Inactive [InActive]Google Redirect Issue

Hello,

I have recently acquired the google redirect trojan/virus. I tried to download and install RSIT but the url is blocked along with quite a few others (mostly spyware, malware, virus remover tools). I have been able to run Ccleaner, malwarebytes, and hijack this. Hijack log will follow below. Any help at all is much appreciated.

Thanks,
Chad

Logfile of HijackThis v1.99.1
Scan saved at 10:15:23 AM, on 10/22/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
J:\hijackthis\HijackThis.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\System32\dlcccoms.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

 

Hi Chad
Welcome to WindowsBBS.

Did you run HJT in safe mode or normal mode?

If you ran HJT in normal mode, it is showing that your computer is very unsecure at this point.

Do you have Windows SP1 and a anti virus installed?

You need Service Pack 1 (SP1) installed on you system, you also need an Anti-Virus program downloaded and ran on your computer.

The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft.com/windowsxp/downloads/updates/sp1/default.mspx
Apply the update, reboot your computer.

Now download and install 1 anti virus program. These are free.

Please Download and run only 1 AV.

Anti-Virus
AVGFree
Avast

Update and scan your computer with the AV. Quarantine/Delete anything it finds.


Now do this.

• Download RSIT by random/random and save it to your desktop.
• Double click RSIT.exe to start the tool.
• At the disclaimer, please use the drop down box to select 3 months for the file/folder search, then click Continue.
• If prompted by your firewall to allow RSIT to access the internet, please allow it. It will be updating yourr version of HijackThis.
• When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
• Please post the contents of log.txt here in your next reply.

Thanks
Geri

 

Alright, I have updated to service pack 2 and AVG. Ran full scan with AVG, it did not find anything.

Logfile of random's system information tool 1.04 (written by random/random)
Run by CChandler at 2008-10-23 12:09:29
Microsoft Windows XP Professional Service Pack 2
System drive C: has 62 GB (85%) free of 73 GB
Total RAM: 1503 MB (74% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-23 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15 440056]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint "=C:\Program Files\Microsoft IntelliPoint\point32.exe [2003-05-15 163840]
"AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-23 1235736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"SUPERAntiSpyware "=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-08-19 1576176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= "avgrsstx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{F28439F2-4996-41B8-8BD0-22789780DE81} "= []
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\AVG\AVG8\avgupd.exe "= "C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "
"C:\Program Files\AVG\AVG8\avgui.exe "= "C:\Program Files\AVG\AVG8\avgui.exe:*:Enabled:AVG Free User Interface "
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe "= "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware "
"C:\Program Files\CCleaner\CCleaner.exe "= "C:\Program Files\CCleaner\CCleaner.exe:*:Enabled:CCleaner "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1 "

======List of files/folders created in the last 3 months======

2008-10-23 12:09:29 ----D---- C:\rsit
2008-10-23 12:09:29 ----D---- C:\Program Files\trend micro
2008-10-23 09:57:47 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-10-23 09:57:29 ----D---- C:\Program Files\AVG
2008-10-23 09:57:29 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-23 09:45:05 ----D---- C:\WINDOWS\Prefetch
2008-10-23 09:37:04 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-10-23 09:37:04 ----A---- C:\WINDOWS\setuplog.txt
2008-10-23 09:36:17 ----N---- C:\WINDOWS\system32\spiisupd.exe
2008-10-23 09:36:17 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-10-23 09:36:17 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\encapi.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\dsprpres.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\d3d9.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\btpanui.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\bthserv.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\bthci.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\auditusr.exe
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\mssap.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\msftedit.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\msdadiag.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\ieencode.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\httpapi.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\hccoin.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fwcfg.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fltmc.exe
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fltlib.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\encdec.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\xmlprov.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\wshbth.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\wscsvc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\wscntfy.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\winshfhc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\winbrand.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\w3ssl.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\twext.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\strmfilt.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\sbeio.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\sbe.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2psvc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2p.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\slrundll.exe
2008-10-23 09:36:10 ----D---- C:\WINDOWS\peernet
2008-10-23 09:36:09 ----D---- C:\WINDOWS\provisioning
2008-10-23 09:34:11 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-23 09:32:37 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2008-10-23 09:32:05 ----A---- C:\WINDOWS\002407_.tmp
2008-10-23 09:31:40 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-10-23 09:29:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-23 09:29:52 ----D---- C:\WINDOWS\EHome
2008-10-23 08:50:35 ----A---- C:\WINDOWS\imsins.BAK
2008-10-23 08:50:26 ----HDC---- C:\WINDOWS\$NtUninstallKB833407$
2008-10-23 08:50:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-22 11:19:08 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-10-22 11:18:48 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-22 11:18:48 ----D---- C:\Documents and Settings\CChandler\Application Data\SUPERAntiSpyware.com
2008-10-22 11:18:11 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-21 23:53:55 ----A---- C:\WINDOWS\OEWABLog.txt
2008-10-04 20:37:14 ----D---- C:\Documents and Settings\CChandler\Application Data\Apple Computer
2008-10-01 22:32:16 ----D---- C:\Program Files\Delta

