Not quite sure

Here are the requested logs:

ComboFix 10-06-27.06 - Owner 06/28/2010 14:07:29.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.495.172 [GMT -8:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100628-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2010-05-28 to 2010-06-28 )))))))))))))))))))))))))))))))
.

2010-06-26 21:49 . 2010-06-26 21:49 -------- d-----w- c:\program files\ESET
2010-06-26 06:32 . 2010-06-26 06:32 -------- d-----w- c:\documents and settings\Owner\Application Data\Merscom
2010-06-26 06:32 . 2010-06-26 06:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom
2010-06-25 15:36 . 2010-06-25 15:36 -------- d-----w- c:\program files\Common Files\Motive
2010-06-24 23:30 . 2010-06-24 23:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Dekovir
2010-06-23 19:36 . 2010-06-23 19:36 -------- d-----w- c:\documents and settings\Owner\Application Data\Webshots
2010-06-23 19:36 . 2010-06-24 14:59 -------- d-----w- c:\documents and settings\Owner\Application Data\AGI
2010-06-23 19:35 . 2010-06-23 19:35 -------- d-----w- c:\program files\AGI
2010-06-23 19:17 . 2010-06-23 19:36 -------- d-----w- c:\documents and settings\All Users\Application Data\agi
2010-06-20 07:17 . 2007-03-09 09:02 75512 ----a-w- c:\winnt\zllsputility.exe
2010-06-20 07:16 . 2007-03-09 09:01 71408 ----a-w- c:\winnt\system32\zlcommdb.dll
2010-06-20 07:16 . 2007-03-09 09:01 83696 ----a-w- c:\winnt\system32\zlcomm.dll
2010-06-20 07:16 . 2007-03-09 09:01 1087216 ----a-w- c:\winnt\system32\zpeng24.dll
2010-06-20 07:16 . 2010-06-20 07:17 -------- d-----w- c:\winnt\system32\ZoneLabs
2010-06-20 07:16 . 2010-06-20 07:16 -------- d-----w- c:\program files\Zone Labs
2010-06-20 07:11 . 2010-06-28 22:12 -------- d-----w- c:\winnt\Internet Logs
2010-06-20 01:23 . 2010-06-20 01:23 -------- d-----w- c:\documents and settings\Owner\Application Data\CheckPoint
2010-06-20 01:21 . 2010-06-20 01:49 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Conduit
2010-06-20 01:21 . 2010-06-20 01:21 -------- d-----w- c:\program files\Conduit
2010-06-20 01:21 . 2010-06-20 07:10 -------- d-----w- c:\program files\ZoneAlarm
2010-06-20 01:20 . 2010-06-20 01:20 -------- d-----w- c:\program files\CheckPoint
2010-06-19 21:42 . 2010-06-19 21:42 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Plan It Green Files
2010-06-19 05:34 . 2010-06-19 05:34 -------- d-----w- c:\documents and settings\Owner\Application Data\YoudaGames
2010-06-18 23:58 . 2010-06-18 23:58 -------- d-----w- c:\program files\Common Files\Java
2010-06-18 23:57 . 2010-06-18 23:56 411368 ----a-w- c:\winnt\system32\deployJava1.dll
2010-06-18 23:37 . 2010-06-18 23:37 -------- d-----w- c:\winnt\system32\Adobe
2010-06-16 04:27 . 2010-06-16 04:27 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\TimeParadox
2010-06-14 03:39 . 2010-06-14 03:39 -------- d-----w- c:\documents and settings\Owner\Application Data\Awem
2010-06-13 02:28 . 2010-06-13 06:25 -------- d-----w- c:\documents and settings\All Users\Application Data\FarmFrenzy3
2010-06-12 00:17 . 2010-06-12 00:17 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2010-06-12 00:16 . 2010-04-29 23:39 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-06-12 00:16 . 2010-06-12 00:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-12 00:16 . 2010-04-29 23:39 20952 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-06-12 00:16 . 2010-06-12 00:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-11 23:50 . 2010-06-18 01:38 -------- d-----w- c:\program files\iWin Games

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-28 02:23 . 2009-04-02 17:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-06-27 16:46 . 2008-01-13 07:14 -------- d-----w- c:\program files\MostFun
2010-06-27 06:31 . 2008-01-15 17:05 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-06-26 04:43 . 2003-12-17 09:49 29034 ----a-w- c:\documents and settings\Owner\Application Data\wklnhst.dat
2010-06-25 20:17 . 2007-08-23 02:02 -------- d-----w- c:\program files\Apple Software Update
2010-06-25 07:30 . 2010-06-25 14:07 1505280 ----a-w- c:\winnt\Internet Logs\xDB1.tmp
2010-06-23 22:42 . 2008-06-26 06:41 -------- d-----w- c:\program files\iWin.com
2010-06-23 19:36 . 2004-02-14 20:01 -------- d-----w- c:\program files\Webshots
2010-06-21 08:00 . 2007-01-13 09:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2010-06-20 07:20 . 2005-01-15 22:10 4212 -c-h--w- c:\winnt\system32\zllictbl.dat
2010-06-19 03:39 . 2008-08-23 18:07 -------- d-----w- c:\program files\Flock
2010-06-19 03:35 . 2004-01-04 17:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-19 01:58 . 2006-05-07 17:29 -------- d-----w- c:\documents and settings\Owner\Application Data\PlayFirst
2010-06-19 01:58 . 2006-05-07 17:29 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2010-06-18 23:56 . 2003-10-06 19:58 -------- d-----w- c:\program files\Java
2010-06-18 23:35 . 2004-01-02 16:01 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-16 22:47 . 2005-01-19 08:59 -------- d-----w- c:\program files\PartyPoker
2010-06-15 16:04 . 2005-01-13 06:46 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads
2010-06-11 23:50 . 2008-06-26 06:40 -------- d-----w- c:\documents and settings\All Users\Application Data\iWin Games
2010-05-28 01:22 . 2009-04-10 07:18 -------- d-----w- c:\documents and settings\Owner\Application Data\BeachPartyCraze
2010-05-02 23:39 . 2004-01-04 23:18 -------- d-----w- c:\program files\Web Publish
2006-07-16 15:49 . 2005-02-05 21:48 2855080 -c--a-w- c:\program files\aawsepersonal.exe
2005-02-02 07:46 . 2005-02-02 07:46 485386 -c--a-w- c:\program files\KennyChesney_MeAndYou.wav
2005-01-30 19:12 . 2005-01-30 19:12 4354084 -c--a-w- c:\program files\spybotsd13.exe
2004-08-03 05:47 . 2004-08-03 05:49 15817 -c--a-w- c:\program files\halting.mid
2004-08-03 05:39 . 2004-06-28 04:09 8946 -c--a-w- c:\program files\DannyBoy.mid
2004-08-02 06:47 . 2004-08-02 06:49 19697 -c--a-w- c:\program files\Dueling_Banjoes.mid
2004-08-02 06:16 . 2004-08-02 06:24 24037 -c--a-w- c:\program files\aughrim.mid
2004-08-02 06:03 . 2004-08-02 06:06 34015 -c--a-w- c:\program files\CottonEyedJoe.mid
2004-08-02 05:11 . 2004-08-02 05:13 37370 -c--a-w- c:\program files\Eyeofthetiger.mid
2004-08-02 05:10 . 2004-08-02 05:10 24227 -c--a-w- c:\program files\everythingido.mid
2004-07-26 03:07 . 2004-07-26 03:07 3718222 ----a-w- c:\program files\supersleuth.exe
2004-07-25 19:28 . 2004-07-25 19:28 4547319 -c--a-w- c:\program files\AOLSlingo_Setup.exe
2004-07-04 06:53 . 2004-07-04 06:53 2543056 -c--a-w- c:\program files\RumbleCubeInstall.exe
2003-12-25 05:13 . 2003-12-25 05:13 24122368 -c--a-w- c:\program files\CJXP75LE.exe
2003-12-18 07:28 . 2003-12-18 07:28 670392 -c--a-w- c:\program files\to_all_good_night.zip
2003-12-17 16:49 . 2003-12-17 16:49 1897672 -c--a-w- c:\program files\winzip81.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"= "mscoree.dll" [2006-12-22 271360]

