08 21:12:15 17664 ----a-w- c:\windows\system32\dllcache\ppa3.sys
2010-08-08 21:12:11 17792 ----a-w- c:\windows\system32\dllcache\ppa.sys
2010-08-08 21:12:04 7552 ----a-w- c:\windows\system32\dllcache\powerfil.sys
2010-08-08 21:10:56 30282 ----a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2010-08-08 21:10:49 26153 ----a-w- c:\windows\system32\dllcache\pcmlm56.sys
2010-08-08 21:10:47 29502 ----a-w- c:\windows\system32\dllcache\pca200e.sys
2010-08-08 21:10:43 30495 ----a-w- c:\windows\system32\dllcache\pc100nds.sys
2010-08-08 21:10:28 41984 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
2010-08-08 21:10:24 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2010-08-08 21:10:21 25216 ----a-w- c:\windows\system32\dllcache\ovsound2.sys
2010-08-08 21:10:18 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe
2010-08-08 21:10:14 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll
2010-08-08 21:10:11 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys
2010-08-08 21:10:07 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll
2010-08-08 21:10:04 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys
2010-08-08 21:10:01 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys
2010-08-08 21:09:57 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-08-08 21:09:54 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
2010-08-08 21:09:50 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
2010-08-08 21:09:47 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
2010-08-08 21:09:40 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-08-08 21:09:32 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-08-08 21:09:18 61056 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2010-08-08 21:09:06 1897408 ----a-w- c:\windows\system32\dllcache\nv4_mini.sys
2010-08-08 21:09:05 4274816 ----a-w- c:\windows\system32\dllcache\nv4_disp.dll
2010-08-08 21:09:01 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2010-08-08 21:08:57 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2010-08-08 21:08:50 180360 ----a-w- c:\windows\system32\dllcache\ntmtlfax.sys
2010-08-08 21:08:33 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-08-08 21:08:27 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2010-08-08 21:08:23 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-08-08 21:08:21 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2010-08-08 21:08:12 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-08-08 21:08:08 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-08-08 21:08:03 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2010-08-08 21:08:01 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2010-08-08 21:07:43 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2010-08-08 21:07:36 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2010-08-08 21:07:33 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-08-08 21:07:26 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2010-08-08 21:07:15 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll
2010-08-08 21:07:12 27936 ----a-w- c:\windows\system32\dllcache\n9i3d.sys
2010-08-08 15:56:54 0 d-----w- C:\FOUND.102
2010-08-08 00:51:58 0 d-----w- C:\FOUND.101
2010-08-07 23:01:22 0 ----a-w- c:\windows\system32\dllcache\SET4D1.tmp
2010-08-07 23:01:19 33088 ----a-w- c:\windows\system32\dllcache\n9i128v2.sys
2010-08-07 23:01:16 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2010-08-07 23:01:13 13664 ----a-w- c:\windows\system32\dllcache\n9i128.sys
2010-08-07 23:01:10 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-08-07 23:01:06 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-08-07 23:01:03 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-08-07 23:01:00 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-08-07 22:59:55 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2010-08-07 22:58:54 164586 ----a-w- c:\windows\system32\dllcache\mdgndis5.sys
2010-08-07 22:57:58 15744 ----a-w- c:\windows\system32\dllcache\lit220p.sys
2010-08-07 22:56:58 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys
2010-08-07 22:55:57 38528 ----a-w- c:\windows\system32\dllcache\ibmvcap.sys
2010-08-07 22:54:59 9759 ----a-w- c:\windows\system32\dllcache\hsf_inst.dll
2010-08-07 22:53:57 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2010-08-07 22:52:59 441728 ----a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-08-07 22:51:58 72192 ----a-w- c:\windows\system32\dllcache\es1969.sys
2010-08-07 22:50:56 20992 ----a-w- c:\windows\system32\dllcache\dshowext.ax
2010-08-07 22:49:58 29531 ----a-w- c:\windows\system32\dllcache\dgapci.sys
2010-08-07 22:48:59 44032 ----a-w- c:\windows\system32\dllcache\cnusd.dll
2010-08-07 22:47:59 9728 ----a-w- c:\windows\system32\dllcache\brserif.dll
2010-08-07 22:46:59 870784 ----a-w- c:\windows\system32\dllcache\ati3d1ag.dll
2010-08-07 22:45:38 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-08-07 15:58:49 0 d-----w- c:\program files\Uniblue
2010-08-07 14:45:10 0 d-----w- C:\FOUND.100
2010-08-06 19:00:02 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-08-06 19:00:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-08-06 18:44:07 0 d-----w- c:\docume~1\lynngr~1\applic~1\Uniblue
2010-08-06 17:44:58 0 d-----w- c:\windows\system32\wbem\Repository
2010-08-05 03:42:08 58368 ----a-w- C:\websiteupdating.doc
2010-08-04 15:05:38 0 d-----w- C:\FOUND.099
2010-08-03 19:30:45 162 ---ha-w- C:\~$DASPCA.doc
2010-08-03 19:30:44 594432 ----a-w- C:\BODASPCA.doc
2010-08-03 19:29:45 162 ---ha-w- C:\~$aug.doc
2010-08-03 04:21:38 51200 ----a-w- C:\aug.doc
2010-08-02 18:01:08 162 ---ha-w- C:\~$ACwebsite0updating[1].doc
2010-07-30 16:07:10 215920 ----a-w- c:\windows\system32\muweb.dll
2010-07-30 16:07:06 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-07-30 15:47:34 0 d-----w- C:\FOUND.098
2010-07-30 15:13:19 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-07-29 02:36:38 0 d-----w- C:\FOUND.097
2010-07-27 15:10:08 0 d-----w- C:\FOUND.096
2010-07-25 14:54:28 0 d-----w- C:\FOUND.095
2010-07-24 23:46:22 0 d-----w- C:\FOUND.094

==================== Find3M ====================

2010-06-28 20:57:34 38848 ----a-w- c:\windows\avastSS.scr
2010-06-14 14:30:28 743936 ----a-w- c:\windows\system32\dllcache\helpsvc.exe
1999-05-07 09:22:00 8944 ----a-w- c:\windows\inf\USBSCAN.SYS

============= FINISH: 2:17:25.56 ===============





UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 4/10/2006 7:38:20 AM
System Uptime: 8/19/2010 1:30:01 AM (1 hours ago)

Motherboard: Acer, Inc. | | Lugano M
Processor: Mobile AMD Sempron(tm) Processor 3100+ | Socket A | 1584/400mhz

==== Disk Partitions =========================

C: is FIXED (FAT32) - 26 GiB total, 9.802 GiB free.
D: is FIXED (FAT32) - 27 GiB total, 24.391 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP968: 8/8/2010 9:52:24 PM - System Checkpoint
RP969: 8/10/2010 1:39:07 PM - System Checkpoint
RP970: 8/11/2010 3:39:05 PM - System Checkpoint
RP971: 8/12/2010 8:00:28 PM - System Checkpoint
RP972: 8/13/2010 10:26:57 PM - System Checkpoint
RP973: 8/15/2010 1:17:31 AM - Software Distribution Service 3.0
RP974: 8/16/2010 11:16:41 AM - System Checkpoint
RP975: 8/17/2010 12:32:24 PM - System Checkpoint
RP976: 8/18/2010 3:42:02 PM - System Checkpoint

