Internet explorer redirected

[mopy]

Sorry forgot the report.

   --------------------\\  Lop S&D 4.2.5-0   XP/Vista

   Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3500+ )
   BIOS : Phoenix - AwardBIOS v6.00PG
   USER : User ( Administrator )
   BOOT : Normal boot
   Antivirus : AVG Anti-Virus 8.5 (Not Activated)
   A:\ (USB)
   C:\ (Local Disk) - NTFS - Total:87 Go (Free:25 Go)
   D:\ (CD or DVD)
   E:\ (CD or DVD)
   F:\ (USB)
   G:\ (USB)
   H:\ (Local Disk) - NTFS - Total:98 Go (Free:85 Go)

   "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
   Option : [2] ( 01/06/2009|21:02 )

 
   \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 
   --------------------\\  Listing folders in APPLIC~1

   [06/04/2007|17:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

   [09/04/2009|17:42] C:\DOCUME~1\ADMINI~1.BAS\APPLIC~1\Microsoft
   [04/11/2008|21:12] C:\DOCUME~1\ADMINI~1.BAS\APPLIC~1\Spearit
   [04/10/2008|13:18] C:\DOCUME~1\ADMINI~1.BAS\APPLIC~1\WinCare2008


   [12/05/2007|16:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\4p-r9-67-55-p3-26
   [18/08/2007|09:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\55-66-54-16-s6-0o
   [12/05/2007|20:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\96-05-46-2p-3p-r9
   [16/05/2007|19:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems
   [14/05/2009|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [06/04/2007|10:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
   [21/04/2008|20:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ahead
   [11/05/2007|17:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
   [28/03/2009|22:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avanquest
   [30/05/2009|14:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
   [22/06/2008|17:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
   [28/03/2009|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
   [22/04/2007|07:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
   [21/10/2008|06:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Documents
   [29/02/2008|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
   [11/11/2008|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD X Studios
   [15/01/2008|19:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
   [31/10/2008|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [02/09/2008|17:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Hewlett-Packard
   [31/10/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
   [31/10/2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP Product Assistant
   [31/10/2008|09:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HPSSUPPLY
   [10/05/2007|21:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\JollyBear
   [01/06/2009|21:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kontiki
   [30/05/2009|16:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
   [27/07/2007|05:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft(2)
   [30/05/2009|21:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
   [09/01/2009|22:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Memory-Map-License
   [04/11/2008|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [21/04/2008|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
   [07/03/2009|17:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
   [14/05/2009|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS
   [05/04/2007|20:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
   [12/04/2007|20:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Quest
   [12/06/2008|19:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\RoboForm
   [10/12/2007|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Softdisk LLC
   [04/11/2008|21:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spearit
   [03/04/2009|19:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
   [14/02/2009|10:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [08/04/2008|19:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TreeCardGames
   [22/06/2008|10:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
   [22/06/2008|19:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
   [02/09/2008|19:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WEBREG
   [14/04/2007|07:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
   [17/12/2008|19:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
   [19/09/2008|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
   [11/11/2008|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\XOOM

   [16/05/2009|18:51] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
   [22/04/2008|19:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [04/11/2008|21:12] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Spearit

   [07/06/2008|21:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\Acronis
   [02/04/2008|05:53] C:\DOCUME~1\LOCALS~1\APPLIC~1\Adobe
   [30/05/2009|05:51] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
   [09/04/2009|17:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [09/04/2009|17:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