[HKEY_CLASSES_ROOT\clsid\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
[HKEY_CLASSES_ROOT\agihelper.AGUtils]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]
2006-12-22 20:28 271360 ----a-w- c:\winnt\system32\mscoree.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-06 2260480]
"spc_w"="c:\program files\NZSearch\hcm.exe" [2004-05-13 258114]
"AOL Fast Start"="c:\program files\AOL 9.1\AOL.EXE" [2008-11-06 50472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HostManager"="c:\program files\Common Files\AOL\1127920375\ee\AOLSoftware.exe" [2008-06-24 41824]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]
"VerizonServicepoint.exe"="c:\program files\Verizon\VSP\VerizonServicepoint.exe" [2008-02-13 2065648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-06-28 524632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 919280]
"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2007-09-28 936960]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-14 39264]

c:\documents and settings\Owner\Start Menu\Programs\Startup\
iWin Desktop Alerts.lnk - c:\documents and settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe [2010-6-11 108544]
Webshots.lnk - c:\program files\Webshots\3.1.5.7617\Launcher.exe [2010-6-23 157088]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Icatch(VI) SnapDetect.lnk.disabled [2004-12-4 507]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-2-19 169472]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AOL Companion.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AOL Companion.lnk
backup=c:\winnt\pss\AOL Companion.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Event Reminder.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Event Reminder.lnk
backup=c:\winnt\pss\Event Reminder.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\winnt\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk
backup=c:\winnt\pss\Kodak software updater.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\winnt\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^iWin Desktop Alerts.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\iWin Desktop Alerts.lnk
backup=c:\winnt\pss\iWin Desktop Alerts.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^MostFun.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\MostFun.lnk
backup=c:\winnt\pss\MostFun.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOBEDDDemise]
erase [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
2004-03-12 20:22 61440 ----a-w- c:\progra~1\AIM\aim.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ashMaiSv]
2009-11-24 23:51 254040 ----a-w- c:\progra~1\ALWILS~1\Avast4\ashMaiSv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\winnt\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EM_EXEC]
2003-11-14 17:50 37888 ----a-w- c:\progra~1\Logitech\MOUSEW~1\system\EM_EXEC.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gateway Ink Monitor]
2003-06-25 02:33 303180 -c--a-w- c:\program files\Gateway Utilities\GWInkMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2003-07-10 09:13 114688 -c--a-w- c:\winnt\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2003-07-10 09:25 155648 -c--a-w- c:\winnt\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X74-X75]
2002-10-14 23:09 57344 ----a-w- c:\program files\Lexmark X74-X75\lxbbbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
2003-11-07 09:50 19968 ------w- c:\winnt\LOGI_MWX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
2003-06-07 11:32 50688 -c--a-w- c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2002-09-17 02:02 2181704 -c--a-w- c:\program files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetMeter]
2003-09-24 06:07 421888 -c--a-w- c:\progra~1\NETRAT~1\NetMeter\netmeter.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\oovoo.exe]
2009-09-03 03:00 17385144 ----a-w- c:\program files\ooVoo\ooVoo.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pure Networks Port Magic]
2004-04-05 21:33 99480 ----a-w- c:\progra~1\PURENE~1\PORTMA~1\PortAOL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 14:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2007-06-19 06:02 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\spc_w]
2004-05-13 11:38 258114 ----a-w- c:\program files\NZSearch\hcm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-04-02 17:45 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Verizon_McciTrayApp]
2007-09-28 18:30 936960 ----a-w- c:\program files\Verizon\McciTrayApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\Common Files\\AOL\\1127920375\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\MostFun\\Bin\\MostFun.exe"=
"c:\\Program Files\\America Online 9.0f\\waol.exe"=
"c:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Abacast\\Abaclient.exe"=
"c:\\Program Files\\Conference\\Conference.dll"=
"c:\\Program Files\\Common Files\\AOL\\1127920375\\EE\\aolsoftware.exe"=
"c:\\WINNT\\system32\\LEXPPS.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\AOL 9.1\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\iWin Games\\iWinGames.exe"=
"c:\\Program Files\\iWin Games\\WebUpdater.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:UDP"= 443:UDP:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:ooVoo UDP port 37675

R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [3/16/2009 8:38 AM 64160]
R1 aswSP;avast! Self Protection;c:\winnt\system32\drivers\aswSP.sys [11/6/2008 7:03 AM 114768]
R2 AGCoreService;AG Core Services;c:\program files\AGI\core\4.2.0.10753\AGCoreService.exe [6/23/2010 11:35 AM 20480]
R2 aswFsBlk;aswFsBlk;c:\winnt\system32\drivers\aswFsBlk.sys [11/6/2008 7:03 AM 20560]
R2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [4/14/2010 6:16 AM 78104]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [3/11/2007 10:43 PM 24652]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 11:06 AM 1029456]
S2 gupdate1c9b3e768b5fac6;Google Update Service (gupdate1c9b3e768b5fac6);c:\program files\Google\Update\GoogleUpdate.exe [4/2/2009 3:04 PM 133104]
S3 MR97310_VGA_DUAL_CAMERA;MR97310 VGA Dual Mode Camera;c:\winnt\system32\drivers\mr97310v.sys [1/8/2005 7:41 PM 116078]
.
Contents of the 'Scheduled Tasks' folder

2010-06-28 c:\winnt\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 16:58]

2010-06-25 c:\winnt\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 21:42]

2010-06-28 c:\winnt\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-02 17:44]

2010-06-28 c:\winnt\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-02 23:04]

2010-06-28 c:\winnt\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-02 23:04]