======List of files/folders modified in the last 3 months======

2008-10-23 12:09:29 ----RD---- C:\Program Files
2008-10-23 12:08:36 ----D---- C:\WINDOWS
2008-10-23 12:04:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-23 11:43:20 ----D---- C:\Program Files\Mozilla Firefox
2008-10-23 10:50:41 ----D---- C:\WINDOWS\Temp
2008-10-23 09:57:47 ----D---- C:\WINDOWS\system32
2008-10-23 09:57:41 ----D---- C:\WINDOWS\system32\drivers
2008-10-23 09:57:29 ----SHD---- C:\WINDOWS\Installer
2008-10-23 09:57:28 ----D---- C:\WINDOWS\WinSxS
2008-10-23 09:57:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-23 09:57:12 ----SD---- C:\Documents and Settings\CChandler\Application Data\Microsoft
2008-10-23 09:52:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-23 09:51:53 ----D---- C:\WINDOWS\Debug
2008-10-23 09:51:14 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-23 09:50:25 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-23 09:50:22 ----D---- C:\WINDOWS\system32\wbem
2008-10-23 09:50:20 ----HD---- C:\WINDOWS\inf
2008-10-23 09:44:26 ----SHD---- C:\System Volume Information
2008-10-23 09:44:12 ----RSD---- C:\WINDOWS\Fonts
2008-10-23 09:44:12 ----D---- C:\WINDOWS\ime
2008-10-23 09:44:12 ----D---- C:\WINDOWS\AppPatch
2008-10-23 09:39:43 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-23 09:37:05 ----RASH---- C:\boot.ini
2008-10-23 09:36:22 ----D---- C:\Program Files\Messenger
2008-10-23 09:36:17 ----D---- C:\WINDOWS\system32\Setup
2008-10-23 09:36:17 ----D---- C:\WINDOWS\Help
2008-10-23 09:36:11 ----D---- C:\WINDOWS\system32\oobe
2008-10-23 09:36:11 ----D---- C:\Program Files\Windows Media Player
2008-10-23 09:36:10 ----D---- C:\Program Files\Movie Maker
2008-10-23 09:36:10 ----D---- C:\Program Files\Internet Explorer
2008-10-23 09:36:09 ----D---- C:\WINDOWS\Media
2008-10-23 09:33:56 ----D---- C:\WINDOWS\system32\Restore
2008-10-23 09:33:56 ----D---- C:\WINDOWS\system32\npp
2008-10-23 09:33:56 ----D---- C:\WINDOWS\msagent
2008-10-23 09:33:54 ----D---- C:\WINDOWS\srchasst
2008-10-23 09:33:53 ----D---- C:\Program Files\NetMeeting
2008-10-23 09:33:52 ----D---- C:\WINDOWS\system32\Com
2008-10-23 09:33:49 ----D---- C:\Program Files\Windows NT
2008-10-23 09:33:49 ----D---- C:\Program Files\Outlook Express
2008-10-23 09:33:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-23 09:33:45 ----D---- C:\Program Files\Common Files\System
2008-10-23 09:33:35 ----D---- C:\WINDOWS\system32\usmt
2008-10-23 09:33:34 ----D---- C:\WINDOWS\system
2008-10-23 09:32:37 ----RD---- C:\WINDOWS\Web
2008-10-23 09:32:28 ----RASH---- C:\NTDETECT.COM
2008-10-23 09:32:09 ----D---- C:\WINDOWS\security
2008-10-22 11:18:11 ----D---- C:\Program Files\Common Files
2008-10-21 23:53:19 ----D---- C:\Documents and Settings
2008-10-21 08:47:18 ----D---- C:\Program Files\Dl_cats
2008-10-07 14:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-04 20:27:51 ----D---- C:\Documents and Settings\CChandler\Application Data\Azureus
2008-10-04 20:02:31 ----D---- C:\Documents and Settings\CChandler\Application Data\LimeWire
2008-09-14 20:18:31 ----D---- C:\Program Files\Citrix
2008-09-05 22:50:22 ----SD---- C:\WINDOWS\Tasks
2008-08-03 19:36:31 ----D---- C:\Program Files\PokerStars.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-03 37376]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-10-23 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-10-23 26824]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\System32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-03-24 47360]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\System32\DRIVERS\point32.sys [2003-05-15 19072]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2004-03-02 167040]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 aade00vk;aade00vk; C:\WINDOWS\system32\drivers\aade00vk.sys []
S3 AR5523;NETGEAR WG111T USB2.0 Wireless Card Service; C:\WINDOWS\System32\DRIVERS\WG11TND5.sys [2005-09-05 362944]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-23 231704]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-06-20 53248]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
S3 dlcc_device;dlcc_device; C:\WINDOWS\System32\dlcccoms.exe [2005-06-21 491520]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

 

Hi
OK, please make sure you follow my instructions exactly.
I asked you to install SP1 not SP2,
This could have caused problems if you had been infected with some types of malware.
So please follow my instrctions as given.
Thanks.


