Solved fake antivirus removed-now Internet Explorer will not connect.

[Resolved] fake antivirus removed-now Internet Explorer will not connect.

While using my space karaoke some Fake virus program took over my computer- I didn't have control of any function including control-alternate-delete. No way to end the programs, restart under start did not work so pressed the button to restart computer.

SpyBot S&D found one fake antivirus program infection and healed.
AVG found 6 infections with Trogan horse Cryptic.Z as well as, (two instances Cryptic.Z were in the recovery) of 1 one infection of Trogan horse Cryptic.l. Additionally there were three registry key reference is to the infected files. Infections were removed to the virus vault. Computer seems okay except after Internet Explorer cannot display the webpage as well as other programs that depend upon Internet Explorer will not connect. Hotmail, Google Earth's as examples.

Luckily Mozilla Foxfire appears to be okay, so I'm able to communicate. It's fortunate I registered with Yahoo address not a Hotmail address or I would not be able to complete registration on your site. Using the Microsoft Diagnosing connection problem results in a recommendation to contact computer manufacturer. Interestingly I was able to install new Internet Explorer which, of course did not help.

how do I attach the two files
might be some P2P but is not used.

 

fake antivirus removed-now Internet Explorer will not connect.

DDS (Ver_09-12-01.01) - NTFSx86
Run by Lee Rice at 20:29:06.07 on Sun 03/07/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_03
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1030 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\ANYCOM\Blue USB-200-250\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe
C:\Program Files\NETGEAR\WG111T\wlan111t.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Documents and Settings\Lee Rice\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
uDefault_Page_URL = hxxp://www.myspace.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://safesearch.cyberdefender.com/smallsearch.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
mSearchAssistant = hxxp://www.google.com/ie
mCustomizeSearch = about:blank
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: MySpace Toolbar: {28aed1af-b164-44cd-b435-cf04aa955015} - c:\program files\myspace\toolbar\1.0.45.0\MySpaceToolbar.dll
BHO: dsWebAllowBHO Class: {2f85d76c-0569-466f-a488-493e6bd0e955} - c:\program files\windows desktop search\dsWebAllow.dll
BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - No File
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: MySpace Toolbar: {28aed1af-b164-44cd-b435-cf04aa955015} - c:\program files\myspace\toolbar\1.0.45.0\MySpaceToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn1\yt.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [EPSON Stylus CX6600 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /M "Stylus CX6600" /EF "HKCU "
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\progra~1\wi1f86~1\messen~1\msnmsgr.exe" /background
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [WordWeb] "c:\program files\wordweb\wweb32.exe" -startup
StartupFolder: c:\documents and settings\lee rice\start menu\programs\startup\Epson all-in-one Registration.lnk.disabled
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Bluetooth.lnk.disabled
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111t\wlan111t.exe
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\Windows Desktop Search.lnk.disabled
StartupFolder: c:\documents and settings\all users\start menu\programs\startup\WordWeb.lnk.disabled
IE: Download Using &BitSpirit - c:\program files\bitspirit\bsurl.htm
IE: Open in new background tab - c:\program files\windows live toolbar\components\en-us\msntabres.dll.mui/229?4634c91b25db467e8a93c594ff90bb15
IE: Open in new foreground tab - c:\program files\windows live toolbar\components\en-us\msntabres.dll.mui/230?4634c91b25db467e8a93c594ff90bb15
IE: Send To &Bluetooth
IE: Send to &Bluetooth Device... - c:\program files\anycom\blue usb-200-250\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\anycom\blue usb-200-250\btsendto_ie.htm
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\anycom\blue usb-200-250\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/PCPitStop.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1175253104609
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189260187578
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://camera3.buffalotrace.com/activex/AxisCamControl.cab
DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} - hxxp://utilities.pcpitstop.com/Nirvana/controls/DiskMD3Ctrl.dll
DPF: {A553720A-BFED-4EA4-A71F-7EFCA690A1F7} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcpitstopAntiVirus.dll
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: {C111A91F-D4EC-4D22-8D27-C3BCB0389F43} - hxxp://camera2.buffalotrace.com/activex/AMC.cab
DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.3.1/jinstall-131-win.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://camera.buffalotrace.com/activex/AMC.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\leeric~1\applic~1\mozilla\firefox\profiles\9wegvbjv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-USfficial
FF - prefs.js: keyword.URL - hxxp://searchservice.myspace.com/index.cfm?fuseaction=sitesearch.results&type=Web&orig=TB-WFFDS&qry=
FF - plugin: c:\documents and settings\lee rice\application data\mozilla\firefox\profiles\9wegvbjv.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ksolo\npAVX.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npkimi.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
user_pref('capability.policy.policynames', 'localfilelinks');user_pref('capability.policy.localfilelinks.sites', 'hxxp://www.webmynd.com http://www.google.com');user_pref('capability.policy.localfilelinks.checkloaduri.enabled', 'allAccess');c:\program files\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-21 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-4-21 28424]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-21 360584]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2009-11-2 285392]
R2 AVWEBCAM;AV WebCam, WDM Video Capture;c:\windows\system32\drivers\avwebcam.sys [2008-3-6 13696]
R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\IS360srv.exe [2009-7-23 304400]
R2 WebCamHelper;WebCamHelper;c:\progra~1\avwebc~1\WebCamHelper.sys [2009-3-27 2688]
R3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [2009-6-1 17149]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2007-6-11 968064]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2009-3-28 17792]
S2 gupdate1c9bbf1f4c06332;Google Update Service (gupdate1c9bbf1f4c06332);c:\program files\google\update\GoogleUpdate.exe [2009-4-12 133104]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [2007-3-30 5824]
S3 ATHFMWDL;NETGEAR WG111T bootloader driver;c:\windows\system32\drivers\athfmwdl.sys [2010-1-10 43392]
S3 HauppaugeTVServer;HauppaugeTVServer;c:\progra~1\wintv\HCWTVS~1.EXE [2008-1-31 815104]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-3-27 23064]
S3 V0230Vfx;V0230Vfx;c:\windows\system32\drivers\V0230Vfx.sys [2009-11-26 6272]
S3 V0230VID;Live! Cam Video IM Pro;c:\windows\system32\drivers\V0230VID.sys [2009-11-26 500608]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\pcpitstopscheduleservice.exe --> c:\program files\pcpitstop\PCPitstopScheduleService.exe [?]