2010-06-28 c:\winnt\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 03:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aol.com
IE: &AOL Toolbar Search - c:\documents and settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
Trusted Zone: gamehouse.com
DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fashion-dash/fashiondashweb.1.0.0.21.cab
DPF: {055B4212-4C81-448E-AFA9-C3CA4AAE8F95} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dairy-dash/DairyDashWeb.1.0.0.16.cab
DPF: {068BFA33-99F4-4BA9-887D-182386FA2931} - hxxp://download.playfirst.com/play/game/spongebobdash/SpongeBobDinerDashWeb.1.0.0.17.cab
DPF: {18F616CD-4B28-4C47-815A-560AC6A33C8D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-emerald-city-confidential/EmeraldCityConfidential_Web.1.0.0.9.cab
DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} - hxxps://www.peoplepc.com/ppcos/ISP60/Download/ppcwebi.cab
DPF: {1CDFA4E8-3396-439D-8C9D-AD0E32DE94B6} - hxxp://cdn.ll.neoedge.com/webgames/TastyPlanet/tastyplanet.1.0.0.4.cab
DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-chocolatier/ChocolatierWeb.1.0.0.13.cab
DPF: {226ACC34-3194-40E2-9AE8-834FCFE9E80D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-of-shark-island/MysteryOfSharkIslandWeb.1.0.0.8.cab
DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fitness-dash/FitnessDashWeb.1.0.0.11.cab
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://download.playfirst.com/play/game/trijinx/TriJinx.1.0.0.86.cab
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://aol.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://aolsvc.aol.com/onlinegames/trypiratepoppers/PiratePoppers.1.0.0.32.cab
DPF: {4DCA1E08-4147-4A3D-8CA6-E095DF189FAB} - hxxp://games.bigfishgames.com/en_nightshift-legacy-the-jaguars-eye/online/Nightshift2Web.1.0.0.9.cab
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6C7CAD20-85AA-475A-AC0D-303C4A9A69CE} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-great-chocolate-chase/greatchocolatechaseweb.1.0.0.12.cab
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab
DPF: {74EF5274-F439-2168-B543-14745B625C72} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash-2/WeddingDash2Web.1.0.0.11.cab
DPF: {775879E2-7309-4619-BB02-AADE41F4B690} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles/dreamweb.1.0.0.6.cab
DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-solitaire-secret-island/SpinTopGamesLauncher.cab
DPF: {7D492D61-303A-45C3-8A55-63449339943D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-nightshift-code/NightShiftCodeWeb.1.0.0.5.cab
DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} - hxxp://www.shockwave.com/content/ghostfrenzy/sis/axhost.cab
DPF: {8ADC4409-4FBF-4224-B73F-2392C721BCB4} - hxxp://games.bigfishgames.com/en_butterflyescape/online/GenimoWebGamesControl.cab
DPF: {AB1AB4F8-C30F-4FB4-A030-1C9F5513831F} - hxxp://media.grab.com/media/6364d3/games/files/669/lregameloader6.cab
DPF: {B12213CD-4189-415D-A054-7999528459F7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-word-travels/pixelstormlauncher.cab
DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} - hxxp://209.67.146.69/ePlayer/2_0/ACNePlayer.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-delicious-winter-edition/zylomplayer.cab
DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://aolsvc.aol.com/onlinegames/free-trial-pet-shop-hop/petshophopweb.1.0.0.16.cab
DPF: {CEBE157C-C91E-4A45-BB3C-45F8C77C012F} - hxxp://games.bigfishgames.com/en_wandering-willows/online/WanderingWillowsWeb.1.0.0.18.cab
DPF: {D40F5876-A494-4124-8161-82625BB28C06} - hxxp://download.playfirst.com/play/game/chocolatier2/Chocolatier2Web.1.0.0.10.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://aolsvc.aol.com/onlinegames/dinerdash/DinerDash.1.0.0.93.cab
DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles-2/dream2web.1.0.0.13.cab
DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} - hxxp://aolsvc.aol.com/onlinegames/oberonmajongescape/PTGameLauncher.cab
DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-parking-dash/parkingdash.1.0.0.10.cab
DPF: {F46BD8B1-DE4C-4A4F-B6F6-8FB68D25342D} - hxxp://download.playfirst.com/play/game/mahjongroadshow/MahjongRoadshowWeb.1.0.0.16.cab
DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} - hxxp://aolsvc.aol.com/onlinegames/free-trial-decadence-by-design/Chocolatier3Web.1.0.0.6.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\krs9njpc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.verizon.net/central/appmanager/portal/vzcentral
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=
FF - component: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\krs9njpc.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\MailUtil.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\Owner\Application Data\Mozilla\plugins\NPAbacheck.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -

BHO-{D38C2142-9CC3-4A3B-A85C-EE07D51E6F45} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-28 14:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(15352)
c:\winnt\system32\WININET.dll
c:\program files\AOL Deskbar\deskbar.dll
c:\program files\Common Files\AOL\AOL Toolbar\AOLHelper.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\winnt\system32\ieframe.dll
c:\winnt\system32\webcheck.dll
.
Completion time: 2010-06-28 14:40:23
ComboFix-quarantined-files.txt 2010-06-28 22:40
ComboFix2.txt 2010-06-18 01:51
ComboFix3.txt 2009-07-24 16:05
ComboFix4.txt 2009-07-23 15:50
ComboFix5.txt 2010-06-28 22:03

Pre-Run: 75,364,663,296 bytes free
Post-Run: 75,363,123,200 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - FA838A801A7B2A6820D4CDA534701264



DDS (Ver_10-03-17.01) - NTFSx86
Run by Owner at 14:43:50.04 on Mon 06/28/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.495.107 [GMT -8:00]