Open “Notepad” Copy the contents of the code box below to the blank Notepad.
Click "File" > "Save as "
In the "Save In" box at the top click the down arrow and select DeskTop

In the “File name” type in: fix.reg
In the “Save As Type” select: All Files
Once saved, Go to your desktop double click “fix.reg file” and let it merge with the registry.

Code:

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
 "{F28439F2-4996-41B8-8BD0-22789780DE81} "=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
 "{F28439F2-4996-41B8-8BD0-22789780DE81} "=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] 

Using Windows Explorer (to get there right-click your Start button and go to "Explore "), please delete these files (if present):

C:\WINDOWS\system32\drivers\aade00vk.sys

Empty your recycle bin.

After that please reboot

HJT did not run with RSIT, did you block RSIT from accessing the internet while it ran?
It normally will access the internet and download and install HJT and run a scan, if it trys on the next run please let it do so..

Please post a new RSIT log.

Thanks
Geri

 

First of all, thank you for your all of your help and patience. I thought that I already had SP1.

I followed your directions (aade00vk.sys was not present) and here is the new log file.

Logfile of random's system information tool 1.04 (written by random/random)
Run by CChandler at 2008-10-23 23:41:08
Microsoft Windows XP Professional Service Pack 3
System drive C: has 60 GB (83%) free of 73 GB
Total RAM: 1503 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:41:09 PM, on 10/23/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\CChandler\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\CChandler.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe "
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\System32\dlcccoms.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

--
End of file - 4003 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-23 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15 440056]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint "=C:\Program Files\Microsoft IntelliPoint\point32.exe [2003-05-15 163840]
"AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-23 1235736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= "avgrsstx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{F28439F2-4996-41B8-8BD0-22789780DE81} "= []
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\AVG\AVG8\avgupd.exe "= "C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "
"C:\Program Files\AVG\AVG8\avgui.exe "= "C:\Program Files\AVG\AVG8\avgui.exe:*:Enabled:AVG Free User Interface "
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe "= "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware "
"C:\Program Files\CCleaner\CCleaner.exe "= "C:\Program Files\CCleaner\CCleaner.exe:*:Enabled:CCleaner "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\trend micro\HijackThis\HijackThis.exe "= "C:\Program Files\trend micro\HijackThis\HijackThis.exe:*:Enabled:HijackThis "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ffdb73-1f24-11db-8143-806d6172696f}]
shell\AutoRun\command - E:\Info.exe folder.htt 480 480


======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1 "