   [11/05/2007|17:34] C:\DOCUME~1\User\APPLIC~1\ACD Systems
   [14/05/2009|18:38] C:\DOCUME~1\User\APPLIC~1\Adobe
   [16/08/2007|17:34] C:\DOCUME~1\User\APPLIC~1\AdobeUM
   [07/04/2007|08:48] C:\DOCUME~1\User\APPLIC~1\Ahead
   [18/11/2007|15:38] C:\DOCUME~1\User\APPLIC~1\Alien Skin
   [15/08/2007|16:45] C:\DOCUME~1\User\APPLIC~1\Andrex Puppy
   [25/05/2007|07:03] C:\DOCUME~1\User\APPLIC~1\Apple Computer
   [28/03/2009|22:02] C:\DOCUME~1\User\APPLIC~1\Avanquest
   [22/06/2008|17:16] C:\DOCUME~1\User\APPLIC~1\AVS4YOU
   [22/06/2008|18:07] C:\DOCUME~1\User\APPLIC~1\AVSMedia
   [22/04/2007|07:56] C:\DOCUME~1\User\APPLIC~1\CyberLink
   [19/08/2007|08:47] C:\DOCUME~1\User\APPLIC~1\DMCache
   [13/05/2007|17:50] C:\DOCUME~1\User\APPLIC~1\EPSON
   [29/03/2009|08:15] C:\DOCUME~1\User\APPLIC~1\EurekaLog
   [21/04/2007|09:05] C:\DOCUME~1\User\APPLIC~1\fltk.org
   [29/11/2007|18:19] C:\DOCUME~1\User\APPLIC~1\FontHit
   [29/03/2008|16:22] C:\DOCUME~1\User\APPLIC~1\GetRightToGo
   [05/04/2007|19:48] C:\DOCUME~1\User\APPLIC~1\Google
   [07/04/2007|18:33] C:\DOCUME~1\User\APPLIC~1\Help
   [06/03/2009|21:11] C:\DOCUME~1\User\APPLIC~1\HideIP
   [08/09/2008|17:23] C:\DOCUME~1\User\APPLIC~1\HP
   [02/09/2008|17:34] C:\DOCUME~1\User\APPLIC~1\HPAppData
   [02/04/2007|11:59] C:\DOCUME~1\User\APPLIC~1\Identities
   [07/04/2007|18:16] C:\DOCUME~1\User\APPLIC~1\ieSpell
   [31/08/2007|18:06] C:\DOCUME~1\User\APPLIC~1\InterTrust
   [06/04/2007|11:04] C:\DOCUME~1\User\APPLIC~1\IsolatedStorage
   [25/07/2007|18:26] C:\DOCUME~1\User\APPLIC~1\Lavasoft
   [06/01/2008|20:31] C:\DOCUME~1\User\APPLIC~1\LimeWire
   [12/08/2007|07:40] C:\DOCUME~1\User\APPLIC~1\LogicWeave Software
   [14/04/2007|18:43] C:\DOCUME~1\User\APPLIC~1\Macromedia
   [08/04/2008|19:40] C:\DOCUME~1\User\APPLIC~1\MahJong Suite
   [30/05/2009|21:10] C:\DOCUME~1\User\APPLIC~1\Malwarebytes
   [02/05/2009|21:38] C:\DOCUME~1\User\APPLIC~1\Microsoft
   [31/07/2007|21:08] C:\DOCUME~1\User\APPLIC~1\Mozilla
   [14/12/2007|23:26] C:\DOCUME~1\User\APPLIC~1\Nero
   [21/04/2007|21:32] C:\DOCUME~1\User\APPLIC~1\Opera
   [26/12/2007|13:14] C:\DOCUME~1\User\APPLIC~1\SecuROM
   [13/02/2009|19:08] C:\DOCUME~1\User\APPLIC~1\Simply Super Software
   [04/11/2008|21:12] C:\DOCUME~1\User\APPLIC~1\Spearit
   [02/08/2007|17:21] C:\DOCUME~1\User\APPLIC~1\Sun
   [10/05/2008|16:39] C:\DOCUME~1\User\APPLIC~1\SUPERAntiSpyware.com
   [03/04/2009|19:04] C:\DOCUME~1\User\APPLIC~1\Symantec
   [17/01/2009|17:53] C:\DOCUME~1\User\APPLIC~1\U3
   [25/06/2008|20:58] C:\DOCUME~1\User\APPLIC~1\Vso
   [27/07/2008|10:46] C:\DOCUME~1\User\APPLIC~1\WinCare2008
   [05/04/2007|19:28] C:\DOCUME~1\User\APPLIC~1\WinRAR
 
   --------------------\\  Scheduled Tasks located in C:\WINDOWS\Tasks

   [01/06/2009 11:01][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
   [01/06/2009 11:01][--ah-----] C:\WINDOWS\tasks\SA.DAT
   [28/02/2006 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