=============== Created Last 30 ================

2010-03-08 00:44:31 0 dc-h--w- c:\windows\ie8
2010-03-08 00:40:27 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-21 19:01:28 0 d-----w- C:\vcs5BGEffects
2010-02-21 18:56:33 0 d-----w- c:\program files\AV Vcs 6.0 DIAMOND
2010-02-21 17:31:21 0 d--h--w- c:\windows\PIF
2010-02-19 11:09:43 0 d-----w- c:\program files\YInformer
2010-02-12 01:05:40 0 d-----w- c:\windows\system32\wbem\Repository

==================== Find3M ====================

2010-03-07 05:10:40 3478 ----a-w- c:\docume~1\leeric~1\applic~1\SAS7_000.DAT
2010-02-18 02:34:50 1192128 ------w- c:\windows\system32\wweb32.dll
2010-01-18 20:58:20 386 ----a-w- C:\temp.dat
2010-01-09 19:46:34 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-16 12:58:04 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35:35 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 18:53:08 2136064 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:19:32 2015744 ----a-w- c:\windows\system32\ntkrnlpa.exe
2003-06-20 08:05:04 49776 ----a-w- c:\windows\inf\usbhub20.sys
2003-06-20 08:05:04 24752 ----a-w- c:\windows\inf\hidclass.sys
2003-06-20 08:05:04 20688 ----a-w- c:\windows\inf\usbd.sys
2003-06-20 08:05:04 19728 ----a-w- c:\windows\inf\usbehci.sys
2003-06-20 08:05:04 138288 ----a-w- c:\windows\inf\usbport.sys

============= FINISH: 20:29:30.45 ===============

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/30/2007 6:29:20 AM
System Uptime: 3/7/2010 8:09:02 PM (0 hours ago)

Motherboard: ASUSTeK Computer INC. | | M2N-SLI DELUXE
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ | Socket AM2 | 2612/200mhz
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ | Socket AM2 | 2612/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 80.786 GiB free.
D: is CDROM ()
E: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: WebcamMax, WDM Video Capture
Device ID: ROOT\MEDIA\0000
Manufacturer: CoolwareMax
Name: WebcamMax, WDM Video Capture
PNP Device ID: ROOT\MEDIA\0000
Service: CAMTHWDM

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Screaming Bee Audio
Device ID: ROOT\MEDIA\0003
Manufacturer: Screaming Bee
Name: Screaming Bee Audio
PNP Device ID: ROOT\MEDIA\0003
Service: SCREAMINGBDRIVER