======List of files/folders created in the last 3 months======

2008-10-23 21:04:38 ----D---- C:\WINDOWS\Prefetch
2008-10-23 20:36:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-23 20:36:54 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-23 20:36:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-23 20:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-23 20:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-23 20:36:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-23 20:36:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-23 20:36:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-23 20:36:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-23 20:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-23 20:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-23 20:35:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-23 20:35:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-23 20:35:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-23 20:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-23 20:35:22 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-23 20:30:52 ----D---- C:\WINDOWS\system32\scripting
2008-10-23 20:30:52 ----D---- C:\WINDOWS\system32\en-us
2008-10-23 20:30:51 ----D---- C:\WINDOWS\system32\en
2008-10-23 20:30:51 ----D---- C:\WINDOWS\l2schemas
2008-10-23 20:27:41 ----D---- C:\WINDOWS\network diagnostic
2008-10-23 19:53:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-10-23 19:53:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-10-23 19:53:34 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-10-23 19:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-10-23 17:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-23 17:50:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-10-23 17:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-10-23 17:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-10-23 17:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-10-23 17:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-10-23 17:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-10-23 17:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-10-23 17:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-10-23 17:49:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-10-23 17:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-10-23 17:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-10-23 17:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-10-23 17:48:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-10-23 17:48:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-10-23 17:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-10-23 17:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956390_0$
2008-10-23 17:47:40 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-10-23 17:47:28 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-10-23 17:34:15 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-10-23 17:34:14 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-23 17:34:13 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-23 17:34:12 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-23 17:34:12 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-23 17:34:10 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-10-23 17:34:09 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-23 17:34:09 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-23 17:33:57 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-23 17:33:56 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-23 17:33:55 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-23 17:33:55 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-23 17:33:54 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-23 17:33:54 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-23 17:33:54 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-23 17:33:53 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-23 17:33:53 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-10-23 17:33:47 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-23 17:33:47 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-23 17:33:38 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-23 17:33:38 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-23 17:33:38 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-23 17:33:38 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-23 17:33:27 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-10-23 17:33:27 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-10-23 17:33:22 ----A---- C:\WINDOWS\005539_.tmp
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-23 17:33:19 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-23 17:33:19 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-23 17:33:18 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-23 17:33:17 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-23 17:33:14 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-23 17:33:14 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-23 17:33:12 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-10-23 17:18:22 ----D---- C:\WINDOWS\system32\PreInstall
2008-10-23 17:18:20 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-10-23 17:18:20 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-23 12:09:29 ----D---- C:\rsit
2008-10-23 12:09:29 ----D---- C:\Program Files\trend micro
2008-10-23 09:57:47 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-10-23 09:57:29 ----D---- C:\Program Files\AVG
2008-10-23 09:57:29 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-23 09:37:04 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-10-23 09:37:04 ----A---- C:\WINDOWS\setuplog.txt
2008-10-23 09:36:17 ----N---- C:\WINDOWS\system32\spiisupd.exe
2008-10-23 09:36:17 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-10-23 09:36:17 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\encapi.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\dsprpres.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\d3d9.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\btpanui.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\bthserv.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\bthci.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\auditusr.exe
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\mssap.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\msftedit.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\msdadiag.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\ieencode.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\httpapi.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\hccoin.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fwcfg.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fltmc.exe
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fltlib.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\encdec.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\xmlprov.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\wshbth.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\wscntfy.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\winshfhc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\winbrand.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\w3ssl.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\twext.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\strmfilt.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\sbeio.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\sbe.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2psvc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2p.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\slrundll.exe
2008-10-23 09:36:11 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-10-23 09:36:10 ----D---- C:\WINDOWS\peernet
2008-10-23 09:36:09 ----D---- C:\WINDOWS\provisioning
2008-10-23 09:34:11 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-23 09:32:37 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2008-10-23 09:32:05 ----A---- C:\WINDOWS\002407_.tmp
2008-10-23 09:31:40 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-10-23 09:29:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-23 09:29:52 ----D---- C:\WINDOWS\EHome
2008-10-23 08:50:26 ----HDC---- C:\WINDOWS\$NtUninstallKB833407$
2008-10-23 08:50:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-22 11:19:08 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-10-22 11:18:48 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-22 11:18:48 ----D---- C:\Documents and Settings\CChandler\Application Data\SUPERAntiSpyware.com
2008-10-22 11:18:11 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-21 23:53:55 ----A---- C:\WINDOWS\OEWABLog.txt
2008-10-04 20:37:14 ----D---- C:\Documents and Settings\CChandler\Application Data\Apple Computer
2008-10-01 22:32:16 ----D---- C:\Program Files\Delta
2008-09-05 23:30:42 ----N---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 23:30:06 ----N---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-05 23:29:58 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-08-19 04:20:32 ----N---- C:\WINDOWS\system32\xpsp3res.dll