==== Installed Programs ======================

Acer eManager for Notebook
Acer GridVista
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.9
Adobe® Photoshop® Album Starter Edition 3.0
Agere Systems AC'97 Modem
Apple Software Update
Arcade 3.0
ArcSoft PhotoStudio 5.5
Ask Toolbar
avast! Free Antivirus
Camera Driver
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator 2.0
Canon MP150
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Critical Update for Windows Media Player 11 (KB959772)
CyberView X - SF v1.17c
Easy-WebPrint
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
J2SE Runtime Environment 5.0 Update 5
K-Lite Codec Pack 5.4.4 (Basic)
Launch Manager
LiveUpdate 1.7 (Symantec Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Access 2003 Inside Out Sample Files
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Visio Professional 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NTI Backup NOW! 4
NTI CD & DVD-Maker
NTI CD & DVD-Maker Gold
Pandigital Photo Viewer 3.3
Pixillion Image Converter
PowerProducer
QuickTime
RealPlayer
Realtek AC'97 Audio
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
SiS 900 PCI Fast Ethernet Adapter Driver
SiS VGA Utilities
SiSAGP driver
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Verizon Broadband Toolbar
Verizon Online Help & Support
Verizon Servicepoint 1.5.20
WebEx
WebFldrs XP
Windows Driver Package - PIE Image 10/22/2002 1.1.1
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Yahoo! SiteBuilder

==== Event Viewer Messages From Past Week ========

8/19/2010 1:26:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/19/2010 1:26:16 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD AmdK8 aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
8/19/2010 1:26:16 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
8/19/2010 1:26:16 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/19/2010 1:26:16 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/19/2010 1:26:16 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/19/2010 1:26:04 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/18/2010 5:30:06 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
8/18/2010 11:21:09 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
8/18/2010 11:21:09 AM, error: Service Control Manager [7001] - The Canon Camera Access Library 8 service depends on the Windows Image Acquisition (WIA) service which failed to start because of the following error: After starting, the service hung in a start-pending state.
8/18/2010 11:21:06 AM, error: Service Control Manager [7022] - The Distributed Link Tracking Client service hung on starting.
8/18/2010 11:20:36 AM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
8/14/2010 9:33:07 PM, error: Service Control Manager [7000] - The Single Frame Film Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/13/2010 5:21:04 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.

==== End Of File ===========================

Blade81
2010-08-19, 09:25
Hi,

Run a disk check (http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/kbtip.mspx).

After that, disable Avast and run ComboFix (don't use the system while ComboFix is running). Note down any possible error (exact message) and other things while the tool is running.

shayna
2010-08-19, 10:21
I did get one error during stage_6A i think; "PEV.exec has encountered a problem and needs to close" Combofx still kept running

Here is Combofx.txt

ComboFix 10-08-17.04 - Lynn Grossman 08/19/2010 3:08.2.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.446.156 [GMT -4:00]
Running from: c:\documents and settings\Lynn Grossman\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\program files\AskSearch\bin\DeFAultsearch.dll
c:\windows\system32\autorun.ini
c:\windows\Uninstall.ini

.
((((((((((((((((((((((((( Files Created from 2010-07-19 to 2010-08-19 )))))))))))))))))))))))))))))))
.