==== System Restore Points ===================

RP997: 12/8/2009 6:32:46 AM - System Checkpoint
RP998: 12/9/2009 7:40:38 AM - Software Distribution Service 3.0
RP999: 12/10/2009 7:43:30 PM - System Checkpoint
RP1000: 12/10/2009 10:59:19 PM - Installed Java(TM) 6 Update 17
RP1001: 12/10/2009 11:28:12 PM - Restore Operation
RP1002: 12/11/2009 11:29:26 AM - Software Distribution Service 3.0
RP1003: 12/12/2009 8:17:10 AM - Avg8 Update
RP1004: 12/12/2009 8:18:18 AM - Avg8 Update
RP1005: 12/14/2009 12:06:09 PM - System Checkpoint
RP1006: 12/15/2009 9:04:35 PM - System Checkpoint
RP1007: 12/16/2009 10:18:35 PM - System Checkpoint
RP1008: 12/18/2009 2:45:53 AM - System Checkpoint
RP1009: 12/19/2009 7:48:21 AM - System Checkpoint
RP1010: 12/19/2009 9:38:36 AM - Avg8 Update
RP1011: 12/22/2009 9:46:19 AM - Avg8 Update
RP1012: 12/23/2009 3:00:37 PM - System Checkpoint
RP1013: 12/25/2009 7:27:50 PM - System Checkpoint
RP1014: 12/28/2009 1:38:21 AM - System Checkpoint
RP1015: 12/29/2009 10:09:05 AM - System Checkpoint
RP1016: 12/30/2009 5:38:52 PM - System Checkpoint
RP1017: 12/31/2009 6:23:00 PM - Avg8 Update
RP1018: 1/1/2010 11:50:29 PM - System Checkpoint
RP1019: 1/2/2010 4:19:40 PM - Installed Uniblue DriverScanner v1.0
RP1020: 1/3/2010 6:04:29 PM - System Checkpoint
RP1021: 1/4/2010 6:09:49 PM - System Checkpoint
RP1022: 1/5/2010 7:53:48 PM - System Checkpoint
RP1023: 1/8/2010 10:11:20 PM - System Checkpoint
RP1024: 1/9/2010 2:36:08 PM - Removed NETGEAR WG111T Smart Wizard Wireless Utility
RP1025: 1/9/2010 2:46:31 PM - Installed NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
RP1026: 1/10/2010 9:07:28 PM - Removed NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
RP1027: 1/10/2010 9:08:20 PM - Removed NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
RP1028: 1/10/2010 9:08:51 PM - Removed NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
RP1029: 1/10/2010 9:09:23 PM - Removed NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
RP1030: 1/10/2010 9:10:18 PM - Removed NETGEAR WG111T Smart Wizard Wireless Utility
RP1031: 1/10/2010 9:11:24 PM - Installed NETGEAR WG111T Smart Wizard Wireless Utility
RP1032: 1/10/2010 9:16:00 PM - Removed NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
RP1033: 1/10/2010 9:17:01 PM - Installed NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