======List of files/folders modified in the last 3 months======

2008-10-23 23:34:36 ----D---- C:\Program Files\Mozilla Firefox
2008-10-23 23:26:45 ----D---- C:\WINDOWS\Temp
2008-10-23 23:26:33 ----D---- C:\WINDOWS
2008-10-23 23:24:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-23 21:07:29 ----D---- C:\WINDOWS\system32
2008-10-23 21:07:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-23 21:06:17 ----SHD---- C:\WINDOWS\Installer
2008-10-23 21:05:29 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-23 21:03:47 ----D---- C:\WINDOWS\system32\Setup
2008-10-23 21:03:47 ----D---- C:\WINDOWS\ime
2008-10-23 21:03:46 ----RSD---- C:\WINDOWS\Fonts
2008-10-23 21:03:46 ----D---- C:\WINDOWS\system32\wbem
2008-10-23 21:03:46 ----D---- C:\WINDOWS\AppPatch
2008-10-23 21:03:44 ----D---- C:\WINDOWS\system32\drivers
2008-10-23 21:02:45 ----D---- C:\WINDOWS\security
2008-10-23 20:37:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-23 20:37:01 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-23 20:36:59 ----HD---- C:\WINDOWS\inf
2008-10-23 20:35:28 ----D---- C:\Program Files\Messenger
2008-10-23 20:31:06 ----D---- C:\WINDOWS\WinSxS
2008-10-23 20:30:58 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-23 20:30:58 ----D---- C:\WINDOWS\Help
2008-10-23 20:30:52 ----D---- C:\WINDOWS\system32\usmt
2008-10-23 20:30:51 ----D---- C:\WINDOWS\system32\bits
2008-10-23 20:30:51 ----D---- C:\Program Files\Movie Maker
2008-10-23 20:30:51 ----D---- C:\Program Files\Internet Explorer
2008-10-23 20:29:08 ----D---- C:\WINDOWS\system32\Restore
2008-10-23 20:29:08 ----D---- C:\WINDOWS\system32\npp
2008-10-23 20:29:07 ----D---- C:\WINDOWS\msagent
2008-10-23 20:29:06 ----D---- C:\WINDOWS\srchasst
2008-10-23 20:29:06 ----D---- C:\Program Files\NetMeeting
2008-10-23 20:29:05 ----D---- C:\WINDOWS\system32\Com
2008-10-23 20:29:03 ----D---- C:\Program Files\Windows NT
2008-10-23 20:29:03 ----D---- C:\Program Files\Windows Media Player
2008-10-23 20:29:03 ----D---- C:\Program Files\Outlook Express
2008-10-23 20:29:00 ----D---- C:\Program Files\Common Files\System
2008-10-23 20:28:48 ----D---- C:\WINDOWS\system32\oobe
2008-10-23 20:28:47 ----D---- C:\WINDOWS\system
2008-10-23 17:20:51 ----D---- C:\WINDOWS\Debug
2008-10-23 12:09:29 ----RD---- C:\Program Files
2008-10-23 09:57:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-23 09:57:12 ----SD---- C:\Documents and Settings\CChandler\Application Data\Microsoft
2008-10-23 09:44:26 ----SHD---- C:\System Volume Information
2008-10-23 09:37:05 ----RASH---- C:\boot.ini
2008-10-23 09:36:09 ----D---- C:\WINDOWS\Media
2008-10-23 09:32:37 ----RD---- C:\WINDOWS\Web
2008-10-23 09:32:28 ----RASH---- C:\NTDETECT.COM
2008-10-22 11:18:11 ----D---- C:\Program Files\Common Files
2008-10-21 23:53:19 ----D---- C:\Documents and Settings
2008-10-21 08:47:18 ----D---- C:\Program Files\Dl_cats
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-07 14:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-04 20:27:51 ----D---- C:\Documents and Settings\CChandler\Application Data\Azureus
2008-10-04 20:02:31 ----D---- C:\Documents and Settings\CChandler\Application Data\LimeWire
2008-09-14 20:18:31 ----D---- C:\Program Files\Citrix
2008-09-05 22:50:22 ----SD---- C:\WINDOWS\Tasks
2008-08-20 00:30:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-20 00:30:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-14 05:11:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 04:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-03 19:36:31 ----D---- C:\Program Files\PokerStars.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-10-23 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-10-23 26824]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\System32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-03-24 47360]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\System32\DRIVERS\point32.sys [2003-05-15 19072]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2004-03-02 167040]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 AR5523;NETGEAR WG111T USB2.0 Wireless Card Service; C:\WINDOWS\System32\DRIVERS\WG11TND5.sys [2005-09-05 362944]
S3 atuhyt4v;atuhyt4v; C:\WINDOWS\system32\drivers\atuhyt4v.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-23 231704]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-06-20 53248]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
S3 dlcc_device;dlcc_device; C:\WINDOWS\System32\dlcccoms.exe [2005-06-21 491520]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

 

Hi
OK lets try this again.
Delete the fix.reg file you have on your Desktop.

Open “Notepad” Copy the contents of the code box below to the blank Notepad.
Click "File" > "Save as "
In the "Save In" box at the top click the down arrow and select DeskTop

In the “File name” type in: fix.reg
In the “Save As Type” select: All Files
Once saved, Go to your desktop double click “fix.reg file” and let it merge with the registry.

Code:

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
 "{F28439F2-4996-41B8-8BD0-22789780DE81} "=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98ffdb73-1f24-11db-8143-806d6172696f}] 

Please post a new RSIT log.

Thanks
Geri

 

Logfile of random's system information tool 1.04 (written by random/random)
Run by CChandler at 2008-10-26 22:25:35
Microsoft Windows XP Professional Service Pack 3
System drive C: has 60 GB (83%) free of 73 GB
Total RAM: 1503 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:25:38 PM, on 10/26/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Documents and Settings\CChandler\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\CChandler.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe "
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01016526-5E80-11D8-9E86-0007E96C65AE} (SmartAccess Ctl Class) - https://install.charter.com/diskless/bin/ssctlsma.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\System32\dlcccoms.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

--
End of file - 4151 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-23 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll [2006-12-15 440056]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint "=C:\Program Files\Microsoft IntelliPoint\point32.exe [2003-05-15 163840]
"AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-23 1235736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= "avgrsstx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\AVG\AVG8\avgupd.exe "= "C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "
"C:\Program Files\AVG\AVG8\avgui.exe "= "C:\Program Files\AVG\AVG8\avgui.exe:*:Enabled:AVG Free User Interface "
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe "= "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware "
"C:\Program Files\CCleaner\CCleaner.exe "= "C:\Program Files\CCleaner\CCleaner.exe:*:Enabled:CCleaner "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\trend micro\HijackThis\HijackThis.exe "= "C:\Program Files\trend micro\HijackThis\HijackThis.exe:*:Enabled:HijackThis "
"C:\Program Files\Azureus\Azureus.exe "= "C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1 "