AV: avast! antivirus 4.8.1368 [VPS 100628-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINNT\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINNT\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
svchost.exe
C:\Program Files\AGI\core\4.2.0.10753\AGCoreService.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINNT\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINNT\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
C:\Program Files\Webshots\3.1.5.7617\webshots.scr
C:\Program Files\AOL 9.1\shellmon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINNT\system32\wscntfy.exe
C:\WINNT\explorer.exe
C:\WINNT\system32\notepad.exe
C:\Documents and Settings\Owner\Desktop\June Scans & stuff 2010\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.aol.com
uURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll
mURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\compan~1\installs\cpn\ycomp5_5_7_0.dll
BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - No File
BHO: PaltalkWebLogin: {502c3ba4-2c3e-4317-bc29-c0445e82b1f9} - c:\program files\common files\paltalk\PaltalkWebLogin.dll
BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll
BHO: PPCScamBHO Class: {7e3659a6-4bc5-4d93-b3fd-8b5acc2feded} - c:\program files\peoplepc\toolbar\ScamGrd.dll
BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\en-us\msntb.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\compan~1\installs\cpn\ycomp5_5_7_0.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\en-us\msntb.dll
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\program files\yahoo!\messenger\yhexbmes0521.dll
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [spc_w] "c:\program files\nzsearch\hcm.exe" -w
uRun: [AOL Fast Start] "c:\program files\aol 9.1\AOL.EXE" -b
mRun: [HostManager] c:\program files\common files\aol\1127920375\ee\AOLSoftware.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [Verizon_McciTrayApp] c:\program files\verizon\McciTrayApp.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\iwinde~1.lnk - c:\documents and settings\all users\application data\iwin games\desktopalerts\DesktopAlerts.exe
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\3.1.5.7617\Launcher.exe
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Icatch(VI) SnapDetect.lnk.disabled
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\progra~1\aim\aim.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\PartyPoker.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0521.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\winnt\system32\Shdocvw.dll
Trusted Zone: gamehouse.com
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxps://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab
DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fashion-dash/fashiondashweb.1.0.0.21.cab
DPF: {055B4212-4C81-448E-AFA9-C3CA4AAE8F95} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dairy-dash/DairyDashWeb.1.0.0.16.cab
DPF: {068BFA33-99F4-4BA9-887D-182386FA2931} - hxxp://download.playfirst.com/play/game/spongebobdash/SpongeBobDinerDashWeb.1.0.0.17.cab
DPF: {18F616CD-4B28-4C47-815A-560AC6A33C8D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-emerald-city-confidential/EmeraldCityConfidential_Web.1.0.0.9.cab
DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} - hxxps://www.peoplepc.com/ppcos/ISP60/Download/ppcwebi.cab
DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} - hxxp://aolsvc.aol.com/onlinegames/free-trial-cooking-dash/CookingDashWeb.1.0.0.9.cab
DPF: {1CDFA4E8-3396-439D-8C9D-AD0E32DE94B6} - hxxp://cdn.ll.neoedge.com/webgames/TastyPlanet/tastyplanet.1.0.0.4.cab
DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-chocolatier/ChocolatierWeb.1.0.0.13.cab
DPF: {226ACC34-3194-40E2-9AE8-834FCFE9E80D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-of-shark-island/MysteryOfSharkIslandWeb.1.0.0.8.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fitness-dash/FitnessDashWeb.1.0.0.11.cab
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://download.playfirst.com/play/game/trijinx/TriJinx.1.0.0.86.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - hxxp://download.yahoo.com/dl/yinst/yinst_current.cab
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://aol.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {38A5F6F0-0B64-421B-A553-3D49A76ECDCD} - hxxp://download.playfirst.com/play/game/mythicmarbles/MythicMarbles.1.0.0.3.cab
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://aolsvc.aol.com/onlinegames/trypiratepoppers/PiratePoppers.1.0.0.32.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
DPF: {4DCA1E08-4147-4A3D-8CA6-E095DF189FAB} - hxxp://games.bigfishgames.com/en_nightshift-legacy-the-jaguars-eye/online/Nightshift2Web.1.0.0.9.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} - hxxp://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {6C7CAD20-85AA-475A-AC0D-303C4A9A69CE} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-great-chocolate-chase/greatchocolatechaseweb.1.0.0.12.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182383902421
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab
DPF: {74EF5274-F439-2168-B543-14745B625C72} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash-2/WeddingDash2Web.1.0.0.11.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {775879E2-7309-4619-BB02-AADE41F4B690} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles/dreamweb.1.0.0.6.cab
DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-solitaire-secret-island/SpinTopGamesLauncher.cab
DPF: {7D492D61-303A-45C3-8A55-63449339943D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-nightshift-code/NightShiftCodeWeb.1.0.0.5.cab
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://verizon.oberon-media.com/online/online2/luxor_2/mjolauncher.cab
DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} - hxxp://www.shockwave.com/content/ghostfrenzy/sis/axhost.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8ADC4409-4FBF-4224-B73F-2392C721BCB4} - hxxp://games.bigfishgames.com/en_butterflyescape/online/GenimoWebGamesControl.cab
DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-pi-the-lottery-ticket/SpinTopGamesLauncher.cab
DPF: {AB1AB4F8-C30F-4FB4-A030-1C9F5513831F} - hxxp://media.grab.com/media/6364d3/games/files/669/lregameloader6.cab
DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} - hxxp://www.shockwave.com/content/davincicode/sis/DVC%20Download%20Control.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} - hxxp://www.worldwinner.com/games/v67/swapit/swapit.cab
DPF: {B12213CD-4189-415D-A054-7999528459F7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-word-travels/pixelstormlauncher.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} - hxxp://209.67.146.69/ePlayer/2_0/ACNePlayer.cab
DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} - hxxp://aolsvc.aol.com/onlinegames/free-trial-diner-dash-flo-on-the-go/ddfotg.1.0.0.33.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-delicious-winter-edition/zylomplayer.cab
DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://aolsvc.aol.com/onlinegames/free-trial-pet-shop-hop/petshophopweb.1.0.0.16.cab
DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - hxxp://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CEBE157C-C91E-4A45-BB3C-45F8C77C012F} - hxxp://games.bigfishgames.com/en_wandering-willows/online/WanderingWillowsWeb.1.0.0.18.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://gamerival.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D40F5876-A494-4124-8161-82625BB28C06} - hxxp://download.playfirst.com/play/game/chocolatier2/Chocolatier2Web.1.0.0.10.cab
DPF: {D410AFBD-4E26-4D5F-840F-0412D6F6BB8D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-sandscript/SandScript.1.0.0.21.cab
DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} - hxxp://www.shockwave.com/content/cinematycoon/sis/cinematycoon.cab
DPF: {DBA8E419-0D5F-439B-A3CC-D01C768D9B51} - hxxp://aolsvc.aol.com/onlinegames/sonydavincicode/DVCDownloaderControl.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://aolsvc.aol.com/onlinegames/dinerdash/DinerDash.1.0.0.93.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles-2/dream2web.1.0.0.13.cab
DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.47.cab
DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} - hxxp://aolsvc.aol.com/onlinegames/oberonmajongescape/PTGameLauncher.cab
DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-parking-dash/parkingdash.1.0.0.10.cab
DPF: {F46BD8B1-DE4C-4A4F-B6F6-8FB68D25342D} - hxxp://download.playfirst.com/play/game/mahjongroadshow/MahjongRoadshowWeb.1.0.0.16.cab
DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} - hxxp://aolsvc.aol.com/onlinegames/free-trial-sweetopia/Sweetopia.1.0.0.22.cab
DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} - hxxp://aolsvc.aol.com/onlinegames/free-trial-decadence-by-design/Chocolatier3Web.1.0.0.6.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\krs9njpc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.verizon.net/central/appmanager/portal/vzcentral
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\krs9njpc.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\MailUtil.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [2009-3-16 64160]
R1 aswSP;avast! Self Protection;c:\winnt\system32\drivers\aswSP.sys [2008-11-6 114768]
R1 vsdatant;vsdatant;c:\winnt\system32\vsdatant.sys [2010-6-19 394192]
R2 AGCoreService;AG Core Services;c:\program files\agi\core\4.2.0.10753\AGCoreService.exe [2010-6-23 20480]
R2 aswFsBlk;aswFsBlk;c:\winnt\system32\drivers\aswFsBlk.sys [2008-11-6 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-11-6 138680]
R2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2010-4-14 78104]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-3-11 24652]
R2 vsmon;TrueVector Internet Monitor;c:\winnt\system32\zonelabs\vsmon.exe -service --> c:\winnt\system32\zonelabs\vsmon.exe -service [?]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 1029456]
S2 gupdate1c9b3e768b5fac6;Google Update Service (gupdate1c9b3e768b5fac6);c:\program files\google\update\GoogleUpdate.exe [2009-4-2 133104]
S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-11-6 254040]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-11-6 352920]
S3 MR97310_VGA_DUAL_CAMERA;MR97310 VGA Dual Mode Camera;c:\winnt\system32\drivers\mr97310v.sys [2005-1-8 116078]