2010-08-19 05:33 . 2010-08-19 05:33 -------- d-----w- C:\FOUND.112
2010-08-18 22:01 . 2010-08-18 22:01 -------- d-----w- C:\FOUND.111
2010-08-18 21:20 . 2010-08-18 21:20 -------- d-----w- C:\FOUND.110
2010-08-18 18:04 . 2010-08-18 18:04 -------- d-----w- C:\FOUND.109
2010-08-18 15:18 . 2010-08-18 15:18 -------- d-----w- C:\FOUND.108
2010-08-17 23:20 . 2010-08-17 23:20 -------- d-----w- C:\FOUND.107
2010-08-17 16:16 . 2010-08-17 16:16 -------- d-----w- C:\FOUND.106
2010-08-12 14:54 . 2010-08-12 14:54 -------- d-----w- C:\FOUND.105
2010-08-12 02:38 . 2010-08-12 02:38 -------- d-----w- C:\FOUND.104
2010-08-10 19:23 . 2010-08-10 19:23 -------- d-----w- C:\VundoFix Backups
2010-08-09 20:42 . 2010-08-09 20:42 -------- d-----w- C:\FOUND.103
2010-08-08 21:27 . 2004-08-04 04:56 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-08-08 21:27 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-08-08 21:26 . 2001-08-18 02:36 17408 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-08-08 21:26 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-08-08 21:26 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-08-08 21:26 . 2001-08-18 02:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-08-08 21:26 . 2001-08-17 16:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-08-08 21:26 . 2004-08-04 02:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-08-08 21:26 . 2004-08-04 02:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-08-08 21:26 . 2004-08-04 04:56 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2010-08-08 21:26 . 2004-08-04 03:07 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-08-08 21:24 . 2004-08-04 02:29 11807 ----a-w- c:\windows\system32\dllcache\wadv07nt.sys
2010-08-08 21:23 . 2001-08-17 17:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2010-08-08 21:22 . 2001-08-18 02:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-08-08 21:21 . 2001-08-18 02:36 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2010-08-08 21:21 . 2004-08-04 09:00 4992 ----a-w- c:\windows\system32\dllcache\toside.sys
2010-08-08 21:21 . 2001-08-17 18:02 230912 ----a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-08-08 21:21 . 2001-08-17 18:01 241664 ----a-w- c:\windows\system32\dllcache\tosdvd02.sys
2010-08-08 21:21 . 2001-08-17 16:10 28232 ----a-w- c:\windows\system32\dllcache\tos4mo.sys
2010-08-08 21:21 . 2001-08-17 16:14 123995 ----a-w- c:\windows\system32\dllcache\tjisdn.sys
2010-08-08 21:21 . 2001-08-17 16:51 138528 ----a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-08-08 21:21 . 2004-08-04 09:00 149376 ----a-w- c:\windows\system32\dllcache\tffsport.sys
2010-08-08 21:21 . 2001-08-17 18:56 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
2010-08-08 21:21 . 2001-08-17 16:13 17129 ----a-w- c:\windows\system32\dllcache\tdkcd31.sys
2010-08-08 21:21 . 2001-08-17 16:13 37961 ----a-w- c:\windows\system32\dllcache\tdk100b.sys
2010-08-08 21:21 . 2001-08-17 17:49 30464 ----a-w- c:\windows\system32\dllcache\tbatm155.sys
2010-08-08 21:19 . 2001-08-17 17:51 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys
2010-08-08 21:18 . 2001-08-17 16:51 58368 ----a-w- c:\windows\system32\dllcache\smiminib.sys
2010-08-08 21:17 . 2001-08-17 18:56 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
2010-08-08 21:16 . 2001-08-17 17:48 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys
2010-08-08 21:15 . 2001-08-17 16:50 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2010-08-08 21:14 . 2001-08-17 16:19 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys
2010-08-08 21:14 . 2001-08-18 02:36 9216 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-08-08 21:14 . 2001-08-17 16:19 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys
2010-08-08 21:14 . 2004-08-04 02:59 79104 ----a-w- c:\windows\system32\dllcache\rocket.sys
2010-08-08 21:14 . 2004-08-04 09:00 30080 ----a-w- c:\windows\system32\dllcache\rndismpx.sys
2010-08-08 21:14 . 2004-08-04 09:00 59648 ----a-w- c:\windows\system32\dllcache\rfcomm.sys
2010-08-08 21:14 . 2001-08-17 16:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-08-08 21:14 . 2001-08-18 02:36 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll
2010-08-08 21:14 . 2004-08-04 09:00 13776 ----a-w- c:\windows\system32\dllcache\recagent.sys
2010-08-08 21:13 . 2001-08-17 17:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2010-08-08 21:13 . 2001-08-17 17:28 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2010-08-08 21:13 . 2001-08-17 17:28 899146 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2010-08-08 21:13 . 2001-08-18 02:36 41472 ----a-w- c:\windows\system32\dllcache\qvusd.dll
2010-08-08 21:13 . 2001-08-17 17:53 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys
2010-08-08 21:13 . 2004-08-04 09:00 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys
2010-08-08 21:13 . 2004-08-04 09:00 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys
2010-08-08 21:13 . 2004-08-04 09:00 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys
2010-08-08 21:13 . 2004-08-04 09:00 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys
2010-08-08 21:13 . 2004-08-04 09:00 33152 ----a-w- c:\windows\system32\dllcache\ql10wnt.sys
2010-08-08 21:13 . 2004-08-04 03:00 6016 ----a-w- c:\windows\system32\dllcache\qic157.sys
2010-08-08 21:12 . 2001-08-17 17:28 130942 ----a-w- c:\windows\system32\dllcache\ptserlv.sys
2010-08-08 21:12 . 2001-08-17 17:28 112574 ----a-w- c:\windows\system32\dllcache\ptserlp.sys
2010-08-08 21:12 . 2001-08-17 17:28 128286 ----a-w- c:\windows\system32\dllcache\ptserli.sys
2010-08-08 21:12 . 2004-08-04 04:56 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll
2010-08-08 21:12 . 2001-08-18 02:36 5632 ----a-w- c:\windows\system32\dllcache\ptpusb.dll
2010-08-08 21:12 . 2001-08-18 02:36 35328 ----a-w- c:\windows\system32\dllcache\psisload.dll
2010-08-08 21:12 . 2004-08-04 04:56 363520 ----a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-08-08 21:12 . 2001-08-17 17:51 16128 ----a-w- c:\windows\system32\dllcache\pscr.sys
2010-08-08 21:12 . 2004-08-04 03:00 17664 ----a-w- c:\windows\system32\dllcache\ppa3.sys
2010-08-08 21:12 . 2001-08-17 17:53 17792 ----a-w- c:\windows\system32\dllcache\ppa.sys
2010-08-08 21:12 . 2001-08-17 17:53 7552 ----a-w- c:\windows\system32\dllcache\powerfil.sys
2010-08-08 21:10 . 2001-08-17 16:11 30282 ----a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2010-08-08 21:10 . 2001-08-17 16:12 26153 ----a-w- c:\windows\system32\dllcache\pcmlm56.sys
2010-08-08 21:10 . 2004-08-04 02:31 29502 ----a-w- c:\windows\system32\dllcache\pca200e.sys
2010-08-08 21:10 . 2001-08-17 16:12 30495 ----a-w- c:\windows\system32\dllcache\pc100nds.sys
2010-08-08 21:10 . 2001-08-18 02:36 41984 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
2010-08-08 21:10 . 2001-08-18 02:36 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2010-08-08 21:10 . 2001-08-17 18:05 25216 ----a-w- c:\windows\system32\dllcache\ovsound2.sys
2010-08-08 21:10 . 2001-08-18 02:36 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe
2010-08-08 21:10 . 2001-08-18 02:36 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll
2010-08-08 21:10 . 2001-08-17 18:05 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys
2010-08-08 21:10 . 2001-08-18 02:36 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll
2010-08-08 21:10 . 2001-08-17 18:05 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys
2010-08-08 21:10 . 2001-08-17 18:05 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys
2010-08-08 21:09 . 2001-08-17 18:05 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-08-08 21:09 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
2010-08-08 21:09 . 2001-08-17 17:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
2010-08-08 21:09 . 2001-08-17 16:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
2010-08-08 21:09 . 2001-08-17 16:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-08-08 21:09 . 2001-08-17 16:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-08-08 21:09 . 2004-08-04 09:00 61056 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2010-08-08 21:09 . 2004-08-04 02:29 1897408 ----a-w- c:\windows\system32\dllcache\nv4_mini.sys
2010-08-08 21:09 . 2004-08-04 04:56 4274816 ----a-w- c:\windows\system32\dllcache\nv4_disp.dll
2010-08-08 21:09 . 2001-08-17 16:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2010-08-08 21:08 . 2001-08-18 02:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2010-08-08 21:08 . 2004-08-04 09:00 180360 ----a-w- c:\windows\system32\dllcache\ntmtlfax.sys
2010-08-08 21:08 . 2001-08-17 16:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-08-08 21:08 . 2001-08-17 17:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2010-08-08 21:08 . 2001-08-17 17:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-08-08 21:08 . 2004-08-04 03:00 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2010-08-08 21:08 . 2001-08-17 16:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-08-08 21:08 . 2001-08-17 16:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-08-08 21:08 . 2001-08-17 16:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2010-08-08 21:08 . 2004-08-04 02:31 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2010-08-08 21:07 . 2001-08-17 16:11 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2010-08-08 21:07 . 2001-08-17 16:50 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2010-08-08 21:07 . 2001-08-18 02:36 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-08-08 21:07 . 2001-08-17 17:49 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2010-08-08 21:07 . 2001-08-17 18:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll
2010-08-08 21:07 . 2001-08-17 16:50 27936 ----a-w- c:\windows\system32\dllcache\n9i3d.sys
2010-08-08 15:56 . 2010-08-08 15:56 -------- d-----w- C:\FOUND.102
2010-08-08 00:51 . 2010-08-08 00:51 -------- d-----w- C:\FOUND.101
2010-08-07 23:01 . 2001-08-17 16:50 33088 ----a-w- c:\windows\system32\dllcache\n9i128v2.sys
2010-08-07 23:01 . 2001-08-18 02:36 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2010-08-07 23:01 . 2001-08-17 16:50 13664 ----a-w- c:\windows\system32\dllcache\n9i128.sys
2010-08-07 23:01 . 2001-08-17 18:56 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-08-07 23:01 . 2001-08-17 16:11 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-08-07 23:01 . 2001-08-17 16:11 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-08-07 23:01 . 2001-08-17 17:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-08-07 22:59 . 2001-08-17 18:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2010-08-07 22:59 . 2001-08-17 17:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2010-08-07 22:59 . 2004-08-04 03:10 51328 ----a-w- c:\windows\system32\dllcache\msdv.sys
2010-08-07 22:59 . 2004-08-04 09:00 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-04 16:12 . 2006-04-19 14:09 65152 ----a-w- c:\documents and settings\Lynn Grossman\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-01 22:47 . 2010-03-12 17:33 439816 ----a-w- c:\documents and settings\Lynn Grossman\Application Data\Real\Update\SETUP3.10\setup.exe
2010-06-28 20:57 . 2010-06-29 02:33 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2009-01-21 04:38 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2009-01-21 04:38 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2009-01-21 04:38 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2009-01-21 04:38 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2009-01-21 04:38 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2009-01-21 04:38 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2009-01-21 04:38 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2009-01-21 04:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-23 23:01 . 2010-06-23 23:01 -------- d-----w- c:\documents and settings\Lynn Grossman\Application Data\webex
2010-06-14 14:30 . 2004-08-04 09:00 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-06 19:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-08 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-08 688218]
"SoundMan"="SOUNDMAN.EXE" [2005-02-23 77824]
"AGRSMMSG"="AGRSMMSG.exe" [2004-10-07 88363]
"SiSPower"="SiSPower.dll" [2005-02-25 49152]
"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2005-03-04 32768]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PCMService"="c:\program files\Arcade\PCMService.exe" [2005-03-09 49152]
"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2005-10-12 315392]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 385024]
"Motive SmartBridge"="c:\progra~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe" [2005-04-13 385024]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]
"VerizonServicepoint.exe"="c:\program files\Verizon\VSP\VerizonServicepoint.exe" [2007-11-16 2065648]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-27 198160]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_05\bin\jusched.exe" [2005-08-26 36975]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Utility Tray.lnk - c:\windows\system32\sistray.exe [2005-1-4 331776]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/21/2009 12:38 AM 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/21/2009 12:38 AM 17744]
S2 PIEUsb;Single Frame Film Scanner;c:\windows\system32\drivers\usbscan.sys [5/7/2006 10:16 PM 15104]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - INT15.SYS
.
Contents of the 'Scheduled Tasks' folder

2009-08-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-08-19 c:\windows\Tasks\User_Feed_Synchronization-{06F54487-4785-4B96-9DBD-3DFCCA049620}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
uInternet Connection Wizard,ShellNext = hxxp://www2.verizon.net/welcome/default.asp?variant=dsl
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13149&gct=&gc=1&q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Lynn Grossman\Application Data\Mozilla\Firefox\Profiles\o2q3b6wl.default\
FF - prefs.js: browser.startup.homepage - hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\Java\jre1.5.0_05\bin\NPJPI150_05.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-19 03:15
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(520)
c:\windows\system32\WININET.dll
c:\progra~1\VERIZO~1\HELPSU~1\SMARTB~1\SBHook.dll
c:\program files\CyberLink\Shared Files\CLRCEngine.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-08-19 03:17:22
ComboFix-quarantined-files.txt 2010-08-19 07:17

Pre-Run: 10,497,196,032 bytes free
Post-Run: 10,575,659,008 bytes free

- - End Of File - - A1C0C884E2330AB425051761543AF16F

Blade81
2010-08-19, 11:14
Hi again,

Uninstall Ask Toolbar if not installed on purpose.