RP1034: 1/12/2010 3:57:44 AM - System Checkpoint
RP1035: 1/13/2010 6:29:04 AM - System Checkpoint
RP1036: 1/13/2010 7:47:56 AM - Software Distribution Service 3.0
RP1037: 1/15/2010 6:38:21 AM - System Checkpoint
RP1038: 1/17/2010 8:16:08 PM - System Checkpoint
RP1039: 1/18/2010 9:13:32 AM - Avg8 Update
RP1040: 1/18/2010 7:35:49 PM - Installed Python 2.6.4
RP1041: 1/20/2010 12:03:15 AM - System Checkpoint
RP1042: 1/20/2010 7:43:41 AM - Software Distribution Service 3.0
RP1043: 1/21/2010 10:44:47 PM - System Checkpoint
RP1044: 1/22/2010 6:13:30 AM - Software Distribution Service 3.0
RP1045: 1/23/2010 7:32:31 AM - System Checkpoint
RP1046: 1/24/2010 12:54:48 PM - System Checkpoint
RP1047: 1/25/2010 8:30:25 PM - System Checkpoint
RP1048: 1/26/2010 6:02:09 PM - Avg8 Update
RP1049: 1/28/2010 9:01:52 PM - Restore Operation
RP1050: 1/28/2010 9:10:04 PM - Avg8 Update
RP1051: 1/29/2010 9:47:05 PM - System Checkpoint
RP1052: 2/2/2010 9:39:17 PM - Unsigned driver install
RP1053: 2/5/2010 6:13:01 PM - System Checkpoint
RP1054: 2/7/2010 7:22:10 AM - System Checkpoint
RP1055: 2/9/2010 7:40:06 AM - System Checkpoint
RP1056: 2/10/2010 7:40:14 AM - System Checkpoint
RP1057: 2/10/2010 7:51:02 AM - Software Distribution Service 3.0
RP1058: 2/11/2010 2:06:38 AM - Installed Java(TM) 6 Update 18
RP1059: 2/11/2010 8:02:07 PM - before restore
RP1060: 2/11/2010 8:03:09 PM - Restore Operation
RP1061: 2/12/2010 8:37:11 AM - Software Distribution Service 3.0
RP1062: 2/13/2010 10:22:38 AM - System Checkpoint
RP1063: 2/14/2010 7:26:49 PM - System Checkpoint
RP1064: 2/15/2010 10:25:22 PM - System Checkpoint
RP1065: 2/17/2010 7:26:54 AM - System Checkpoint
RP1066: 2/18/2010 10:51:19 PM - System Checkpoint
RP1067: 2/21/2010 10:29:34 AM - Installed Demo Virtual EVE
RP1068: 2/21/2010 10:41:41 AM - Removed Demo Virtual EVE
RP1069: 2/22/2010 5:48:08 PM - System Checkpoint
RP1070: 2/24/2010 10:59:42 AM - Software Distribution Service 3.0
RP1071: 2/25/2010 10:45:31 PM - System Checkpoint
RP1072: 2/26/2010 11:27:34 PM - System Checkpoint
RP1073: 3/1/2010 6:16:40 PM - System Checkpoint
RP1074: 3/4/2010 8:19:23 AM - System Checkpoint
RP1075: 3/6/2010 6:06:51 AM - Software Distribution Service 3.0
RP1076: 3/7/2010 6:56:12 AM - System Checkpoint
RP1077: 3/7/2010 7:44:46 PM - Installed Windows Internet Explorer 8.
RP1078: 3/7/2010 7:45:21 PM - Software Distribution Service 3.0