=============== Created Last 30 ================

2010-06-28 22:03:21 98816 ----a-w- c:\winnt\sed.exe
2010-06-28 22:03:21 77312 ----a-w- c:\winnt\MBR.exe
2010-06-28 22:03:21 256512 ----a-w- c:\winnt\PEV.exe
2010-06-28 22:03:21 161792 ----a-w- c:\winnt\SWREG.exe
2010-06-26 21:49:26 0 d-----w- c:\program files\ESET
2010-06-26 06:32:22 0 d-----w- c:\docume~1\owner\applic~1\Merscom
2010-06-26 06:32:22 0 d-----w- c:\docume~1\alluse~1\applic~1\Merscom
2010-06-25 15:36:14 0 d-----w- c:\program files\common files\Motive
2010-06-24 23:30:55 0 d-----w- c:\docume~1\alluse~1\applic~1\Dekovir
2010-06-23 19:36:48 0 d-----w- c:\docume~1\owner\applic~1\Webshots
2010-06-23 19:36:12 0 d-----w- c:\docume~1\owner\applic~1\AGI
2010-06-23 19:35:22 0 d-----w- c:\program files\AGI
2010-06-23 19:17:33 0 d-----w- c:\docume~1\alluse~1\applic~1\agi
2010-06-20 07:17:35 75512 ----a-w- c:\winnt\zllsputility.exe
2010-06-20 07:16:19 1087216 ----a-w- c:\winnt\system32\zpeng24.dll
2010-06-20 07:16:15 0 d-----w- c:\winnt\system32\ZoneLabs
2010-06-20 07:16:15 0 d-----w- c:\program files\Zone Labs
2010-06-20 07:16:07 49617 ----a-w- c:\winnt\system32\vsconfig.xml
2010-06-20 07:11:24 0 d-----w- c:\winnt\Internet Logs
2010-06-20 01:23:11 0 d-----w- c:\docume~1\owner\applic~1\CheckPoint
2010-06-20 01:21:11 0 d-----w- c:\program files\Conduit
2010-06-20 01:21:09 0 d-----w- c:\program files\ZoneAlarm
2010-06-20 01:20:53 0 d-----w- c:\program files\CheckPoint
2010-06-19 05:34:40 0 d-----w- c:\docume~1\owner\applic~1\YoudaGames
2010-06-18 23:57:16 73728 ----a-w- c:\winnt\system32\javacpl.cpl
2010-06-18 23:57:15 411368 ----a-w- c:\winnt\system32\deployJava1.dll
2010-06-18 23:37:09 0 d-----w- c:\winnt\system32\Adobe
2010-06-14 03:39:26 0 d-----w- c:\docume~1\owner\applic~1\Awem
2010-06-13 02:28:53 0 d-----w- c:\docume~1\alluse~1\applic~1\FarmFrenzy3
2010-06-12 00:17:15 0 d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2010-06-12 00:16:47 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-06-12 00:16:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-06-12 00:16:35 20952 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-06-12 00:16:34 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-11 23:50:12 0 d-----w- c:\program files\iWin Games

==================== Find3M ====================

2010-06-26 04:43:52 29034 ----a-w- c:\docume~1\owner\applic~1\wklnhst.dat
2010-06-26 04:24:19 77840 -c--a-w- c:\docume~1\owner\applic~1\GDIPFONTCACHEV1.DAT
2010-06-20 07:20:59 4212 -c-h--w- c:\winnt\system32\zllictbl.dat
2006-07-16 15:49:51 2855080 -c--a-w- c:\program files\aawsepersonal.exe
2005-02-02 07:46:09 485386 -c--a-w- c:\program files\KennyChesney_MeAndYou.wav
2005-01-30 19:12:29 4354084 -c--a-w- c:\program files\spybotsd13.exe
2004-08-03 05:47:16 15817 -c--a-w- c:\program files\halting.mid
2004-08-03 05:39:02 8946 -c--a-w- c:\program files\DannyBoy.mid
2004-08-02 06:47:49 19697 -c--a-w- c:\program files\Dueling_Banjoes.mid
2004-08-02 06:16:07 24037 -c--a-w- c:\program files\aughrim.mid
2004-08-02 06:03:17 34015 -c--a-w- c:\program files\CottonEyedJoe.mid
2004-08-02 05:11:03 37370 -c--a-w- c:\program files\Eyeofthetiger.mid
2004-08-02 05:10:13 24227 -c--a-w- c:\program files\everythingido.mid
2004-07-26 03:07:25 3718222 ----a-w- c:\program files\supersleuth.exe
2004-07-25 19:28:34 4547319 -c--a-w- c:\program files\AOLSlingo_Setup.exe
2004-07-04 06:53:05 2543056 -c--a-w- c:\program files\RumbleCubeInstall.exe
2003-12-25 05:13:19 24122368 -c--a-w- c:\program files\CJXP75LE.exe
2003-12-18 07:28:45 670392 -c--a-w- c:\program files\to_all_good_night.zip
2003-12-17 16:49:13 1897672 -c--a-w- c:\program files\winzip81.exe
2009-07-17 22:54:37 16384 --sha-w- c:\winnt\system32\config\systemprofile\ietldcache\index.dat
2009-04-03 03:13:47 32768 --sha-w- c:\winnt\system32\config\systemprofile\local settings\history\history.ie5\mshist012009040220090403\index.dat
2009-07-17 22:54:37 32768 --sha-w- c:\winnt\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat

============= FINISH: 14:44:43.21 ===============
 
Good, then it's time to secure your system to prevent against further intrusions.


THESE STEPS ARE VERY IMPORTANT

Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
NOTE: only do this ONCE,NOT on a regular basis



Now lets uninstall ComboFix:
  • Click START then RUN
  • Now copy-paste Combofix /uninstall in the runbox and click OK


Please download OTC and save it to desktop.
  • Double-click OTC.exe.
  • Click the CleanUp! button.
  • Select Yes when the
    Begin cleanup Process?
    prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.


UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.


Make your Internet Explorer more secure

This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.



The following are recommended third party programs that are designed to keep your computer clean. A link as well as a brief description is included with each item.