   --------------------\\  Listing Folders in C:\Program Files

   [01/02/2009|11:21] C:\Program Files\1 Click PC Fix
   [30/05/2009|07:31] C:\Program Files\A1Click Ultra PC Cleaner
   [14/05/2009|18:39] C:\Program Files\Adobe
   [01/06/2009|18:22] C:\Program Files\Advanced Diary
   [25/02/2009|18:53] C:\Program Files\AgataSoft
   [21/04/2008|21:00] C:\Program Files\Ahead
   [18/11/2007|15:25] C:\Program Files\Alien Skin
   [15/08/2007|16:44] C:\Program Files\Andrex Puppy
   [14/11/2007|22:28] C:\Program Files\Astro Gemini Software
   [02/02/2009|07:44] C:\Program Files\Atomic Clock Sync
   [18/02/2009|18:11] C:\Program Files\audiograbber
   [28/03/2009|21:56] C:\Program Files\Avanquest
   [31/08/2007|17:07] C:\Program Files\AvantGo Connect
   [23/11/2008|08:01] C:\Program Files\AVG
   [22/06/2008|18:40] C:\Program Files\AVSMedia
   [24/04/2007|07:36] C:\Program Files\Backup
   [27/07/2007|05:53] C:\Program Files\BearSharePro
   [01/05/2007|20:40] C:\Program Files\Bodrag
   [10/11/2007|23:21] C:\Program Files\Bonjour
   [30/05/2009|17:17] C:\Program Files\CCleaner
   [31/01/2009|08:36] C:\Program Files\Christmas Time 3D Screensaver
   [24/04/2007|07:49] C:\Program Files\cm2gpx
   [24/04/2007|07:49] C:\Program Files\CmConvert
   [14/05/2009|18:38] C:\Program Files\Common Files
   [02/04/2007|11:49] C:\Program Files\ComPlus Applications
   [24/04/2007|07:54] C:\Program Files\data
   [08/12/2008|19:13] C:\Program Files\Driver Checker
   [01/02/2009|21:33] C:\Program Files\Driver-Soft
   [04/08/2007|19:08] C:\Program Files\DVD Shrink
   [11/11/2008|17:54] C:\Program Files\DVD X Studios
   [04/04/2009|20:33] C:\Program Files\EASEUS
   [30/05/2009|17:14] C:\Program Files\Enigma Software Group
   [11/11/2007|22:05] C:\Program Files\Fantasy Moon 3D Screensaver
   [22/05/2009|21:20] C:\Program Files\File Renamer
   [29/11/2007|18:19] C:\Program Files\FontHit Software
   [12/05/2007|16:21] C:\Program Files\GameHouse
   [31/05/2009|15:19] C:\Program Files\GASK
   [19/04/2008|07:02] C:\Program Files\GetRight
   [31/05/2009|19:39] C:\Program Files\Google
   [17/08/2007|17:59] C:\Program Files\Grisoft
   [26/12/2007|13:14] C:\Program Files\Hasbro
   [31/10/2008|10:04] C:\Program Files\Hewlett-Packard
   [31/10/2008|09:35] C:\Program Files\HP
   [06/04/2007|18:11] C:\Program Files\ieSpell
   [09/01/2008|18:07] C:\Program Files\images
   [28/03/2009|21:57] C:\Program Files\InstallShield Installation Information
   [15/04/2009|22:06] C:\Program Files\Internet Explorer
   [19/10/2007|18:29] C:\Program Files\iPAQ Download Agent
   [19/10/2007|18:36] C:\Program Files\iTRIS
   [31/05/2009|06:50] C:\Program Files\Java
   [19/10/2007|18:38] C:\Program Files\JewelMine
   [18/04/2009|07:19] C:\Program Files\Jigsaw Puzzle Platinum Edition
   [19/10/2007|18:50] C:\Program Files\Kakuro
   [14/10/2008|20:54] C:\Program Files\Kontiki
   [27/11/2008|21:10] C:\Program Files\Lavalys
   [05/05/2008|21:32] C:\Program Files\LogicWeave
   [16/04/2009|20:03] C:\Program Files\LSoft Technologies
   [07/03/2008|18:31] C:\Program Files\Mahjong Fortuna 2 Deluxe
   [08/04/2008|19:39] C:\Program Files\MahJong Suite
   [30/05/2009|21:10] C:\Program Files\Malwarebytes' Anti-Malware
   [29/05/2008|17:00] C:\Program Files\Memory-Map
   [12/01/2008|17:46] C:\Program Files\Messenger
   [30/05/2009|17:13] C:\Program Files\Microsoft ActiveSync
   [28/03/2009|07:45] C:\Program Files\Microsoft AutoRoute
   [19/09/2008|21:59] C:\Program Files\Microsoft CAPICOM 2.1.0.2
   [06/04/2007|07:35] C:\Program Files\microsoft frontpage