Uninstall old Adobe Reader versions and get the latest one with updates (9.3 and updates 9.3.2 & 9.3.3) here (http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows) or get Foxit Reader here (http://www.foxitsoftware.com/pdf/reader_2/down_reader.htm). Make sure you don't install toolbar if choose Foxit Reader! You may also check free readers introduced here (http://pdfreaders.org/).


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update to the latest version...

Updating Java:

Download the latest version of Java Runtime Environment (JRE) 6 Update 21 (http://java.sun.com/javase/downloads/index.jsp).
Click the
Download
button to the right.
Select Windows on platform combobox and check the box that says:
Accept License Agreement. Click continue.

The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u21-windows-i586-p.exe to install the newest version. Uncheck Carbonite online backup trial if it's offered there.



Download ATF (Atribune Temp File) Cleaner© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.


Please run an online scan with Kaspersky Online Scanner (http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html) as instructed in the screenshot here (http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif).


Post back its report & a fresh dds.txt log. How's the system running?

shayna
2010-08-19, 11:19
System is running great (my fingers are crossed), but the problem varied from day to day. You gave me a lot to do and it is late so i must get some sleep. Thank you so much for your help and I hope your around tomorrow when i complete my assignments.

Blade81
2010-08-19, 22:40
Ok. Take your time :)

shayna
2010-08-19, 23:38
I have to take my time, my computer is being very bad today it is very slow and I'm having problems downloading the software you told me to do. I got Java to download (not sure it is correct) but not Adobe. So I decided to run Kaspersk and then download the software. Kas is loading the db right now (it is taking a looong time). Will let you know specifics after I run Kaspersk and maybe a disk check.

shayna
2010-08-20, 04:06
I ran *Kaspersky Online Scanner* - it ran for over an hour and the computer shut down. This is what happened when I ran spybot. I am now running it with just Spy ware etc checked off. I'm almost ready to buy a new computer.

Any suggestions?

Blade81
2010-08-20, 07:26
Hi,

It might be overheating issue. Has dust been cleaned from inside the computer lately?

shayna
2010-08-20, 07:47
It is running now. I ran the 3 types seperately and I'm on the last one now. So far nothing has been found. Please don't ask how but after 2 hours of running I failed to save the report for the first one:oops: (I did see that it hadn't flagged anything) but I have the second one (Archive).


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Thursday, August 19, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, August 19, 2010 12:05:32
Records in database: 4135377
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: no
Scan e-mail databases: no

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Objects scanned: 63331
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 01:06:57

No threats found. Scanned area is clean.

Selected area has been scanned.
.......................................................................................................


I will post the last one (email db) with the dds report when it finishes. Um, do you have to see the first one?

I thought about it be an overheating problem but it is running now and as far as Spybot it failed a number of times at about the same time and I caught the last one on a file called ....Virtumonde. My problem fits the discription of Virtumonde.

What is the best way to clean the insides?

shayna
2010-08-20, 08:13
Computer is running okay. The dds text file follows.

The last Kas. report;

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0: scan report
Friday, August 20, 2010
Operating system: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, August 19, 2010 12:05:32
Records in database: 4135377
--------------------------------------------------------------------------------

Scan settings:
scan using the following database: extended
Scan archives: no
Scan e-mail databases: no

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Objects scanned: 63346
Threats found: 0
Infected objects found: 0
Suspicious objects found: 0
Scan duration: 01:05:53

No threats found. Scanned area is clean.

Selected area has been scanned.

....................................................................................................


DDS results


DDS (Ver_10-03-17.01) - FAT32x86
Run by Lynn Grossman at 1:07:44.26 on Fri 08/20/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.446.155 [GMT -4:00]

AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Lynn Grossman\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
uInternet Connection Wizard,ShellNext = hxxp://www2.verizon.net/welcome/default.asp?variant=dsl
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13149&gct=&gc=1&q=%s
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-d0fc-e57af4d5fa7d} - c:\windows\downlo~1\vzbb.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Verizon Broadband Toolbar: {4e7bd74f-2b8d-469e-d0fc-e57af4d5fa7d} - c:\windows\downlo~1\vzbb.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [LaunchApp] Alaunch
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [SiS Windows KeyHook] c:\windows\system32\keyhook.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [PCMService] "c:\program files\arcade\PCMService.exe"
mRun: [LManager] c:\program files\launch manager\QtZgAcer.EXE
mRun: [eRecoveryService] c:\acer\empowering technology\erecovery\Monitor.exe
mRun: [A Verizon App] c:\progra~1\verizo~1\helpsu~1\VERIZO~1.EXE
mRun: [Motive SmartBridge] c:\progra~1\verizo~1\helpsu~1\smartb~1\MotiveSB.exe
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} - hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://stimulustv.webex.com/client/T27LB/training/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\lynngr~1\applic~1\mozilla\firefox\profiles\o2q3b6wl.default\
FF - prefs.js: browser.startup.homepage - hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\java\jre1.5.0_05\bin\NPJPI150_05.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-1-21 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-1-21 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
S2 PIEUsb;Single Frame Film Scanner;c:\windows\system32\drivers\usbscan.sys [2006-5-7 15104]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-15 40384]