  • hosts file:
    • Every version of windows has a hosts file as part of them.
    • In a very basic sense, they are used to locate webpages.
    • We can customize a hosts file so that it blocks certain webpages.
    • However, it can slow down certain computers.
    • This is why using a hosts file is optional!!
    Download it here. Make sure you read the instructions on how to install the hosts file. There is a good tutorial here
    If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
    1. [*]Click the start button (at the lower left hand corner of your screen) [*]Click run [*]In the dialog box, type services.msc [*]hit enter, then locate dns client [*]Highlight it, then double-click it. [*]On the dropdown box, change the setting from automatic to manual. [*]Click ok
  • Run Secunia vulnerability check here and fix its findings.


Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Once again, please post and tell me how things are going with your system... problems etc.

Have a great day,
Blade :cool:
 
I'm attempting to update my windows. At first I got an error code [Error number: 0x8007041D]. I attempted to look up the meaning of this. IE blocked the pop up so I allowed pop ups from this site. Now I get a page that says files needed to use windows update are no longer registered or installed on this computer. I am a bit reluctant to do anything that might cause another problem. Were these files removed because they were infected or are they just out of date? Are they even putting out updates for XP anymore?
 
Hi,

1. Download Dial-a-Fix archive file here.
2. Extract contents to suitable place (e.g. your desktop) and navigate to that location.
3. Double-click Dial-a-Fix.exe file to execute the program.
4. Checkmark Fix Windows Update -checkbox. It's possible that the program checks some options automatically after that. Leave those untouched and click GO -button.

When tool has finished, reboot and see if you're able to access Windows Update.
 
Been quite busy today. Getting ready for a major holiday here in the U.S. When I was able to turn on my computer, I saw that there was a yellow shield in the task bar with the notification of updates ready and that I should click for installation. I must admit though I'm a bit reluctant to click to update.

My daughter got a used laptop as a gift. It was already set up to automatically download and install the updates. One time it updated and since that time there was a validation problem. We kept getting the alert that the copy of Vista in use might not be genuine. I tried everything I knew to correct the problem. I contacted Microsoft and was told that the COA that was on the laptop was not correct. It seemed to me that something had changed the code on the COA.

I don't really want the same problem with my desktop computer. I know how important updating and having the computer as secure as possible is. But I can't afford getting bad stuff in an update. I'm thinking you might be able to understand where I'm coming from.

Please advise.

Thank you
 
Hi,

If you have legit copy of Windows then there shouldn't be anything to worry about updating.
 
Got all 49 updates downloaded and installed. Interesting thing is that after I restarted computer, There are more updates ready.
 
Hi,

Yes, some updates require specific ones installed first before coming available.
 
Things seem to be working ok. Though there are times when some things seem to take a long time to load. and once in a while I'll get a warning about the virtual memory paging minimum being to low. Not exactly sure what that means.
 
Hi,

That usually indicates that hard drive space and/or installed RAM memory amount is low.
 
The Minimum is set at the recommended level though I did increase the maximum.

I did have something interesting this morning besides the slow boot and the general slowness after clicking an icon. For some reason, after I Aol to load, the help and support center opened. But I didn't click to open it. Also while attempting to view some web pages, I would get a 570 error code. I got this even if I clicked a link in an email or I went directly to the website itself. Could there still be something infecting my computer. Spybot did find a banker trojan and it was removed. But given the things going on this morning, I'm wondering if there isn't something else wrong.
 
DDS (Ver_10-03-17.01) - NTFSx86
Run by Owner at 20:03:59.31 on Fri 07/09/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.495.42 [GMT -8:00]