==== Installed Programs ======================


ABBYY FineReader 5.0 Sprint Plus
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0.9
Advanced SystemCare 3
Advanced Video FX Engine
ANYCOM USB-200/250 Bluetooth Software
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Software Suite
AsusUpdate
ATI Catalyst Control Center
ATI Catalyst Install Manager
ATI Display Driver
ATI HYDRAVISION
ATI Parental Control & Encoder
AV Voice Changer Software DIAMOND 6.0
AV WebCam Morpher 2.0
AVG Free 9.0
AXIS Media Control Embedded
BitSpirit v3.5.0.236 Stable
Blender (remove only)
Bonjour
CCleaner
ClearType Tuning Control Panel Applet
Creative Live! Cam Center
Creative Live! Cam Doodling
Creative Live! Cam Manager
Creative Live! Cam Video IM Pro Driver (1.02.02.1018)
Creative Live! Cam Video IM Pro User's Guide (English)
Creative Photo Calendar
Creative Photo Manager
Creative Software AutoUpdate
Creative System Information
Disk Investigator 1.4
DivX Web Player
Dragon NaturallySpeaking 9
Driver Robot 1.0.9.5
DriverAgent by eSupport.com
Earthsim
EPSON CardMonitor
EPSON Copy Utility 3
EPSON CX6600 Reference Guide
EPSON PhotoCenter
EPSON PhotoStarter3.2
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
EPSON Web-To-Page
Fake Webcam 5.1.0
FastStone Capture 5.5
FastStone Image Viewer 3.2
Form Fill (Windows Live Toolbar)
GIMP 2.6.7
GOM Player
Google Chrome
Google Earth
Google Update Helper
Google Updater
Hauppauge WinTV
Hauppauge WinTV Radio
Hauppauge WinTV Scheduler
Hauppauge WinTV TV Services
Hauppauge WinTV2000
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB924941)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Imikimi Plugin
InfraRecorder
InterVideo FilterSDK for Hauppauge
IObit Security 360 Beta 2.1
iPhone Configuration Utility
IrfanView (remove only)
iTunes
Java 2 Runtime Environment Standard Edition v1.3.1
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6
Java(TM) SE Runtime Environment 6 Update 1
Junk Mail filter update
K-Lite Mega Codec Pack 5.0.5
kSolo Recorder
Logitech Desktop Messenger
Map Button (Windows Live Toolbar)
Maya 8.5 Personal Learning Edition
Maya 8.5 Personal Learning Edition Documentation (en_US)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 6.2
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft LifeChat
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
Miranda IM 0.7.3
MorphVOX Junior
Mozilla Firefox (3.5.8)
Mozilla Firefox (3.6b4)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
muvee autoProducer 4.1
MyConnection PC Lite Edition
MySpace Toolbar
MySpaceIM
MySpeed PC Lite Edition
Nero 6 Demo
NETGEAR WG111T 108Mbps Wireless USB2.0 Adapter
Network Stumbler 0.4.0 (remove only)
NVIDIA Drivers
OpenOffice.org 2.2
Orb
PaltalkScene
PaperPort Image Printer
PC Pitstop Exterminate2 2.0
PC Pitstop Optimize 1.5
PC Pitstop Optimize2 2.0
Power CD+G to Video Karaoke Converter
PowerDVD
Python 2.6.4
Quick Exchange 1.5
Quick Screen Recorder 1.5
QuickTime
RunAlyzer
ScanSoft OmniPage 16
ScanSoft PaperPort 11
ScanSoft PDF Create! 4
ScanToWeb
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
Segoe UI
SightSpeed (remove only)
Skype web features
Skype™ 4.1
Smart Defrag 1.11
Smart Menus (Windows Live Toolbar)
Software Informer 1.0 BETA
Solway's Internet Search v2.2
Solway's Internet TV and Radio 1.54
SoundMAX
Spybot - Search & Destroy
Tabbed Browsing (Windows Live Toolbar)
TSP_CODEC
Uniblue DriverScanner 2009
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB978506)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VLC media player 0.9.9
WebcamMax
WebFldrs XP
Windows Desktop Search
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Presentation Foundation
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinRAR archiver
Wisdom-soft AutoScreenRecorder 2.1 Pro
WordWeb
XML Paper Specification Shared Components Pack 1.0
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Photos Easy Upload Tool 1v7
Yahoo! Toolbar
Yazak Chat 8.86.19
YInformer

==== Event Viewer Messages From Past Week ========

3/5/2010 6:08:38 PM, error: Dhcp [1002] - The IP address lease 192.168.0.3 for the Network Card with network address 001731D90CD9 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
3/1/2010 6:01:17 PM, error: Service Control Manager [7000] - The Bluetooth Port Client Driver service failed to start due to the following error: The system cannot find the file specified.

==== End Of File ===========================

 

Download Malwarebytes' Anti-Malware (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Download the update from here if you have problems.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Make sure that you restart the computer.

=============

Download HijackThis Executable from here. Save it to your desktop.
Start HJT & press the "Do a system scan and save a log file" button. When the scan is finished a window will pop up giving you the option of where to save it. Save it to desktop where it is easy to access. Open the log file and then go to the format Tab and make sure that wordwrap is unchecked. Copy the entire contents of the file & paste it into the body of your post. DO NOT FIX ANYTHING YET. Most of what is there is necessary for the running of your system.

 

Great to notice your reply this morning when I awoke. Thank you for your quick reply-download of your recommended programs however will wait until this evening so will have more time in case problems occur.

By the way, Didn't recall had recorded this information immediately after computer rebooted. may not be important however... I suspect my space might be one source because my son's computer in a separate home has been infected with fake antivirus while using my space. More than once, although don't know how often.

AVG scan did not find anything except informational. (Until after ran SpyBot)

Spy Bot S&D found:
ZANGO.Shoppingreport ad ware
Fraud.Sysguard Malware (without detailed information)
Hotbar pups
above Fixed with spy bot.

Short browsing history immediately after rebooting.