=============== Created Last 30 ================

2010-08-20 00:15:24 0 d-sh--w- C:\FOUND.115
2010-08-19 19:56:20 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-08-19 16:31:12 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-19 15:19:02 0 d-sh--w- C:\FOUND.114
2010-08-19 14:50:10 0 d-sh--w- C:\FOUND.113
2010-08-19 05:33:00 0 d-----w- C:\FOUND.112
2010-08-18 22:01:00 0 d-----w- C:\FOUND.111
2010-08-18 21:32:39 32768 --sh--w- C:\Recycled
2010-08-18 21:20:12 0 d-----w- C:\FOUND.110
2010-08-18 20:58:37 0 d-sha-r- C:\cmdcons
2010-08-18 20:54:41 98816 ----a-w- c:\windows\sed.exe
2010-08-18 20:54:41 77312 ----a-w- c:\windows\MBR.exe
2010-08-18 20:54:41 256512 ----a-w- c:\windows\PEV.exe
2010-08-18 20:54:41 161792 ----a-w- c:\windows\SWREG.exe
2010-08-18 18:04:36 0 d-----w- C:\FOUND.109
2010-08-18 15:18:08 0 d-----w- C:\FOUND.108
2010-08-17 23:20:22 0 d-----w- C:\FOUND.107
2010-08-17 16:16:06 0 d-----w- C:\FOUND.106
2010-08-12 14:54:56 0 d-----w- C:\FOUND.105
2010-08-12 02:38:20 0 d-----w- C:\FOUND.104
2010-08-10 19:23:04 0 d-----w- C:\VundoFix Backups
2010-08-09 20:42:24 0 d-----w- C:\FOUND.103
2010-08-08 21:27:05 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-08-08 21:27:01 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-08-08 21:26:57 17408 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-08-08 21:26:52 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-08-08 21:26:43 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-08-08 21:26:35 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-08-08 21:26:29 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-08-08 21:26:27 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-08-08 21:26:22 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-08-08 21:26:21 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2010-08-08 21:26:01 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-08-08 21:24:59 11807 ----a-w- c:\windows\system32\dllcache\wadv07nt.sys
2010-08-08 21:23:56 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2010-08-08 21:22:57 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-08-08 21:21:53 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2010-08-08 21:21:51 4992 ----a-w- c:\windows\system32\dllcache\toside.sys
2010-08-08 21:21:47 230912 ----a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-08-08 21:21:43 241664 ----a-w- c:\windows\system32\dllcache\tosdvd02.sys
2010-08-08 21:21:39 28232 ----a-w- c:\windows\system32\dllcache\tos4mo.sys
2010-08-08 21:21:31 123995 ----a-w- c:\windows\system32\dllcache\tjisdn.sys
2010-08-08 21:21:25 138528 ----a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-08-08 21:21:21 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
2010-08-08 21:21:21 149376 ----a-w- c:\windows\system32\dllcache\tffsport.sys
2010-08-08 21:21:16 17129 ----a-w- c:\windows\system32\dllcache\tdkcd31.sys
2010-08-08 21:21:12 37961 ----a-w- c:\windows\system32\dllcache\tdk100b.sys
2010-08-08 21:21:02 30464 ----a-w- c:\windows\system32\dllcache\tbatm155.sys
2010-08-08 21:19:58 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys
2010-08-08 21:18:51 58368 ----a-w- c:\windows\system32\dllcache\smiminib.sys
2010-08-08 21:17:59 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
2010-08-08 21:16:57 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys
2010-08-08 21:15:57 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2010-08-08 21:14:59 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys
2010-08-08 21:14:52 9216 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-08-08 21:14:42 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys
2010-08-08 21:14:34 79104 ----a-w- c:\windows\system32\dllcache\rocket.sys
2010-08-08 21:14:32 30080 ----a-w- c:\windows\system32\dllcache\rndismpx.sys
2010-08-08 21:14:27 59648 ----a-w- c:\windows\system32\dllcache\rfcomm.sys
2010-08-08 21:14:27 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-08-08 21:14:19 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll
2010-08-08 21:14:12 13776 ----a-w- c:\windows\system32\dllcache\recagent.sys
2010-08-08 21:13:49 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2010-08-08 21:13:35 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2010-08-08 21:13:28 899146 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2010-08-08 21:13:22 41472 ----a-w- c:\windows\system32\dllcache\qvusd.dll
2010-08-08 21:13:17 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys
2010-08-08 21:13:10 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys
2010-08-08 21:13:10 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys
2010-08-08 21:13:10 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys
2010-08-08 21:13:09 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys
2010-08-08 21:13:09 33152 ----a-w- c:\windows\system32\dllcache\ql10wnt.sys
2010-08-08 21:13:08 6016 ----a-w- c:\windows\system32\dllcache\qic157.sys
2010-08-08 21:12:51 130942 ----a-w- c:\windows\system32\dllcache\ptserlv.sys
2010-08-08 21:12:48 112574 ----a-w- c:\windows\system32\dllcache\ptserlp.sys
2010-08-08 21:12:44 128286 ----a-w- c:\windows\system32\dllcache\ptserli.sys
2010-08-08 21:12:43 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll
2010-08-08 21:12:36 5632 ----a-w- c:\windows\system32\dllcache\ptpusb.dll
2010-08-08 21:12:32 33280 ----a-w- c:\windows\system32\dllcache\psisrndr.ax
2010-08-08 21:12:28 35328 ----a-w- c:\windows\system32\dllcache\psisload.dll
2010-08-08 21:12:27 363520 ----a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-08-08 21:12:20 16128 ----a-w- c:\windows\system32\dllcache\pscr.sys
2010-08-08 21:12:15 17664 ----a-w- c:\windows\system32\dllcache\ppa3.sys
2010-08-08 21:12:11 17792 ----a-w- c:\windows\system32\dllcache\ppa.sys
2010-08-08 21:12:04 7552 ----a-w- c:\windows\system32\dllcache\powerfil.sys
2010-08-08 21:10:56 30282 ----a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2010-08-08 21:10:49 26153 ----a-w- c:\windows\system32\dllcache\pcmlm56.sys
2010-08-08 21:10:47 29502 ----a-w- c:\windows\system32\dllcache\pca200e.sys
2010-08-08 21:10:43 30495 ----a-w- c:\windows\system32\dllcache\pc100nds.sys
2010-08-08 21:10:28 41984 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
2010-08-08 21:10:24 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2010-08-08 21:10:21 25216 ----a-w- c:\windows\system32\dllcache\ovsound2.sys
2010-08-08 21:10:18 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe
2010-08-08 21:10:14 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll
2010-08-08 21:10:11 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys
2010-08-08 21:10:07 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll
2010-08-08 21:10:04 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys
2010-08-08 21:10:01 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys
2010-08-08 21:09:57 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-08-08 21:09:54 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
2010-08-08 21:09:50 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
2010-08-08 21:09:47 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
2010-08-08 21:09:40 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-08-08 21:09:32 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-08-08 21:09:18 61056 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2010-08-08 21:09:06 1897408 ----a-w- c:\windows\system32\dllcache\nv4_mini.sys
2010-08-08 21:09:05 4274816 ----a-w- c:\windows\system32\dllcache\nv4_disp.dll
2010-08-08 21:09:01 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2010-08-08 21:08:57 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2010-08-08 21:08:50 180360 ----a-w- c:\windows\system32\dllcache\ntmtlfax.sys
2010-08-08 21:08:33 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-08-08 21:08:27 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2010-08-08 21:08:23 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-08-08 21:08:21 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2010-08-08 21:08:12 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-08-08 21:08:08 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-08-08 21:08:03 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2010-08-08 21:08:01 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2010-08-08 21:07:43 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2010-08-08 21:07:36 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2010-08-08 21:07:33 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-08-08 21:07:26 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2010-08-08 21:07:15 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll
2010-08-08 21:07:12 27936 ----a-w- c:\windows\system32\dllcache\n9i3d.sys
2010-08-08 15:56:54 0 d-----w- C:\FOUND.102
2010-08-08 00:51:58 0 d-----w- C:\FOUND.101
2010-08-07 23:01:22 0 ----a-w- c:\windows\system32\dllcache\SET4D1.tmp
2010-08-07 23:01:19 33088 ----a-w- c:\windows\system32\dllcache\n9i128v2.sys
2010-08-07 23:01:16 59104 ----a-w- c:\windows\system32\dllcache\n9i128v2.dll
2010-08-07 23:01:13 13664 ----a-w- c:\windows\system32\dllcache\n9i128.sys
2010-08-07 23:01:10 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-08-07 23:01:06 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-08-07 23:01:03 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-08-07 23:01:00 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-08-07 22:59:55 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2010-08-07 22:58:54 164586 ----a-w- c:\windows\system32\dllcache\mdgndis5.sys
2010-08-07 22:57:58 15744 ----a-w- c:\windows\system32\dllcache\lit220p.sys
2010-08-07 22:56:58 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys
2010-08-07 22:55:57 38528 ----a-w- c:\windows\system32\dllcache\ibmvcap.sys
2010-08-07 22:54:59 9759 ----a-w- c:\windows\system32\dllcache\hsf_inst.dll
2010-08-07 22:53:57 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2010-08-07 22:52:59 441728 ----a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-08-07 22:51:58 72192 ----a-w- c:\windows\system32\dllcache\es1969.sys
2010-08-07 22:50:56 20992 ----a-w- c:\windows\system32\dllcache\dshowext.ax
2010-08-07 22:49:58 29531 ----a-w- c:\windows\system32\dllcache\dgapci.sys
2010-08-07 22:48:59 44032 ----a-w- c:\windows\system32\dllcache\cnusd.dll
2010-08-07 22:47:59 9728 ----a-w- c:\windows\system32\dllcache\brserif.dll
2010-08-07 22:46:59 870784 ----a-w- c:\windows\system32\dllcache\ati3d1ag.dll
2010-08-07 22:45:38 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-08-07 15:58:49 0 d-----w- c:\program files\Uniblue
2010-08-07 14:45:10 0 d-----w- C:\FOUND.100
2010-08-06 19:00:02 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-08-06 19:00:02 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-08-06 18:44:07 0 d-----w- c:\docume~1\lynngr~1\applic~1\Uniblue
2010-08-06 17:44:58 0 d-----w- c:\windows\system32\wbem\Repository
2010-08-05 03:42:08 58368 ----a-w- C:\websiteupdating.doc
2010-08-04 15:05:38 0 d-----w- C:\FOUND.099
2010-08-03 19:30:45 162 ---ha-w- C:\~$DASPCA.doc
2010-08-03 19:30:44 594432 ----a-w- C:\BODASPCA.doc
2010-08-03 19:29:45 162 ---ha-w- C:\~$aug.doc
2010-08-03 04:21:38 51200 ----a-w- C:\aug.doc
2010-08-02 18:01:08 162 ---ha-w- C:\~$ACwebsite0updating[1].doc
2010-07-30 16:07:10 215920 ----a-w- c:\windows\system32\muweb.dll
2010-07-30 16:07:06 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-07-30 15:47:34 0 d-----w- C:\FOUND.098
2010-07-30 15:13:19 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-07-29 02:36:38 0 d-----w- C:\FOUND.097
2010-07-27 15:10:08 0 d-----w- C:\FOUND.096
2010-07-25 14:54:28 0 d-----w- C:\FOUND.095
2010-07-24 23:46:22 0 d-----w- C:\FOUND.094