AV: avast! antivirus 4.8.1368 [VPS 100709-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINNT\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINNT\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
svchost.exe
C:\Program Files\AGI\core\4.2.0.10753\AGCoreService.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINNT\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINNT\system32\slserv.exe
C:\WINNT\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINNT\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\AOL\1127920375\ee\AOLSoftware.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\AOL 9.1\shellmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\June Scans & stuff 2010\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.aol.com
uURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll
mURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\compan~1\installs\cpn\ycomp5_5_7_0.dll
BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: {4E7BD74F-2B8D-469E-8CB0-AB60BB9AAE22} - No File
BHO: PaltalkWebLogin: {502c3ba4-2c3e-4317-bc29-c0445e82b1f9} - c:\program files\common files\paltalk\PaltalkWebLogin.dll
BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll
BHO: PPCScamBHO Class: {7e3659a6-4bc5-4d93-b3fd-8b5acc2feded} - c:\program files\peoplepc\toolbar\ScamGrd.dll
BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll
BHO: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
BHO: {ACB3E0B7-7D0C-40B7-99B3-3EEACDF86BFB} - No File
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\en-us\msntb.dll
BHO: {D38C2142-9CC3-4A3B-A85C-EE07D51E6F45} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\compan~1\installs\cpn\ycomp5_5_7_0.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll
TB: {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No File
TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\msn toolbar\01.02.5000.1021\en-us\msntb.dll
TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\program files\yahoo!\messenger\yhexbmes0521.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\winnt\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [spc_w] "c:\program files\nzsearch\hcm.exe" -w
uRun: [ctfmon.exe] c:\winnt\system32\ctfmon.exe
uRun: [AOL Fast Start] "c:\program files\aol 9.1\AOL.EXE" -b
uRunOnce: [FlashPlayerUpdate] c:\winnt\system32\macromed\flash\FlashUtil10e.exe
mRun: [HostManager] c:\program files\common files\aol\1127920375\ee\AOLSoftware.exe
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [Verizon_McciTrayApp] c:\program files\verizon\McciTrayApp.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\3.1.5.7617\Launcher.exe
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Icatch(VI) SnapDetect.lnk.disabled
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\progra~1\aim\aim.exe
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partypoker\PartyPoker.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0521.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\winnt\system32\Shdocvw.dll
Trusted Zone: gamehouse.com
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxps://activatemydsl.verizon.net/sdcCommon/download/DSL/tgctlcm.cab
DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fashion-dash/fashiondashweb.1.0.0.21.cab
DPF: {055B4212-4C81-448E-AFA9-C3CA4AAE8F95} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dairy-dash/DairyDashWeb.1.0.0.16.cab
DPF: {068BFA33-99F4-4BA9-887D-182386FA2931} - hxxp://download.playfirst.com/play/game/spongebobdash/SpongeBobDinerDashWeb.1.0.0.17.cab
DPF: {18F616CD-4B28-4C47-815A-560AC6A33C8D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-emerald-city-confidential/EmeraldCityConfidential_Web.1.0.0.9.cab
DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} - hxxps://www.peoplepc.com/ppcos/ISP60/Download/ppcwebi.cab
DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} - hxxp://aolsvc.aol.com/onlinegames/free-trial-cooking-dash/CookingDashWeb.1.0.0.9.cab
DPF: {1CDFA4E8-3396-439D-8C9D-AD0E32DE94B6} - hxxp://cdn.ll.neoedge.com/webgames/TastyPlanet/tastyplanet.1.0.0.4.cab
DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-chocolatier/ChocolatierWeb.1.0.0.13.cab
DPF: {226ACC34-3194-40E2-9AE8-834FCFE9E80D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-of-shark-island/MysteryOfSharkIslandWeb.1.0.0.8.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {26E6B759-DEEB-42A1-A21C-78CD29098411} - hxxp://aolsvc.aol.com/onlinegames/free-trial-fitness-dash/FitnessDashWeb.1.0.0.11.cab
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://download.playfirst.com/play/game/trijinx/TriJinx.1.0.0.86.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - hxxp://download.yahoo.com/dl/yinst/yinst_current.cab
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://aol.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: {38A5F6F0-0B64-421B-A553-3D49A76ECDCD} - hxxp://download.playfirst.com/play/game/mythicmarbles/MythicMarbles.1.0.0.3.cab
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://aolsvc.aol.com/onlinegames/trypiratepoppers/PiratePoppers.1.0.0.32.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
DPF: {4C226336-4032-489F-9674-67E74225979B}
DPF: {4DCA1E08-4147-4A3D-8CA6-E095DF189FAB} - hxxp://games.bigfishgames.com/en_nightshift-legacy-the-jaguars-eye/online/Nightshift2Web.1.0.0.9.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} - hxxp://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} - hxxp://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1278040344656
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {6C7CAD20-85AA-475A-AC0D-303C4A9A69CE} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-great-chocolate-chase/greatchocolatechaseweb.1.0.0.12.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1182383902421
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab
DPF: {74EF5274-F439-2168-B543-14745B625C72} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash-2/WeddingDash2Web.1.0.0.11.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {775879E2-7309-4619-BB02-AADE41F4B690} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles/dreamweb.1.0.0.6.cab
DPF: {7CCAD6DD-DD0B-440B-91FF-7670F5AADC21} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-solitaire-secret-island/SpinTopGamesLauncher.cab
DPF: {7D492D61-303A-45C3-8A55-63449339943D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-the-nightshift-code/NightShiftCodeWeb.1.0.0.5.cab
DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://verizon.oberon-media.com/online/online2/luxor_2/mjolauncher.cab
DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} - hxxp://www.shockwave.com/content/ghostfrenzy/sis/axhost.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8ADC4409-4FBF-4224-B73F-2392C721BCB4} - hxxp://games.bigfishgames.com/en_butterflyescape/online/GenimoWebGamesControl.cab
DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mystery-pi-the-lottery-ticket/SpinTopGamesLauncher.cab
DPF: {AB1AB4F8-C30F-4FB4-A030-1C9F5513831F} - hxxp://media.grab.com/media/6364d3/games/files/669/lregameloader6.cab
DPF: {ABB660B6-6694-407B-950A-EDBA5A159722} - hxxp://www.shockwave.com/content/davincicode/sis/DVC%20Download%20Control.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} - hxxp://www.worldwinner.com/games/v67/swapit/swapit.cab
DPF: {B12213CD-4189-415D-A054-7999528459F7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-word-travels/pixelstormlauncher.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
DPF: {B991DA79-51F7-4011-98D2-1F2592E82A56} - hxxp://209.67.146.69/ePlayer/2_0/ACNePlayer.cab
DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} - hxxp://aolsvc.aol.com/onlinegames/free-trial-diner-dash-flo-on-the-go/ddfotg.1.0.0.33.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-delicious-winter-edition/zylomplayer.cab
DPF: {C0C0CB9B-BFEB-47C2-90FA-BE9692875ADB} - hxxp://aolsvc.aol.com/onlinegames/free-trial-pet-shop-hop/petshophopweb.1.0.0.16.cab
DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - hxxp://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CEBE157C-C91E-4A45-BB3C-45F8C77C012F} - hxxp://games.bigfishgames.com/en_wandering-willows/online/WanderingWillowsWeb.1.0.0.18.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://gamerival.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D40F5876-A494-4124-8161-82625BB28C06} - hxxp://download.playfirst.com/play/game/chocolatier2/Chocolatier2Web.1.0.0.10.cab
DPF: {D410AFBD-4E26-4D5F-840F-0412D6F6BB8D} - hxxp://aolsvc.aol.com/onlinegames/free-trial-sandscript/SandScript.1.0.0.21.cab
DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} - hxxp://www.shockwave.com/content/cinematycoon/sis/cinematycoon.cab
DPF: {DBA8E419-0D5F-439B-A3CC-D01C768D9B51} - hxxp://aolsvc.aol.com/onlinegames/sonydavincicode/DVCDownloaderControl.cab
DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} - hxxp://aolsvc.aol.com/onlinegames/dinerdash/DinerDash.1.0.0.93.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
DPF: {E41BA393-9078-424E-9554-9DB5126F5F4C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-dream-chronicles-2/dream2web.1.0.0.13.cab
DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} - hxxp://aolsvc.aol.com/onlinegames/free-trial-wedding-dash/WeddingDash.1.0.0.47.cab
DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} - hxxp://aolsvc.aol.com/onlinegames/oberonmajongescape/PTGameLauncher.cab
DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-parking-dash/parkingdash.1.0.0.10.cab
DPF: {F46BD8B1-DE4C-4A4F-B6F6-8FB68D25342D} - hxxp://download.playfirst.com/play/game/mahjongroadshow/MahjongRoadshowWeb.1.0.0.16.cab
DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} - hxxp://aolsvc.aol.com/onlinegames/free-trial-sweetopia/Sweetopia.1.0.0.22.cab
DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} - hxxp://aolsvc.aol.com/onlinegames/free-trial-decadence-by-design/Chocolatier3Web.1.0.0.6.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxsrvc.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\krs9njpc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.verizon.net/central/appmanager/portal/vzcentral
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\krs9njpc.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\MailUtil.dll
FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\krs9njpc.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\documents and settings\owner\application data\mozilla\plugins\NPAbacheck.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\winnt\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\winnt\system32\drivers\aswSP.sys [2008-11-6 114768]
R2 aswFsBlk;aswFsBlk;c:\winnt\system32\drivers\aswFsBlk.sys [2008-11-6 20560]