======List of files/folders created in the last 3 months======

2008-10-24 15:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-10-24 07:40:54 ----HD---- C:\$AVG8.VAULT$
2008-10-23 21:04:38 ----D---- C:\WINDOWS\Prefetch
2008-10-23 20:36:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-23 20:36:54 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-23 20:36:40 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-23 20:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-23 20:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-23 20:36:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-23 20:36:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-10-23 20:36:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-10-23 20:36:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-23 20:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-10-23 20:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-10-23 20:35:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-10-23 20:35:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-10-23 20:35:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-10-23 20:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-10-23 20:35:22 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-23 20:30:52 ----D---- C:\WINDOWS\system32\scripting
2008-10-23 20:30:52 ----D---- C:\WINDOWS\system32\en-us
2008-10-23 20:30:51 ----D---- C:\WINDOWS\system32\en
2008-10-23 20:30:51 ----D---- C:\WINDOWS\l2schemas
2008-10-23 20:27:41 ----D---- C:\WINDOWS\network diagnostic
2008-10-23 19:53:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-10-23 19:53:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-10-23 19:53:34 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-10-23 19:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-10-23 17:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-23 17:50:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-10-23 17:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-10-23 17:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-10-23 17:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-10-23 17:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-10-23 17:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-10-23 17:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-10-23 17:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-10-23 17:49:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-10-23 17:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-10-23 17:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-10-23 17:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-10-23 17:48:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-10-23 17:48:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-10-23 17:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-10-23 17:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956390_0$
2008-10-23 17:47:40 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-10-23 17:47:28 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-10-23 17:34:15 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-10-23 17:34:14 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-23 17:34:13 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-23 17:34:12 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-23 17:34:12 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-23 17:34:10 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-10-23 17:34:09 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-23 17:34:09 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-23 17:33:57 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-23 17:33:56 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-23 17:33:55 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-23 17:33:55 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-23 17:33:54 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-23 17:33:54 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-23 17:33:54 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-23 17:33:53 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-23 17:33:53 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-23 17:33:48 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-10-23 17:33:47 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-23 17:33:47 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-23 17:33:38 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-23 17:33:38 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-23 17:33:38 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-23 17:33:38 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-23 17:33:32 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-23 17:33:27 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-10-23 17:33:27 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-10-23 17:33:22 ----A---- C:\WINDOWS\005539_.tmp
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-23 17:33:21 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-23 17:33:20 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-23 17:33:19 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-23 17:33:19 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-23 17:33:18 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-23 17:33:17 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-23 17:33:14 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-23 17:33:14 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-23 17:33:12 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-10-23 17:18:22 ----D---- C:\WINDOWS\system32\PreInstall
2008-10-23 17:18:20 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-10-23 17:18:20 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-23 12:09:29 ----D---- C:\rsit
2008-10-23 12:09:29 ----D---- C:\Program Files\trend micro
2008-10-23 09:57:47 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-10-23 09:57:29 ----D---- C:\Program Files\AVG
2008-10-23 09:57:29 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-23 09:37:04 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-10-23 09:37:04 ----A---- C:\WINDOWS\setuplog.txt
2008-10-23 09:36:17 ----N---- C:\WINDOWS\system32\spiisupd.exe
2008-10-23 09:36:17 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-10-23 09:36:17 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\encapi.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\dsprpres.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\d3d9.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\btpanui.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\bthserv.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\bthci.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\blastcln.exe
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\auditusr.exe
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-23 09:36:13 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\mssap.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\msftedit.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\msdadiag.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdukx.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdno1.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdinben.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\ieencode.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\httpapi.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\hccoin.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fwcfg.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fltmc.exe
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\fltlib.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-10-23 09:36:12 ----N---- C:\WINDOWS\system32\encdec.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\xmlprov.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\wshbth.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\wscntfy.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\winshfhc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\winbrand.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\w3ssl.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\twext.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\strmfilt.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\sbeio.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\sbe.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2psvc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\p2p.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-10-23 09:36:11 ----N---- C:\WINDOWS\slrundll.exe
2008-10-23 09:36:11 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-10-23 09:36:10 ----D---- C:\WINDOWS\peernet
2008-10-23 09:36:09 ----D---- C:\WINDOWS\provisioning
2008-10-23 09:34:11 ----D---- C:\WINDOWS\ServicePackFiles
2008-10-23 09:32:37 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2008-10-23 09:32:05 ----A---- C:\WINDOWS\002407_.tmp
2008-10-23 09:31:40 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-10-23 09:29:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-23 09:29:52 ----D---- C:\WINDOWS\EHome
2008-10-23 08:50:35 ----A---- C:\WINDOWS\imsins.BAK
2008-10-23 08:50:26 ----HDC---- C:\WINDOWS\$NtUninstallKB833407$
2008-10-23 08:50:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-22 11:19:08 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-10-22 11:18:48 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-22 11:18:48 ----D---- C:\Documents and Settings\CChandler\Application Data\SUPERAntiSpyware.com
2008-10-22 11:18:11 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-21 23:53:55 ----A---- C:\WINDOWS\OEWABLog.txt
2008-10-04 20:37:14 ----D---- C:\Documents and Settings\CChandler\Application Data\Apple Computer
2008-10-01 22:32:16 ----D---- C:\Program Files\Delta
2008-09-05 23:30:42 ----N---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 23:30:06 ----N---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-05 23:29:58 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-08-19 04:20:32 ----N---- C:\WINDOWS\system32\xpsp3res.dll