ASetup_2003-1.exe
r=30417130987TqWO
Computer Security
/?1d=2003&k=6ae630e3a&d=1&s=1
( browsing above was automatic and not by intentional clicking)
MySpace
MySpace
Index.cfm
MySpace

very grateful your available for helping-thank you so much

 

before trying your suggestions in case I lose my computer completely want posting this information. if I'm not able to return, hope someone more clever than myself will be able to eliminate the source of the viruses. I'm becoming more convinced that my space might be one source of these virus problems. because just now another virus was detected by AVG while I was browsing (only) my space karaoke. the information I was able to see from a AVG virus detection warning follows:

Access file is infected. C:\documents and settings\Lee Rice\local settings\application data\Mozilla\Firefox\profiles\Swegvbjv .default\as shecache\85C17048d01

Virus identified exploit.pdf
detected on open

process nine see:\program files\Adobe\Acrobat 7.0\reader\AcroRd32 .exe
process ID: 3276

page as I was browsing at the time: http://ksolo.myspace.com/actions/sh... if I'm over posting, unwanted information.in

 

If your anti-virus program is catching the virus, that means that it is doing the job that it is supposed to do .
Keep the AV updated and hopefully things will remain well.
Make sure to update MBA-M before you run it too.

 

results of Malwarebytes - small glitch and rebooting after scanning and cleaning with Malwarebytes: computer hung on reboot at motherboard advertisement. however booted after pressing the restart button.

Malwarebytes' Anti-Malware 1.44
Database version: 3740
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

3/9/2010 4:05:31 AM
mbam-log-2010-03-09 (04-05-31).txt

Scan type: Full Scan (C:\|)
Objects scanned: 347566
Time elapsed: 1 hour(s), 29 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 14
Files Infected: 202

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\Lee Rice\Application Data\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\ustat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\Weather_XML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\HotbarSA (Adware.Hotbar) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\Lee Rice\Local Settings\Temporary Internet Files\Content.IE5\CJML3C6L\get[1].htm (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464878.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464773.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464867.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464875.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464877.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464879.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464880.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464881.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464882.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464883.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464884.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464885.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464894.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{D4518210-CBB8-43E6-BE1A-A9A4DFA08FD2}\RP1049\A0464895.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\1.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\3893245.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\3895551.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\491501.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\domains.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\218859 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\241998 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\27503 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\279564 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\295807 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\34123 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\34186 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\342421 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\449624 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\4574 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\45833 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\52335 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\552212 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\568240 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\58203 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\61779 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\61837 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\64495 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\69263 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\70375 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\70449 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\72807 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\738205 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\751230 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\751231 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\753634 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\8443 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\92930 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\TooltipXML\95716 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\ustat\392a.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\dynamic\ustat\392d.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\ads.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\btntrans.idx (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\btntrans1.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\business_promo.htm (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\buttondir.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\components.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\cursors.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\default.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_511745-514279.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz1.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz10.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz11.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz12.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz13.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz14.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz15.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz16.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz17.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz18.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz19.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz2.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz20.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz3.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz4.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz5.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz6.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz7.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz8.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_bidz9.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_categorize.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_comparison.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_em_PROFL_CA_flow_b_IEB.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_explorer-Mails.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_explorer-people.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_favorites.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_Games.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_Hide.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_hotbarcom.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_Hotmail.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_hsskin.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_jemster.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_jemsterie.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_jemsteruk.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_jobsearch.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_Mails.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_new.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_premium.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_reun.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_ringtones.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_SearchBoxTrapper.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_searchfor.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_searchgo.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_weather.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Default_yellowpages.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_1000.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_2000.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_3000.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_bar.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_bbar1.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_logos.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_buttons_other.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\d_icons_weather.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\editblbuttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\email-def-511724-548964.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\email-def-511724-9595.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\email-t1-bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\gamesmenu.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\gamesMenu.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\hb_ie_menu.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\hotbar-premium-hotbar-premium.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\hotbar-premium.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\hotbar_promo.htm (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\icons2.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\ie_games_icon.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\ie_video.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\keywords.idx (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\keywords1.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\layout.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\linkpathlegal.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\more.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\new_games.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\progress.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\sales_buttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\sdfmodifier.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\s_icons_buttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\t2_bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\theweb.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\top7.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\Top7_theweb.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\tsd_bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\1\weathericon.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\ads.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\BtnTrans.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\BtnTrans1.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\business_promo.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\buttondir.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\cursors.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\default.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_1000.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_2000.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_3000.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_bar.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_logos.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_buttons_other.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\d_icons_weather.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\editblbuttons.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\email-t1-bg.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\gamesmenu.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\hb_ie_menu.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\hotbar-premium.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\hotbar_promo.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\icons2.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\ie_games_icon.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\ie_video.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\keywords.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\keywords1.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\layout.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\linkpathlegal.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\more.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\progress.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\sales_buttons.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\samplegroups2.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\samplegroups2.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\sdfmodifier.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\s_icons_buttons.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\t2_bg.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\top7.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\tsd_bg.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\v3.5\Hotbar\static\DownLoad\weathericon.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\history (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherStartup.xml (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\Links (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\radar-big.jpg (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\radar-small (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\satellite-big.jpg (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\satellite-small (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\WeatherPreferences (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML\Display (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML\Loading (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\WeatherDPA\Weather_XML\screen2 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\Weather_XML\Default (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\Weather_XML\Genera1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Lee Rice\Application Data\Hotbar\Weather\Weather_XML\General (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAAbout.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAau.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSAEULA.mht (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA_hpk.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\HotbarSA\HotbarSA_kyf.dat (Adware.Hotbar) -> Quarantined and deleted successfully.