==================== Find3M ====================

2010-06-28 20:57:34 38848 ----a-w- c:\windows\avastSS.scr
2010-06-14 14:30:28 743936 ----a-w- c:\windows\system32\dllcache\helpsvc.exe
1999-05-07 09:22:00 8944 ----a-w- c:\windows\inf\USBSCAN.SYS

============= FINISH: 1:08:30.85 ===============





UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 4/10/2006 7:38:20 AM
System Uptime: 8/19/2010 8:45:34 PM (5 hours ago)

Motherboard: Acer, Inc. | | Lugano M
Processor: Mobile AMD Sempron(tm) Processor 3100+ | Socket A | 1800/400mhz

==== Disk Partitions =========================

C: is FIXED (FAT32) - 26 GiB total, 9.523 GiB free.
D: is FIXED (FAT32) - 27 GiB total, 24.391 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP968: 8/8/2010 9:52:24 PM - System Checkpoint
RP969: 8/10/2010 1:39:07 PM - System Checkpoint
RP970: 8/11/2010 3:39:05 PM - System Checkpoint
RP971: 8/12/2010 8:00:28 PM - System Checkpoint
RP972: 8/13/2010 10:26:57 PM - System Checkpoint
RP973: 8/15/2010 1:17:31 AM - Software Distribution Service 3.0
RP974: 8/16/2010 11:16:41 AM - System Checkpoint
RP975: 8/17/2010 12:32:24 PM - System Checkpoint
RP976: 8/18/2010 3:42:02 PM - System Checkpoint
RP977: 8/19/2010 11:43:03 AM - Removed Adobe Reader 7.0.9
RP978: 8/19/2010 12:16:51 PM - Removed J2SE Runtime Environment 5.0 Update 5
RP979: 8/19/2010 12:30:49 PM - Installed Java(TM) 6 Update 21
RP980: 8/19/2010 3:55:31 PM - Removed Java(TM) 6 Update 21
RP981: 8/19/2010 3:56:03 PM - Installed Java(TM) 6 Update 21

==== Installed Programs ======================

Acer eManager for Notebook
Acer GridVista
Adobe Flash Player 10 ActiveX
Adobe® Photoshop® Album Starter Edition 3.0
Agere Systems AC'97 Modem
Apple Software Update
Arcade 3.0
ArcSoft PhotoStudio 5.5
Ask Toolbar
avast! Free Antivirus
Camera Driver
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator 2.0
Canon MP150
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Critical Update for Windows Media Player 11 (KB959772)
CyberView X - SF v1.17c
Easy-WebPrint
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Java Auto Updater
Java(TM) 6 Update 21
K-Lite Codec Pack 5.4.4 (Basic)
Launch Manager
LiveUpdate 1.7 (Symantec Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Access 2003 Inside Out Sample Files
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Visio Professional 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Move Networks Media Player for Internet Explorer
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NTI Backup NOW! 4
NTI CD & DVD-Maker
NTI CD & DVD-Maker Gold
Pandigital Photo Viewer 3.3
Pixillion Image Converter
PowerProducer
QuickTime
RealPlayer
Realtek AC'97 Audio
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
SiS 900 PCI Fast Ethernet Adapter Driver
SiS VGA Utilities
SiSAGP driver
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Verizon Broadband Toolbar
Verizon Online Help & Support
Verizon Servicepoint 1.5.20
WebEx
WebFldrs XP
Windows Driver Package - PIE Image 10/22/2002 1.1.1
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Yahoo! SiteBuilder

==== Event Viewer Messages From Past Week ========

8/19/2010 11:44:52 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
8/19/2010 1:26:27 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
8/19/2010 1:26:16 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD AmdK8 aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
8/19/2010 1:26:16 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
8/19/2010 1:26:16 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/19/2010 1:26:16 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
8/19/2010 1:26:16 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
8/19/2010 1:26:04 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/18/2010 5:30:06 PM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942403
8/18/2010 11:21:09 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
8/18/2010 11:21:09 AM, error: Service Control Manager [7001] - The Canon Camera Access Library 8 service depends on the Windows Image Acquisition (WIA) service which failed to start because of the following error: After starting, the service hung in a start-pending state.
8/18/2010 11:21:06 AM, error: Service Control Manager [7022] - The Distributed Link Tracking Client service hung on starting.
8/18/2010 11:20:36 AM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting.
8/16/2010 10:49:35 AM, error: Service Control Manager [7000] - The Single Frame Film Scanner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
8/13/2010 5:21:04 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.

==== End Of File ===========================

Blade81
2010-08-20, 11:27
Please run ComboFix again (let it update itself). Post back the report.

shayna
2010-08-20, 14:44
ComboFix 10-08-18.05 - Lynn Grossman 08/20/2010 7:33.4.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.446.161 [GMT -4:00]
Running from: c:\documents and settings\Lynn Grossman\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Created from 2010-07-20 to 2010-08-20 )))))))))))))))))))))))))))))))
.