   [22/05/2007|17:16] C:\Program Files\Microsoft IntelliPoint
   [22/05/2007|17:15] C:\Program Files\Microsoft IntelliPoint 5.5
   [02/02/2009|07:15] C:\Program Files\Microsoft IntelliType Pro
   [01/11/2008|21:10] C:\Program Files\Microsoft IntelliType Pro 5.2
   [26/04/2009|17:41] C:\Program Files\Microsoft Office
   [26/10/2008|11:54] C:\Program Files\Microsoft Works
   [26/04/2009|17:41] C:\Program Files\Microsoft.NET
   [15/10/2007|17:29] C:\Program Files\MobiMate
   [23/04/2009|18:04] C:\Program Files\Moffsoft Calculator 2
   [26/04/2007|18:07] C:\Program Files\Motorola
   [02/04/2007|11:49] C:\Program Files\Movie Maker
   [07/12/2007|18:31] C:\Program Files\MSI
   [02/04/2007|11:48] C:\Program Files\MSN
   [02/04/2007|11:48] C:\Program Files\MSN Gaming Zone
   [27/04/2007|06:58] C:\Program Files\MSXML 4.0
   [02/02/2009|07:14] C:\Program Files\MSXML 6.0
   [14/12/2007|23:24] C:\Program Files\Nero
   [02/04/2007|11:49] C:\Program Files\NetMeeting
   [14/05/2009|18:29] C:\Program Files\NOS
   [02/04/2007|14:39] C:\Program Files\NVIDIA Corporation
   [30/04/2009|21:14] C:\Program Files\Outlook Express
   [19/10/2007|18:52] C:\Program Files\PAQmanP
   [14/06/2007|19:03] C:\Program Files\Paragon Software
   [18/01/2009|08:34] C:\Program Files\PCNetSoftware
   [09/11/2007|18:20] C:\Program Files\Picasa2
   [08/12/2007|09:15] C:\Program Files\Plus!
   [27/10/2007|18:02] C:\Program Files\PopCap Games
   [09/01/2008|18:07] C:\Program Files\QSort2000
   [27/07/2007|05:54] C:\Program Files\QSort2000(2)
   [12/04/2007|20:12] C:\Program Files\Quest
   [11/05/2007|17:31] C:\Program Files\QuickTime
   [17/01/2009|23:00] C:\Program Files\RCLogon
   [01/02/2009|22:35] C:\Program Files\Realtek AC97
   [10/05/2007|22:19] C:\Program Files\ReflexiveArcade
   [21/01/2009|22:41] C:\Program Files\RegistryFix
   [01/06/2009|18:49] C:\Program Files\RegVac Registry Cleaner
   [26/05/2009|19:00] C:\Program Files\ReNamer
   [05/04/2007|18:34] C:\Program Files\SAGEM
   [10/12/2007|21:20] C:\Program Files\Santas Workshop
   [07/04/2007|20:53] C:\Program Files\ScanSoft
   [08/12/2007|09:18] C:\Program Files\Setup Files
   [05/04/2007|19:35] C:\Program Files\Siber Systems
   [09/12/2008|21:50] C:\Program Files\SIW -Technicians v1.71 (Build 636) +Businness License
   [01/02/2009|11:21] C:\Program Files\Spotmau WinCare 2008
   [30/05/2009|17:14] C:\Program Files\SpywareBlaster
   [19/10/2007|18:54] C:\Program Files\SuDokuV2
   [31/05/2009|22:01] C:\Program Files\SUPERAntiSpyware
   [06/01/2008|20:32] C:\Program Files\temp
   [18/04/2008|19:15] C:\Program Files\Tetris 5000
   [05/04/2007|18:26] C:\Program Files\Tiscali Broadband
   [02/05/2009|18:41] C:\Program Files\Top Password
   [31/05/2009|08:28] C:\Program Files\Trend Micro
   [14/02/2009|15:41] C:\Program Files\Trojan Remover
   [02/04/2007|11:59] C:\Program Files\Uninstall Information
   [07/04/2007|18:32] C:\Program Files\UserImages
   [11/07/2008|20:10] C:\Program Files\VideoLAN
   [22/06/2008|19:01] C:\Program Files\VSO
   [19/09/2008|18:41] C:\Program Files\Windows Live
   [09/01/2008|18:07] C:\Program Files\Windows Media Connect 2
   [22/02/2008|23:17] C:\Program Files\Windows Media Player
   [02/04/2007|11:48] C:\Program Files\Windows NT
   [02/04/2007|11:50] C:\Program Files\WindowsUpdate
   [24/11/2008|19:23] C:\Program Files\WinRar
   [17/12/2008|19:16] C:\Program Files\WinZip
   [30/05/2009|15:20] C:\Program Files\ww
   [02/04/2007|11:51] C:\Program Files\xerox
   [11/11/2008|22:01] C:\Program Files\XOOM