 

Sorry to say that you did not update MBA-M. You should update it and do another scan, remove what is found, then reboot and post the log.
You also need to run Hijackthis as requested.

 

whoops, sorry. Malwarebytes would not update from its console. (because of-no Internet explorer?) clicked "here" in previous post to update- will do again. I did a Hijackthis scan- Malwarebytes log was slow to upload so I was waiting to post Hijackthis log. repeating an attempt to update Malwarebytes although I believe is same file used to update yesterday(mbam-rules 4,388 KB application ?) . will rerun Malwarebytes and Hijackthis. Hijackthis this is the beta version, is that acceptable? considering the length of time to run, might not have time to post this morning. Thank you for your help and endurance.

 

No worries. If you can get the Hijackthis log up, I can get IE to connect again.

 

fresh results are Hijackthis and Malwarebytes. log for Hijackthisfirst because no problems found with Malwarebytes. Try to update Malwarebytes-hope what successful because as said before cannot update from the console, perhaps because no Internet Explorer. Thank you for your help.

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 7:39:07 AM, on 3/9/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ANYCOM\Blue USB-200-250\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\WordWeb\wweb32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NETGEAR\WG111T\wlan111t.exe
C:\Program Files\PKWARE\PKZIPM\9.00.0010\PKTray.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Nuance\NaturallySpeaking9\Program\natspeak.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = Download Directory
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.myspace.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://safesearch.cyberdefender.com/smallsearch.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.45.0\MySpaceToolbar.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MySpace Toolbar - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.45.0\MySpaceToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [WordWeb] "C:\Program Files\WordWeb\wweb32.exe" -startup
O4 - HKCU\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /M "Stylus CX6600" /EF "HKCU "
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\WI1F86~1\MESSEN~1\msnmsgr.exe" /background
O4 - Startup: Epson all-in-one Registration.lnk.disabled
O4 - Global Startup: Bluetooth.lnk.disabled
O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111T\wlan111t.exe
O4 - Global Startup: PKZIP Attachments Status.lnk = C:\Program Files\PKWARE\PKZIPM\9.00.0010\PKTray.exe
O4 - Global Startup: Windows Desktop Search.lnk.disabled
O4 - Global Startup: WordWeb.lnk.disabled
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?4634c91b25db467e8a93c594ff90bb15
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?4634c91b25db467e8a93c594ff90bb15
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Blue USB-200-250\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1175253104609
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} (PCPitstop AntiVirus) - http://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1189260187578
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://camera3.buffalotrace.com/activex/AxisCamControl.cab
O16 - DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} (diskhealth Class) - http://utilities.pcpitstop.com/Nirvana/controls/DiskMD3Ctrl.dll
O16 - DPF: {A553720A-BFED-4EA4-A71F-7EFCA690A1F7} (PCPitstop AntiVirus) - http://utilities.pcpitstop.com/Nirvana/controls/pcpitstopAntiVirus.dll
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {C111A91F-D4EC-4D22-8D27-C3BCB0389F43} (AudioHandlerEmbedded) - http://camera2.buffalotrace.com/activex/AMC.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://camera.buffalotrace.com/activex/AMC.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15030/CTPID.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
O18 - Protocol: bw+0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: offline-8876480 - {DB91ABBB-99ED-4375-80B9-383DE02B4B04} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ANYCOM\Blue USB-200-250\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate1c9bbf1f4c06332) (gupdate1c9bbf1f4c06332) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

--
End of file - 25890 bytes


Malwarebytes' Anti-Malware 1.44
Database version: 3740
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

3/9/2010 7:37:00 AM
mbam-log-2010-03-09 (07-37-00).txt

Scan type: Full Scan (C:\|)
Objects scanned: 347523
Time elapsed: 1 hour(s), 31 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

Can you please do the following.