2010-08-20 11:29 . 2010-08-20 11:29 -------- d-----w- C:\FOUND.116
2010-08-20 00:15 . 2010-08-20 00:15 -------- d-----w- C:\FOUND.115
2010-08-19 19:56 . 2010-08-19 19:56 -------- d-----w- c:\program files\Common Files\Java
2010-08-19 19:56 . 2010-08-19 19:56 -------- d-----w- c:\program files\Java
2010-08-19 16:31 . 2010-08-19 16:31 503808 ----a-w- c:\documents and settings\Lynn Grossman\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1abe0184-n\msvcp71.dll
2010-08-19 16:31 . 2010-08-19 16:31 499712 ----a-w- c:\documents and settings\Lynn Grossman\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1abe0184-n\jmc.dll
2010-08-19 16:31 . 2010-08-19 16:31 348160 ----a-w- c:\documents and settings\Lynn Grossman\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-1abe0184-n\msvcr71.dll
2010-08-19 16:31 . 2010-08-19 16:31 61440 ----a-w- c:\documents and settings\Lynn Grossman\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3cf0115e-n\decora-sse.dll
2010-08-19 16:31 . 2010-08-19 16:31 12800 ----a-w- c:\documents and settings\Lynn Grossman\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3cf0115e-n\decora-d3d.dll
2010-08-19 16:31 . 2010-08-19 19:56 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-19 15:19 . 2010-08-19 15:19 -------- d-----w- C:\FOUND.114
2010-08-19 14:50 . 2010-08-19 14:50 -------- d-----w- C:\FOUND.113
2010-08-19 05:33 . 2010-08-19 05:33 -------- d-----w- C:\FOUND.112
2010-08-18 22:01 . 2010-08-18 22:01 -------- d-----w- C:\FOUND.111
2010-08-18 21:20 . 2010-08-18 21:20 -------- d-----w- C:\FOUND.110
2010-08-18 18:04 . 2010-08-18 18:04 -------- d-----w- C:\FOUND.109
2010-08-18 15:18 . 2010-08-18 15:18 -------- d-----w- C:\FOUND.108
2010-08-17 23:20 . 2010-08-17 23:20 -------- d-----w- C:\FOUND.107
2010-08-17 16:16 . 2010-08-17 16:16 -------- d-----w- C:\FOUND.106
2010-08-12 14:54 . 2010-08-12 14:54 -------- d-----w- C:\FOUND.105
2010-08-12 02:38 . 2010-08-12 02:38 -------- d-----w- C:\FOUND.104
2010-08-10 19:23 . 2010-08-10 19:23 -------- d-----w- C:\VundoFix Backups
2010-08-09 20:42 . 2010-08-09 20:42 -------- d-----w- C:\FOUND.103
2010-08-08 21:27 . 2004-08-04 04:56 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-08-08 21:27 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-08-08 21:26 . 2001-08-18 02:36 17408 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-08-08 21:26 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-08-08 21:26 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-08-08 21:26 . 2001-08-18 02:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-08-08 21:26 . 2001-08-17 16:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-08-08 21:26 . 2004-08-04 02:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-08-08 21:26 . 2004-08-04 02:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-08-08 21:26 . 2004-08-04 04:56 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2010-08-08 21:26 . 2004-08-04 03:07 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-08-08 21:24 . 2004-08-04 02:29 11807 ----a-w- c:\windows\system32\dllcache\wadv07nt.sys
2010-08-08 21:23 . 2001-08-17 17:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2010-08-08 21:22 . 2001-08-18 02:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-08-08 21:21 . 2001-08-18 02:36 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2010-08-08 21:21 . 2004-08-04 09:00 4992 ----a-w- c:\windows\system32\dllcache\toside.sys
2010-08-08 21:21 . 2001-08-17 18:02 230912 ----a-w- c:\windows\system32\dllcache\tosdvd03.sys
2010-08-08 21:21 . 2001-08-17 18:01 241664 ----a-w- c:\windows\system32\dllcache\tosdvd02.sys
2010-08-08 21:21 . 2001-08-17 16:10 28232 ----a-w- c:\windows\system32\dllcache\tos4mo.sys
2010-08-08 21:21 . 2001-08-17 16:14 123995 ----a-w- c:\windows\system32\dllcache\tjisdn.sys
2010-08-08 21:21 . 2001-08-17 16:51 138528 ----a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-08-08 21:21 . 2004-08-04 09:00 149376 ----a-w- c:\windows\system32\dllcache\tffsport.sys
2010-08-08 21:21 . 2001-08-17 18:56 81408 ----a-w- c:\windows\system32\dllcache\tgiul50.dll
2010-08-08 21:21 . 2001-08-17 16:13 17129 ----a-w- c:\windows\system32\dllcache\tdkcd31.sys
2010-08-08 21:21 . 2001-08-17 16:13 37961 ----a-w- c:\windows\system32\dllcache\tdk100b.sys
2010-08-08 21:21 . 2001-08-17 17:49 30464 ----a-w- c:\windows\system32\dllcache\tbatm155.sys
2010-08-08 21:19 . 2001-08-17 17:51 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys
2010-08-08 21:18 . 2001-08-17 16:51 58368 ----a-w- c:\windows\system32\dllcache\smiminib.sys
2010-08-08 21:17 . 2001-08-17 18:56 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
2010-08-08 21:16 . 2001-08-17 17:48 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys
2010-08-08 21:15 . 2001-08-17 16:50 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2010-08-08 21:14 . 2001-08-17 16:19 30720 ----a-w- c:\windows\system32\dllcache\rthwcls.sys
2010-08-08 21:14 . 2001-08-18 02:36 9216 ----a-w- c:\windows\system32\dllcache\rsmgrstr.dll
2010-08-08 21:14 . 2001-08-17 16:19 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys
2010-08-08 21:14 . 2004-08-04 02:59 79104 ----a-w- c:\windows\system32\dllcache\rocket.sys
2010-08-08 21:14 . 2004-08-04 09:00 30080 ----a-w- c:\windows\system32\dllcache\rndismpx.sys
2010-08-08 21:14 . 2004-08-04 09:00 59648 ----a-w- c:\windows\system32\dllcache\rfcomm.sys
2010-08-08 21:14 . 2001-08-17 16:12 37563 ----a-w- c:\windows\system32\dllcache\rlnet5.sys
2010-08-08 21:14 . 2001-08-18 02:36 86097 ----a-w- c:\windows\system32\dllcache\reslog32.dll
2010-08-08 21:14 . 2004-08-04 09:00 13776 ----a-w- c:\windows\system32\dllcache\recagent.sys
2010-08-08 21:13 . 2001-08-17 17:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2010-08-08 21:13 . 2001-08-17 17:28 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2010-08-08 21:13 . 2001-08-17 17:28 899146 ----a-w- c:\windows\system32\dllcache\r2mdkxga.sys
2010-08-08 21:13 . 2001-08-18 02:36 41472 ----a-w- c:\windows\system32\dllcache\qvusd.dll
2010-08-08 21:13 . 2001-08-17 17:53 3328 ----a-w- c:\windows\system32\dllcache\qv2kux.sys
2010-08-08 21:13 . 2004-08-04 09:00 49024 ----a-w- c:\windows\system32\dllcache\ql1280.sys
2010-08-08 21:13 . 2004-08-04 09:00 45312 ----a-w- c:\windows\system32\dllcache\ql12160.sys
2010-08-08 21:13 . 2004-08-04 09:00 40448 ----a-w- c:\windows\system32\dllcache\ql1240.sys
2010-08-08 21:13 . 2004-08-04 09:00 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys
2010-08-08 21:13 . 2004-08-04 09:00 33152 ----a-w- c:\windows\system32\dllcache\ql10wnt.sys
2010-08-08 21:13 . 2004-08-04 03:00 6016 ----a-w- c:\windows\system32\dllcache\qic157.sys
2010-08-08 21:12 . 2001-08-17 17:28 130942 ----a-w- c:\windows\system32\dllcache\ptserlv.sys
2010-08-08 21:12 . 2001-08-17 17:28 112574 ----a-w- c:\windows\system32\dllcache\ptserlp.sys
2010-08-08 21:12 . 2001-08-17 17:28 128286 ----a-w- c:\windows\system32\dllcache\ptserli.sys
2010-08-08 21:12 . 2004-08-04 04:56 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll
2010-08-08 21:12 . 2001-08-18 02:36 5632 ----a-w- c:\windows\system32\dllcache\ptpusb.dll
2010-08-08 21:12 . 2001-08-18 02:36 35328 ----a-w- c:\windows\system32\dllcache\psisload.dll
2010-08-08 21:12 . 2004-08-04 04:56 363520 ----a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-08-08 21:12 . 2001-08-17 17:51 16128 ----a-w- c:\windows\system32\dllcache\pscr.sys
2010-08-08 21:12 . 2004-08-04 03:00 17664 ----a-w- c:\windows\system32\dllcache\ppa3.sys
2010-08-08 21:12 . 2001-08-17 17:53 17792 ----a-w- c:\windows\system32\dllcache\ppa.sys
2010-08-08 21:12 . 2001-08-17 17:53 7552 ----a-w- c:\windows\system32\dllcache\powerfil.sys
2010-08-08 21:10 . 2001-08-17 16:11 30282 ----a-w- c:\windows\system32\dllcache\pcntn5hl.sys
2010-08-08 21:10 . 2001-08-17 16:12 26153 ----a-w- c:\windows\system32\dllcache\pcmlm56.sys
2010-08-08 21:10 . 2004-08-04 02:31 29502 ----a-w- c:\windows\system32\dllcache\pca200e.sys
2010-08-08 21:10 . 2001-08-17 16:12 30495 ----a-w- c:\windows\system32\dllcache\pc100nds.sys
2010-08-08 21:10 . 2001-08-18 02:36 41984 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
2010-08-08 21:10 . 2001-08-18 02:36 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2010-08-08 21:10 . 2001-08-17 18:05 25216 ----a-w- c:\windows\system32\dllcache\ovsound2.sys
2010-08-08 21:10 . 2001-08-18 02:36 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe
2010-08-08 21:10 . 2001-08-18 02:36 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll
2010-08-08 21:10 . 2001-08-17 18:05 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys
2010-08-08 21:10 . 2001-08-18 02:36 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll
2010-08-08 21:10 . 2001-08-17 18:05 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys
2010-08-08 21:10 . 2001-08-17 18:05 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys
2010-08-08 21:09 . 2001-08-17 18:05 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-08-08 21:09 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys
2010-08-08 21:09 . 2001-08-17 17:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
2010-08-08 21:09 . 2001-08-17 16:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
2010-08-08 21:09 . 2001-08-17 16:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2010-08-08 21:09 . 2001-08-17 16:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-08-08 21:09 . 2004-08-04 09:00 61056 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2010-08-08 21:09 . 2004-08-04 02:29 1897408 ----a-w- c:\windows\system32\dllcache\nv4_mini.sys
2010-08-08 21:09 . 2004-08-04 04:56 4274816 ----a-w- c:\windows\system32\dllcache\nv4_disp.dll
2010-08-08 21:09 . 2001-08-17 16:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2010-08-08 21:08 . 2001-08-18 02:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2010-08-08 21:08 . 2004-08-04 09:00 180360 ----a-w- c:\windows\system32\dllcache\ntmtlfax.sys
2010-08-08 21:08 . 2001-08-17 16:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-08-08 21:08 . 2001-08-17 17:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2010-08-08 21:08 . 2001-08-17 17:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-08-08 21:08 . 2004-08-04 03:00 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2010-08-08 21:08 . 2001-08-17 16:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-08-08 21:08 . 2001-08-17 16:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-08-08 21:08 . 2001-08-17 16:12 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2010-08-08 21:08 . 2004-08-04 02:31 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2010-08-08 21:07 . 2001-08-17 16:11 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2010-08-08 21:07 . 2001-08-17 16:50 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2010-08-08 21:07 . 2001-08-18 02:36 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2010-08-08 21:07 . 2001-08-17 17:49 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2010-08-08 21:07 . 2001-08-17 18:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll
2010-08-08 21:07 . 2001-08-17 16:50 27936 ----a-w- c:\windows\system32\dllcache\n9i3d.sys
2010-08-08 15:56 . 2010-08-08 15:56 -------- d-----w- C:\FOUND.102