   --------------------\\  Listing Folders in C:\Program Files\Common Files

   [16/11/2008|09:45] C:\Program Files\Common Files\Adobe
   [14/05/2009|18:38] C:\Program Files\Common Files\Adobe AIR
   [31/12/2007|09:11] C:\Program Files\Common Files\Adobe Systems Shared
   [21/04/2008|20:50] C:\Program Files\Common Files\Ahead
   [28/03/2009|22:40] C:\Program Files\Common Files\AntiVirus
   [22/06/2008|18:40] C:\Program Files\Common Files\AVSMedia
   [26/04/2009|17:42] C:\Program Files\Common Files\DESIGNER
   [05/04/2007|20:05] C:\Program Files\Common Files\EPSON
   [02/09/2008|17:31] C:\Program Files\Common Files\Hewlett-Packard
   [02/09/2008|17:31] C:\Program Files\Common Files\HP
   [13/05/2007|17:05] C:\Program Files\Common Files\InstallShield
   [02/08/2007|17:24] C:\Program Files\Common Files\Java
   [10/11/2007|23:16] C:\Program Files\Common Files\Macrovision Shared
   [27/04/2009|07:00] C:\Program Files\Common Files\Microsoft Shared
   [26/04/2007|18:07] C:\Program Files\Common Files\Motorola Shared
   [02/04/2007|11:49] C:\Program Files\Common Files\MSSoap
   [04/05/2008|15:35] C:\Program Files\Common Files\Nero
   [02/04/2007|14:39] C:\Program Files\Common Files\NVIDIA Shared
   [02/04/2007|12:17] C:\Program Files\Common Files\ODBC
   [12/04/2007|20:12] C:\Program Files\Common Files\Quest
   [02/04/2007|11:49] C:\Program Files\Common Files\Services
   [02/04/2007|12:17] C:\Program Files\Common Files\SpeechEngines
   [03/04/2009|19:46] C:\Program Files\Common Files\Symantec Shared
   [26/04/2009|17:41] C:\Program Files\Common Files\System
   [19/09/2008|18:41] C:\Program Files\Common Files\WindowsLiveInstaller
   [31/05/2009|22:01] C:\Program Files\Common Files\Wise Installation Wizard

   --------------------\\  Process

   ( 50 Processes )

   ... OK !

   --------------------\\  Searching with S_Lop

   No Lop folder found !
 
   --------------------\\  Searching for Lop Files - Folders

   No Lop folder found !
 
   --------------------\\  Searching within the Registry
 
   ..... OK !

   --------------------\\  Checking the Hosts file

   Hosts file CLEAN


   --------------------\\  Searching for hidden files with Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2009-06-01 21:03:42
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   disk error: C:\WINDOWS\System32\
   please note that you need administrator rights to perform deep scan
 
   --------------------\\  Searching for other infections


   No other infections found !

   [F:26][D:1]-> C:\DOCUME~1\User\LOCALS~1\Temp
   [F:2][D:0]-> C:\DOCUME~1\User\Cookies
   [F:7][D:6]-> C:\DOCUME~1\User\LOCALS~1\TEMPOR~1\content.IE5

   1 - "C:\Lop SD\LopR_1.txt" - 01/06/2009|19:53 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 01/06/2009|20:45 - Option : [1]
   3 - "C:\Lop SD\LopR_3.txt" - 01/06/2009|21:00 - Option : [1]
   4 - "C:\Lop SD\LopR_4.txt" - 01/06/2009|21:03 - Option : [2]

   --------------------\\  Scan completed at 21:03:56

[evilfantasy]

Did you run Option 2 with Lop S&D?

Right click on ComboFix and choose Rename. Rename it to Combo-Fix and then try running it again.

[mopy]

I manualy deleated the files be for using option2 the last time.
Renaming has no effect on combofix or hijack this.
Kevin.

[evilfantasy]

Try this.

Use the ESET Online Antivirus Scanner

This scanner requires Internet Explorer

1. Check the box next to YES, I accept the Terms of Use.
2. Click Start
3. When asked, allow the activex control to install
4. Click Start
5. Make sure that the option Remove found threats and the option Scan unwanted applications is check marked.
6. Click Scan
7. Wait for the scan to finish
8. Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
9. Add the C:\Program Files\EsetOnlineScanner\log.txt log into your next reply.

[mopy]