===============

Scan with HijackThis and then place a check next to all the following, if present:


R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555

O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)


Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked ".

===============

After rebooting, update MBA-M and run another scan. Let me know how things are now.

 

outstanding- "Nonesuch ". Malwarebytes updated and is currently running. Internet Explorer works.

Been noticing O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file) for a year or more. knew was unnecessary or the remnants of a virus but reluctant to edit Registry.

maybe finally learned well, what I knew and research to do for the past years. (buy Acronis or similar recommended), as well as brand-new hard drive. clone and put on the shelf. As well as routinely backup entire drive and operating system,for simple recovery. will feel good to have confidence to remove a lot of unnecessary forgotten programs or take a shot at editing registry.

is Malwarebytes, the big bad pup of virus programs or good to use in combination with AVG, etc.?

already know the results will be good, however will be back to report when virus scan finishes, and to thank you again.

 

Malwarebytes is one of the best removal programs today. Does have real-time protection capabilities, but needs to be purchased to enable that.
Should have no problem running alongside an AV program.

 

Internet explorer works. Google earth works. Have not tried my mail yet, but probably okay because Internet Explorer is working more interested in coming here to thank you. The scan just completed, detected a couple of problems, however I consider this a success.

thinking of recommending Malwarebytes to acquaintance who has had fake virus scam appear-to be controlled by their avast, with no apparent problems. I'm not sure they will follow your instructions carefully enough, so... maybe Malwarebytes will be a good precaution, for them.

Although usually use Firefox except for a few explorer dependent processes, thank you for getting Internet Explorer working.

And thanks for recommending virus program that appeared to detected many things AVG did not.



Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Lee Rice\x.exe (Worm.AutoRun.Gen) -> Quarantined and deleted successfully.

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Lee Rice\x.exe (Worm.AutoRun.Gen) -> Quarantined and deleted successfully.

 

apologies, double post deleted

 

Just so that you are aware. MBA-M is not an anti-virus program, but an anti-malware program. So, make sure to keep an AV on the pc .
I need you to do one more thing for me now.

Please use the Internet Explorer browser (or FireFox with IETab), and do an online scan with [color= "blue"]Kaspersky Online Scanner[/color]

Note: If you have used this particular scanner before, you MAY HAVE TO UNINSTALL the program through Add/Remove Programs before downloading the new ActiveX component

Click Yes, when prompted to install its ActiveX component.
(Note.. for Internet [color= "#3333FF"]Explorer 7[/color] users: If at any time you have trouble with the "Accept" button of the license, click on the "Zoom" tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)
The program launches and downloads the latest definition files.

• Once the files are downloaded click on Next
• Click on Scan Settings and configure as follows:
  • Scan using the following Anti-Virus database:
    • [color= "#6666CC"]Extended[/color]
  • Scan Options:
    • [color= "#6666CC"]Scan Archives[/color]
    • [color= "#6666CC"]Scan Mail Bases[/color]
• Click OK and, under select a target to scan, select My Computer

When the scan is done, in the [color= "Navy"]Scan is completed [/color]window (below), any infection is displayed.
There is no option to clean/disinfect, however, we need to analyze the information on the report.


To obtain the report:
Click on: Save Report As (above - red blinking arrow)
Next, in the [color= "Navy"]Save as [/color]prompt, [color= "navy"]Save in[/color] area, select: Desktop
In the [color= "navy"]File name[/color] area, use KScan, or something similar
In [color= "navy"]Save as type[/color], click the drop arrow and select: Text file [*.txt]
Then, click: Save
Please post the [color= "Navy"]Kaspersky Online Scanner Report [/color]in your reply.

 

finished VirusScan, although couple of viruses were found not a big problem because Internet Explorer, and Google Earth's are still working. scan log below:

Malwarebytes' Anti-Malware 1.44
Database version: 3843
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

3/9/2010 8:17:16 PM
mbam-log-2010-03-09 (20-17-16).txt

Scan type: Full Scan (C:\|)
Objects scanned: 351883
Time elapsed: 1 hour(s), 37 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Lee Rice\x.exe (Worm.AutoRun.Gen) -> Quarantined and deleted success

 

Can you please post the Kaspersky log from the scan. Will need to have a look at it. If you do not clean everything up, you will end up back where you started......no IE and no google earth.