=============== Created Last 30 ================

2010-07-07 21:12:14 1089593 ------w- c:\winnt\system32\dllcache\ntprint.cat
2010-07-07 02:43:03 0 d-----w- c:\winnt\system32\XPSViewer
2010-07-07 02:39:50 89088 ------w- c:\winnt\system32\dllcache\filterpipelineprintproc.dll
2010-07-07 02:39:50 597504 ------w- c:\winnt\system32\dllcache\printfilterpipelinesvc.exe
2010-07-07 02:39:50 575488 ------w- c:\winnt\system32\xpsshhdr.dll
2010-07-07 02:39:50 575488 ------w- c:\winnt\system32\dllcache\xpsshhdr.dll
2010-07-07 02:39:50 1676288 ------w- c:\winnt\system32\xpssvcs.dll
2010-07-07 02:39:50 1676288 ------w- c:\winnt\system32\dllcache\xpssvcs.dll
2010-07-07 02:39:50 117760 ------w- c:\winnt\system32\prntvpt.dll
2010-07-07 02:39:48 0 d-----w- C:\7397765f40085f60742b560d
2010-07-03 17:07:16 221568 ------w- c:\winnt\system32\MpSigStub.exe
2010-07-03 16:17:32 1355 ----a-w- c:\winnt\imsins.BAK
2010-07-02 17:20:51 471552 ------w- c:\winnt\system32\dllcache\aclayers.dll
2010-07-02 17:20:01 3558912 ------w- c:\winnt\system32\dllcache\moviemk.exe
2010-07-02 17:16:44 743424 ------w- c:\winnt\system32\dllcache\iedvtool.dll
2010-07-02 03:14:07 15064 ----a-w- c:\winnt\system32\wuapi.dll.mui
2010-06-26 21:49:26 0 d-----w- c:\program files\ESET
2010-06-26 06:32:22 0 d-----w- c:\docume~1\owner\applic~1\Merscom
2010-06-26 06:32:22 0 d-----w- c:\docume~1\alluse~1\applic~1\Merscom
2010-06-25 15:36:14 0 d-----w- c:\program files\common files\Motive
2010-06-24 23:30:55 0 d-----w- c:\docume~1\alluse~1\applic~1\Dekovir
2010-06-23 19:36:48 0 d-----w- c:\docume~1\owner\applic~1\Webshots
2010-06-23 19:36:12 0 d-----w- c:\docume~1\owner\applic~1\AGI
2010-06-23 19:35:22 0 d-----w- c:\program files\AGI
2010-06-23 19:17:33 0 d-----w- c:\docume~1\alluse~1\applic~1\agi
2010-06-20 07:17:35 75512 ----a-w- c:\winnt\zllsputility.exe
2010-06-20 07:16:19 1087216 ----a-w- c:\winnt\system32\zpeng24.dll
2010-06-20 07:16:15 0 d-----w- c:\winnt\system32\ZoneLabs
2010-06-20 07:16:15 0 d-----w- c:\program files\Zone Labs
2010-06-20 07:16:07 49617 ----a-w- c:\winnt\system32\vsconfig.xml
2010-06-20 07:11:24 0 d-----w- c:\winnt\Internet Logs
2010-06-20 01:23:11 0 d-----w- c:\docume~1\owner\applic~1\CheckPoint
2010-06-20 01:21:11 0 d-----w- c:\program files\Conduit
2010-06-20 01:21:09 0 d-----w- c:\program files\ZoneAlarm
2010-06-20 01:20:53 0 d-----w- c:\program files\CheckPoint
2010-06-19 05:34:40 0 d-----w- c:\docume~1\owner\applic~1\YoudaGames
2010-06-18 23:57:16 73728 ----a-w- c:\winnt\system32\javacpl.cpl
2010-06-18 23:57:15 411368 ----a-w- c:\winnt\system32\deployJava1.dll
2010-06-18 23:37:09 0 d-----w- c:\winnt\system32\Adobe
2010-06-14 03:39:26 0 d-----w- c:\docume~1\owner\applic~1\Awem
2010-06-13 02:28:53 0 d-----w- c:\docume~1\alluse~1\applic~1\FarmFrenzy3
2010-06-12 00:17:15 0 d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2010-06-12 00:16:47 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-06-12 00:16:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-06-12 00:16:35 20952 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-06-12 00:16:34 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-11 23:50:12 0 d-----w- c:\program files\iWin Games

==================== Find3M ====================

2010-06-28 16:59:07 15688 ----a-w- c:\winnt\system32\lsdelete.exe
2010-06-26 04:43:52 29034 ----a-w- c:\docume~1\owner\applic~1\wklnhst.dat
2010-06-26 04:24:19 77840 -c--a-w- c:\docume~1\owner\applic~1\GDIPFONTCACHEV1.DAT
2010-06-20 07:20:59 4212 -c-h--w- c:\winnt\system32\zllictbl.dat
2010-05-05 13:30:57 173056 ------w- c:\winnt\system32\dllcache\ie4uinit.exe
2010-05-02 05:22:50 1851264 ----a-w- c:\winnt\system32\win32k.sys
2010-05-02 05:22:50 1851264 ------w- c:\winnt\system32\dllcache\win32k.sys
2010-04-20 05:30:08 285696 ----a-w- c:\winnt\system32\atmfd.dll
2010-04-20 05:30:08 285696 ------w- c:\winnt\system32\dllcache\atmfd.dll
2006-07-16 15:49:51 2855080 -c--a-w- c:\program files\aawsepersonal.exe
2005-02-02 07:46:09 485386 -c--a-w- c:\program files\KennyChesney_MeAndYou.wav
2005-01-30 19:12:29 4354084 -c--a-w- c:\program files\spybotsd13.exe
2004-08-03 05:47:16 15817 -c--a-w- c:\program files\halting.mid
2004-08-03 05:39:02 8946 -c--a-w- c:\program files\DannyBoy.mid
2004-08-02 06:47:49 19697 -c--a-w- c:\program files\Dueling_Banjoes.mid
2004-08-02 06:16:07 24037 -c--a-w- c:\program files\aughrim.mid
2004-08-02 06:03:17 34015 -c--a-w- c:\program files\CottonEyedJoe.mid
2004-08-02 05:11:03 37370 -c--a-w- c:\program files\Eyeofthetiger.mid
2004-08-02 05:10:13 24227 -c--a-w- c:\program files\everythingido.mid
2004-07-26 03:07:25 3718222 ----a-w- c:\program files\supersleuth.exe
2004-07-25 19:28:34 4547319 -c--a-w- c:\program files\AOLSlingo_Setup.exe
2004-07-04 06:53:05 2543056 -c--a-w- c:\program files\RumbleCubeInstall.exe
2003-12-25 05:13:19 24122368 -c--a-w- c:\program files\CJXP75LE.exe
2003-12-18 07:28:45 670392 -c--a-w- c:\program files\to_all_good_night.zip
2003-12-17 16:49:13 1897672 -c--a-w- c:\program files\winzip81.exe
2009-07-17 22:54:37 16384 --sha-w- c:\winnt\system32\config\systemprofile\ietldcache\index.dat
2009-04-03 03:13:47 32768 --sha-w- c:\winnt\system32\config\systemprofile\local settings\history\history.ie5\mshist012009040220090403\index.dat
2009-07-17 22:54:37 32768 --sha-w- c:\winnt\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat

============= FINISH: 20:06:37.23 ===============
 
RAM is 512 MB.

My computer is a bit old bought it new in December 2003. Could the age of the computer be part of the problem? Also, what would cause the screen to freeze for a bit. I can be typing and the blinking cursor will disappear for a few seconds it will come back and the words or letters that I typed while there was no cursor will be there. It happens sometimes with the mouse, The pointer will be there but I can move the mouse and the pointer won't move.
 
Likely age of PC and lots of installed programs together are part of problem. I recommend to keep only Ad-Watch or TeaTimer enabled, not both, to save some system resources. About other hints for performance improving can be read here.
 
My computer just restarted itself. When it fully restarted, I got the message that windows had recovered from a fatal error. I reported the error. What if anything do I do now?
 
It may have been some random hiccup that caused the restart. I wouldn't worry too much about it.
 
You must log in or register to reply here.
Back
Top