======List of files/folders modified in the last 3 months======

2008-10-26 22:14:05 ----D---- C:\Program Files\Mozilla Firefox
2008-10-26 22:13:31 ----D---- C:\WINDOWS\Temp
2008-10-24 17:36:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-24 17:34:50 ----D---- C:\WINDOWS
2008-10-24 15:46:57 ----HD---- C:\WINDOWS\inf
2008-10-24 15:46:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-24 15:46:53 ----D---- C:\WINDOWS\system32
2008-10-24 12:47:06 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-24 12:11:10 ----D---- C:\Documents and Settings\CChandler\Application Data\Azureus
2008-10-24 11:42:56 ----D---- C:\Documents and Settings\CChandler\Application Data\LimeWire
2008-10-23 21:07:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-23 21:06:17 ----SHD---- C:\WINDOWS\Installer
2008-10-23 21:03:47 ----D---- C:\WINDOWS\system32\Setup
2008-10-23 21:03:47 ----D---- C:\WINDOWS\ime
2008-10-23 21:03:46 ----RSD---- C:\WINDOWS\Fonts
2008-10-23 21:03:46 ----D---- C:\WINDOWS\system32\wbem
2008-10-23 21:03:46 ----D---- C:\WINDOWS\AppPatch
2008-10-23 21:03:44 ----D---- C:\WINDOWS\system32\drivers
2008-10-23 21:02:45 ----D---- C:\WINDOWS\security
2008-10-23 20:37:01 ----D---- C:\WINDOWS\system32\CatRoot
2008-10-23 20:35:28 ----D---- C:\Program Files\Messenger
2008-10-23 20:31:06 ----D---- C:\WINDOWS\WinSxS
2008-10-23 20:30:58 ----D---- C:\WINDOWS\system32\inetsrv
2008-10-23 20:30:58 ----D---- C:\WINDOWS\Help
2008-10-23 20:30:52 ----D---- C:\WINDOWS\system32\usmt
2008-10-23 20:30:51 ----D---- C:\WINDOWS\system32\bits
2008-10-23 20:30:51 ----D---- C:\Program Files\Movie Maker
2008-10-23 20:30:51 ----D---- C:\Program Files\Internet Explorer
2008-10-23 20:29:08 ----D---- C:\WINDOWS\system32\Restore
2008-10-23 20:29:08 ----D---- C:\WINDOWS\system32\npp
2008-10-23 20:29:07 ----D---- C:\WINDOWS\msagent
2008-10-23 20:29:06 ----D---- C:\WINDOWS\srchasst
2008-10-23 20:29:06 ----D---- C:\Program Files\NetMeeting
2008-10-23 20:29:05 ----D---- C:\WINDOWS\system32\Com
2008-10-23 20:29:03 ----D---- C:\Program Files\Windows NT
2008-10-23 20:29:03 ----D---- C:\Program Files\Windows Media Player
2008-10-23 20:29:03 ----D---- C:\Program Files\Outlook Express
2008-10-23 20:29:00 ----D---- C:\Program Files\Common Files\System
2008-10-23 20:28:48 ----D---- C:\WINDOWS\system32\oobe
2008-10-23 20:28:47 ----D---- C:\WINDOWS\system
2008-10-23 17:20:51 ----D---- C:\WINDOWS\Debug
2008-10-23 12:09:29 ----RD---- C:\Program Files
2008-10-23 09:57:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-10-23 09:57:12 ----SD---- C:\Documents and Settings\CChandler\Application Data\Microsoft
2008-10-23 09:44:26 ----SHD---- C:\System Volume Information
2008-10-23 09:37:05 ----RASH---- C:\boot.ini
2008-10-23 09:36:09 ----D---- C:\WINDOWS\Media
2008-10-23 09:32:37 ----RD---- C:\WINDOWS\Web
2008-10-23 09:32:28 ----RASH---- C:\NTDETECT.COM
2008-10-22 11:18:11 ----D---- C:\Program Files\Common Files
2008-10-21 23:53:19 ----D---- C:\Documents and Settings
2008-10-21 08:47:18 ----D---- C:\Program Files\Dl_cats
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-07 14:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-09-14 20:18:31 ----D---- C:\Program Files\Citrix
2008-09-05 22:50:22 ----SD---- C:\WINDOWS\Tasks
2008-08-20 00:30:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-20 00:30:52 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-20 00:30:51 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-08-14 05:11:02 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 04:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-03 19:36:31 ----D---- C:\Program Files\PokerStars.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-10-23 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-10-23 26824]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\System32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2005-07-07 1389056]
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-03-24 47360]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\System32\DRIVERS\point32.sys [2003-05-15 19072]
R3 S3Psddr;S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [2004-03-02 167040]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ahg0otti;ahg0otti; C:\WINDOWS\system32\drivers\ahg0otti.sys []
S3 AR5523;NETGEAR WG111T USB2.0 Wireless Card Service; C:\WINDOWS\System32\DRIVERS\WG11TND5.sys [2005-09-05 362944]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-23 231704]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-06-20 53248]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
S3 dlcc_device;dlcc_device; C:\WINDOWS\System32\dlcccoms.exe [2005-06-21 491520]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