I think you may have done it.
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# IEXPLORE.EXE=7.00.6000.16827 (vista_gdr.090226-1506)
# OnlineScanner.ocx=1.0.0.5863
# api_version=3.0.2
# EOSSerial=783d5aced2f9e143b9fd733630d2c369
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-06-01 09:14:37
# local_time=2009-06-01 10:14:37 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1027 21 83 59 2955140781250
# scanned=84235
# found=2
# cleaned=2
# scan_time=1842
C:\Program Files\AgataSoft\AgataSoft ShutDown Pro\AgataSoft_ShutDown_Pro.exe   probably unknown NewHeur_PE virus (deleted - quarantined)   00000000000000000000000000000000
H:\RECYCLER\S-4-6-13-100016428-100020748-100010818-9216.com   a variant of Win32/Kryptik.QY trojan (cleaned by deleting - quarantined)   00000000000000000000000000000000
Combo fix now works see log.
ComboFix 09-05-31.06 - User 01/06/2009 22:23.23 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.44.1033.18.1023.647 [GMT 1:00]
Running from: c:\documents and settings\User\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\User\Application Data\EurekaLog
c:\documents and settings\User\Application Data\EurekaLog\EurekaLog.ini
c:\windows\system32\drivers\gxvxcrvamexmyxvnpskbfxmhfulnkffxmkiex.sys
c:\windows\system32\gxvxcrqrdyyudpmxxtobaawmwkqbuwgwviaii.dll
c:\windows\system32\gxvxcufytiteomnrxoppxqpjcfpwnswqwkpvm.dll
H:\Autorun.inf

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_GXVXCSERV.SYS


(((((((((((((((((((((((((   Files Created from 2009-05-01 to 2009-06-01  )))))))))))))))))))))))))))))))
.