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-04 16:12 . 2006-04-19 14:09 65152 ----a-w- c:\documents and settings\Lynn Grossman\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-01 22:47 . 2010-03-12 17:33 439816 ----a-w- c:\documents and settings\Lynn Grossman\Application Data\Real\Update\SETUP3.10\setup.exe
2010-06-28 20:57 . 2010-06-29 02:33 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2009-01-21 04:38 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2009-01-21 04:38 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2009-01-21 04:38 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2009-01-21 04:38 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2009-01-21 04:38 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2009-01-21 04:38 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2009-01-21 04:38 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2009-01-21 04:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-23 23:01 . 2010-06-23 23:01 -------- d-----w- c:\documents and settings\Lynn Grossman\Application Data\webex
2010-06-14 14:30 . 2004-08-04 09:00 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-08-19_07.15.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-20 11:30 . 2010-08-20 11:30 16384 c:\windows\temp\Perflib_Perfdata_6d8.dat
+ 2010-08-19 19:56 . 2010-08-19 19:56 153376 c:\windows\system32\javaws.exe
+ 2010-08-19 19:56 . 2010-08-19 19:56 145184 c:\windows\system32\javaw.exe
+ 2010-08-19 19:56 . 2010-08-19 19:56 145184 c:\windows\system32\java.exe
+ 2010-08-19 19:56 . 2010-08-19 19:56 180224 c:\windows\Installer\3fba6c.msi
+ 2010-08-19 19:56 . 2010-08-19 19:56 677376 c:\windows\Installer\3fba66.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-06 19:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-08 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-08 688218]
"SoundMan"="SOUNDMAN.EXE" [2005-02-23 77824]
"AGRSMMSG"="AGRSMMSG.exe" [2004-10-07 88363]
"SiSPower"="SiSPower.dll" [2005-02-25 49152]
"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2005-03-04 32768]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PCMService"="c:\program files\Arcade\PCMService.exe" [2005-03-09 49152]
"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2005-10-12 315392]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 385024]
"Motive SmartBridge"="c:\progra~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe" [2005-04-13 385024]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]
"VerizonServicepoint.exe"="c:\program files\Verizon\VSP\VerizonServicepoint.exe" [2007-11-16 2065648]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-27 198160]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Utility Tray.lnk - c:\windows\system32\sistray.exe [2005-1-4 331776]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/21/2009 12:38 AM 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/21/2009 12:38 AM 17744]
S2 PIEUsb;Single Frame Film Scanner;c:\windows\system32\drivers\usbscan.sys [5/7/2006 10:16 PM 15104]
.
Contents of the 'Scheduled Tasks' folder

2009-08-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-08-20 c:\windows\Tasks\User_Feed_Synchronization-{06F54487-4785-4B96-9DBD-3DFCCA049620}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
uInternet Connection Wizard,ShellNext = hxxp://www2.verizon.net/welcome/default.asp?variant=dsl
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13149&gct=&gc=1&q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Lynn Grossman\Application Data\Mozilla\Firefox\Profiles\o2q3b6wl.default\
FF - prefs.js: browser.startup.homepage - hxxp://us.mc563.mail.yahoo.com/mc/welcome?.gx=0&.tm=1257893713&.rand=7n64q3sigs88r
FF - prefs.js: network.proxy.type - 0

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-20 07:40
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3164)
c:\windows\system32\WININET.dll
c:\progra~1\VERIZO~1\HELPSU~1\SMARTB~1\SBHook.dll
c:\program files\CyberLink\Shared Files\CLRCEngine.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\browselc.dll
c:\windows\system32\shdoclc.dll
.
Completion time: 2010-08-20 07:42:24
ComboFix-quarantined-files.txt 2010-08-20 11:42
ComboFix2.txt 2010-08-19 07:17

Pre-Run: 10,225,647,616 bytes free
Post-Run: 10,215,931,904 bytes free

- - End Of File - - 54045F767C24B24A24BB063C285E1B72

Blade81
2010-08-20, 23:12
Hi,

No infections visible there. Any issues left?

shayna
2010-08-21, 02:38
I still have the same problems - computer some times running slow or not running anything at all. I ran spybot again and i did see a file called Virtumonde but it did not show where it is. Doesn't this mean I am infected with the malware? Why doesn't anything get rid of it? Spybot went right past it.

Blade81
2010-08-21, 10:43
Hi,


ran spybot again and i did see a file called Virtumonde but it did not show where it is. Doesn't this mean I am infected with the malware? Why doesn't anything get rid of it? Spybot went right past it.
The final report contains list of found items. Those that flash on the screen during the scan don't mean system was infected with the correspondent infections.

I believe the main issue there is hardware related problem. It's probably better that I direct you to a forum that has better area for this (we deal only with malware issues here). One such place would be Tech Support Guy (http://forums.techguy.org).

Before that, let's uninstall ComboFix:

Click START then RUN
Now copy-paste Combofix /uninstall in the runbox and click OK

shayna
2010-08-21, 11:01
Well I guess it is time to get a new laptop.

I just want to thank you for the info and time you gave me. If you are ever in NYC I will buy you a drink.

Blade81
2010-08-21, 11:13
You're welcome :)

Blade81
2010-08-27, 22:26
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help. :)

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.