 

Hi
Ok looks good.

Please do this.

Your Java is out of date and needs updating.

Please download JavaRa and save the file to your desktop.

• Right click and Extract All
• Once extracted, open and run JavaRa.exe
• Click Search For Updates
• Select Update Using jucheck.exe
• Click Search
• If a newer version is found, allow it to be installed
• Uncheck the Google Toolbar option. (if you don't want the Google tool bar)
• When complete, click Remove Older Versions in the JavaRa interface and allow it to proceed
• When that is complete, click Additional Tasks, then select Remove Useless JRE Files and click Go
• Exit the tool when complete.

Read and then You can delete the gpl-2.0.txt file.

Now lets get a on line scan.

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Now the scan.

Please do an online scan with Kaspersky WebScanner

Click on “Accept” If your pop –up blocker blocks any windows from opening.

Click Run on the window that opens.
Windows Vista users you must open the web browser using the Run as Administrator command.

• The program will launch and then begin downloading the latest definition files:
• Under Scan on the left side.Click on My Computer
• This will start the program and scan your system.
• Click the “Scan Report” On the left side.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Click the Save Report As button, and in the Browse dialog box, type a name for the scan report file that you want to create and select its type Text file. Click OK to save the file.:
• Save the text file to your desktop.
• Copy and paste that information in your next post.

Please post the Kaspersky results.

Thanks
Geri

 

I was able to update java and run ATF cleaner but I can't access Kaspersky's web site. It is one of the sites that is blocked. I checked my hosts file and it is normal. Any ideas?

 

Hi

What message do you get when you try to go there?

Lets try Panda.

Please go HERE to run Panda's ActiveScan

• Once you are on the Panda site click the Scan your PC button
• A new window will open...click the Check Now button
• Enter your Country
• Enter your State/Province
• Enter your e-mail address and click send
• Select either Home User or Company
• Click the big Scan Now button
• If it wants to install an ActiveX component allow it
• It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
• When download is complete, click on My Computer to start the scan
• When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report

Thanks
Geri

 

I can't connect to either site. When I ping kaspersky.com or pandasoftware.com I get a reply from 127.0.0.1.

When I try to go directly to the site I get this message: Failed to Connect. Firefox can't establish a connection to the server at www.pandasoftware.com.

 

Hi
Ok I see that you say you have Malwarebytes AntiMalware and have ran it.

Please open MBAM again and Update the the files, Run MBAM again and post the log.

Thanks
Geri

 

Here is the new log:

Malwarebytes' Anti-Malware 1.19
Database version: 920
Windows 5.1.2600 Service Pack 3

11:57:14 AM 10/30/2008
mbam-log-10-30-2008 (11-57-14).txt

Scan type: Full Scan (C:\|)
Objects scanned: 84617
Time elapsed: 26 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

Hi
Do you have Internet Explorer? Can you get there using it and not Firefox?

 

I have IE and Firefox, the sites are blocked from both. I'm blocked from AVG updates and Microsoft as well.

 

Hi
OK please try this.

Download ComboFix from Here to your Desktop.

It's best to disable realtime protection applications as they sometimes interfere with the tool.
Check this link for any applicable programs you may have.

• Close all open programs and windows
• Double click combofix.exe and follow the prompts.
• Vista users right click Combofix.exe and select Run As Administrator.
• When finished, it shall produce a log for you. Post the Combofix log

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

**NOTE - Allow ComboFix to update if prompted.

Note - ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note - Combofix makes some changes when run to prevent autorun/autoplay of ALL CDs, floppies and USB devices, to assist with malware removal & increase security. If this is an issue or makes it difficult for you to use those devices, please ask how to reset it.

Thanks