2009-06-01 20:41 . 2009-06-01 20:41   --------   d-----w-   c:\program files\ESET
2009-06-01 18:51 . 2009-06-01 20:03   --------   d-----w-   C:\Lop SD
2009-05-31 19:34 . 2009-05-31 19:34   --------   d-----w-   C:\_OTMoveIt
2009-05-31 05:50 . 2009-05-31 05:50   --------   d-----w-   c:\program files\Java
2009-05-30 20:51 . 2009-05-31 07:28   --------   d-----w-   c:\program files\Trend Micro
2009-05-30 20:10 . 2009-05-30 20:10   --------   d-----w-   c:\documents and settings\User\Application Data\Malwarebytes
2009-05-30 20:07 . 2009-05-26 12:20   40160   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-30 20:07 . 2009-05-30 20:10   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2009-05-30 20:07 . 2009-05-30 20:07   --------   d-----w-   c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-30 20:07 . 2009-05-26 12:19   19096   ----a-w-   c:\windows\system32\drivers\mbam.sys
2009-05-30 16:26 . 2009-05-31 05:50   410984   ----a-w-   c:\windows\system32\deploytk.dll
2009-05-30 16:26 . 2009-05-30 16:26   152576   ----a-w-   c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-30 15:41 . 2009-05-30 15:41   698   ---ha-w-   C:\aaw7boot.cmd
2009-05-30 14:20 . 2009-05-30 14:20   --------   d-----w-   c:\program files\ww
2009-05-30 04:51 . 2009-05-30 04:51   --------   d-----w-   c:\windows\system32\config\systemprofile\Application Data\HPAppData
2009-05-14 17:38 . 2009-05-14 17:38   --------   d-----w-   c:\program files\Common Files\Adobe AIR
2009-05-14 17:29 . 2009-05-14 17:29   --------   d-----w-   c:\documents and settings\All Users\Application Data\NOS
2009-05-14 17:29 . 2009-05-14 17:29   --------   d-----w-   c:\program files\NOS
2009-05-13 10:04 . 2009-05-13 10:04   2051864   ----a-w-   c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll
2009-05-13 10:04 . 2009-05-13 10:04   3288856   ----a-w-   c:\documents and settings\All Users\Application Data\avg8\update\backup\setup.exe
2009-05-13 10:04 . 2009-05-13 10:04   423424   ----a-w-   c:\documents and settings\All Users\Application Data\avg8\update\backup\avgwdwsc.dll
2009-05-13 10:04 . 2009-05-13 10:04   1262880   ----a-w-   c:\documents and settings\All Users\Application Data\avg8\update\backup\avgwd.dll
2009-05-13 10:04 . 2009-05-13 10:04   177432   ----a-w-   c:\documents and settings\All Users\Application Data\avg8\update\backup\avgmail.dll
2009-05-13 10:03 . 2009-05-13 10:03   755992   ----a-w-   c:\documents and settings\All Users\Application Data\avg8\update\backup\avginet.dll
2009-05-13 10:03 . 2009-05-13 10:03   1085208   ----a-w-   c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 21:23 . 2008-10-14 19:12   --------   d-----w-   c:\documents and settings\All Users\Application Data\Kontiki
2009-06-01 19:02 . 2007-04-02 15:17   33488   ----a-w-   c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-01 17:49 . 2007-11-28 06:32   --------   d-----w-   c:\program files\RegVac Registry Cleaner
2009-06-01 17:22 . 2008-09-07 15:39   --------   d-----w-   c:\program files\Advanced Diary
2009-05-31 21:01 . 2007-11-30 22:50   --------   d-----w-   c:\program files\SUPERAntiSpyware
2009-05-31 21:01 . 2007-10-12 21:30   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
2009-05-31 18:39 . 2007-04-05 18:46   --------   d-----w-   c:\program files\Google
2009-05-31 14:19 . 2008-01-10 20:41   --------   d-----w-   c:\program files\GASK
2009-05-30 19:01 . 2007-04-26 19:02   29   ----a-w-   c:\windows\popcinfo.dat
2009-05-30 16:17 . 2008-04-19 05:55   --------   d-----w-   c:\program files\CCleaner
2009-05-30 16:14 . 2007-09-17 17:52   --------   d-----w-   c:\program files\SpywareBlaster
2009-05-30 16:14 . 2007-05-08 15:50   --------   d-----w-   c:\program files\Enigma Software Group
2009-05-30 16:13 . 2007-04-20 18:40   --------   d-----w-   c:\program files\Microsoft ActiveSync
2009-05-30 15:49 . 2008-04-23 16:31   --------   d-----w-   c:\documents and settings\All Users\Application Data\Lavasoft
2009-05-30 13:29 . 2009-04-08 18:49   --------   d-----w-   c:\documents and settings\All Users\Application Data\avg8
2009-05-30 06:37 . 2008-02-29 20:35   10697   ----a-w-   c:\documents and settings\All Users\Application Data\DVD X Studios\DVD X Player 4.1 Professional\DVDXPlayer.dll
2009-05-30 06:31 . 2008-01-06 19:23   --------   d-----w-   c:\program files\A1Click Ultra PC Cleaner
2009-05-26 18:00 . 2009-02-19 19:50   --------   d-----w-   c:\program files\ReNamer
2009-05-26 17:57 . 2007-12-08 13:42   249856   ------w-   c:\windows\Setup1.exe
2009-05-26 17:57 . 2007-12-08 13:42   73216   ----a-w-   c:\windows\ST6UNST.EXE
2009-05-22 20:20 . 2008-10-01 18:58   --------   d-----w-   c:\program files\File Renamer
2009-05-02 17:41 . 2009-05-02 17:40   --------   d-----w-   c:\program files\Top Password
2009-04-30 10:19 . 2009-04-08 18:50   11952   ----a-w-   c:\windows\system32\avgrsstx.dll
2009-04-30 10:19 . 2009-04-08 18:50   325896   ----a-w-   c:\windows\system32\drivers\avgldx86.sys
2009-04-30 10:19 . 2009-04-08 18:50   27784   ----a-w-   c:\windows\system32\drivers\avgmfx86.sys
2009-04-30 10:19 . 2009-04-08 18:50   108552   ----a-w-   c:\windows\system32\drivers\avgtdix.sys
2009-04-26 16:41 . 2008-05-30 16:45   --------   d-----w-   c:\program files\Microsoft.NET
2009-04-23 17:04 . 2009-04-23 17:04   --------   d-----w-   c:\program files\Moffsoft Calculator 2
2009-04-18 06:19 . 2007-12-27 11:15   --------   d-----w-   c:\program files\Jigsaw Puzzle Platinum Edition
2009-04-16 19:03 . 2009-04-16 19:03   --------   d-----w-   c:\program files\LSoft Technologies
2009-04-04 19:33 . 2009-04-04 19:33   --------   d-----w-   c:\program files\EASEUS
2009-04-03 18:47 . 2009-04-03 17:50   --------   d-----w-   c:\documents and settings\All Users\Application Data\Symantec
2009-04-03 18:46 . 2007-04-05 17:15   --------   d-----w-   c:\program files\Common Files\Symantec Shared
2009-04-03 18:04 . 2009-04-03 18:04   --------   d-----w-   c:\documents and settings\User\Application Data\Symantec
2009-03-19 13:03 . 2009-04-04 19:33   1907712   ----a-w-   c:\windows\system32\BootMan.exe
2009-03-13 15:03 . 2008-11-11 21:02   9110   ----a-w-   c:\documents and settings\All Users\Application Data\XOOM\X-OOM DVD Player 4 Deluxe\BlazeDVD.dll
2009-03-06 14:44 . 2006-02-28 12:00   283648   ----a-w-   c:\windows\system32\pdh.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect0]
@="{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E}"
[HKEY_CLASSES_ROOT\CLSID\{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E}]
2007-12-02 16:05   348160   ----a-w-   c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectShellExtension.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect1]
@="{8A814C29-D3CD-4F9E-9770-DF8704503ACA}"
[HKEY_CLASSES_ROOT\CLSID\{8A814C29-D3CD-4F9E-9770-DF8704503ACA}]
2007-12-02 16:05   348160   ----a-w-   c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectShellExtension.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\progra~1\MICROS~2\wcescomm.exe" [2006-06-26 1207080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 131072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-05-11 155648]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-04-30 1947928]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-31 148888]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]
"AgataSoft ShutDown Pro"="" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-02-28 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 443968]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-03-24 160592]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05   356352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-04-30 10:19   11952   ----a-w-   c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
"c:\\Program Files\\Kontiki\\KService.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [08/04/2009 19:50 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [08/04/2009 19:50 108552]
R1 FolderProtectDriver;FolderProtectDriver;c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectDriver.sys [27/07/2008 10:46 15616]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [09/04/2009 17:39 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [08/04/2009 19:49 298776]
R2 FolderProtectService;FolderProtectService;c:\program files\Spotmau WinCare 2008\sub\FSDRIVER\FolderProtectService.exe [27/07/2008 10:46 10240]
S1 SASKUTIL;SASKUTIL;

S2 gupdate1c9a98e341b062a;Google Update Service (gupdate1c9a98e341b062a);c:\program files\Google\Update\GoogleUpdate.exe [20/03/2009 20:00 133104]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [04/04/2009 20:33 3072]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [14/05/2009 18:29 33176]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [26/04/2007 18:07 40832]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2009-06-01 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-20 19:00]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys
SafeBoot-aawservice


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.tiscali.co.uk/
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = socks=
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-01 22:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2052111302-1454471165-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3F434468-0101-F776-A200-8A65B4C5E746}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"kaiedlmggadfepemjnkjjh"=hex:67,61,67,65,6e,6f,6c,69,6b,6a,64,6f,6c,61,00,00
"kaiedlmggadfepemjnkjeh"=hex:66,61,67,6e,65,66,70,67,66,69,6a,62,00,69

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="1D5ECA62741A2F4B50337E24301E42D5872E3F9 7E3EB811AE9F7B749ACCC95F54848B0083E5D09 B77A5C3A5105A27B794532EE1BD5F0EB4BD69AB E6733250B32D21B4E2921B127F16B9DE67702EE 1BAD8AEE76908ECADECE10111634D5BD934818D DB1C05193B21E59F2B3AD85853CC00A7542CBB4 210640E0A08C5D24008C431DA9ACF8E9D4D8D19 EEA13BB533CFBF815E988D2D6ED10B1B4A2B848 15ADD49E06ADD233E9984C19BC2A39A1143CFD0 DA5053E5EE4FE32279C84708C80D8514E1C2BFE 05B2D8C2725467A20E5284E7A956929EDEB2782 4FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E 127BECC74CFEBC9E127BECC74CFEBC9E127BECC 74CFEBC9E127BECC74CA6A0AC4980AC79335D57 5E7D6A3B9808A2D97226D213B5558EDD5E5BE2F 6E6673071632AFE4DDEDA355E9290F7451F39E7 450CFC03A9F9BF16F64F24E21120F2D9204F310 BC33E3ABA7875BE2B2FA5E11B7CEEEAFEE74036 72B4CC6FF439DCA7DC12F959A24DC600F05AF43 C08DB2D2C7421E388246CDF9253CFF5EADDAC4E 74EF4391B3AF4CEC6ABAF754DAB376D2E725BF6 78D774F3754550E9A4B9C8A3A2B3F545A17CD88 7BBBF1E9ECB2898F83E8D18A03EF2F88FB008CD 9998AE555B8A16806AA1E51AE8FBB616C2A9F19 1D820515D45A6B37F5349D7DC06CE42272B5B27 F406E27BECC9B33495D8BC0A2F5E5987A992281 2FD93CBAA1F51C5CEEAD733A0C0DA3534E55E37 2DDC128F79ED51A0483732376EA57C4E8E7CCC5 361C34859A871D600AEE22054CC6C2256D365F5 C2BA425BBD0F0F8503B33C09D7A2E98543A6142 C8F4C1ECE916212AC00C491640F448135C5DFE2 CB6CAD770E8765ED21F81FDF11A011DD5D52AFA E9CA0369E1AC4D4BC50A2E01C3A535A01D823D1 83BF3DD32C9236189DFDDE95A9327C4DC0F5C23 FCE85F949D721A19CB2B58217D913942CB07478 C4471EBB4B5614E0A9FCE5D6B24CF882B2CD3E9 1D8BA66C3E60F62724070DFDBC3F593FF37A2E4 D4D5EB4939CF86E464C3663BBE805BCD46ECBF3 4A7C986251EE2143670F0879C2CC7D39B433A95 D6F98FC058BA952BDBCD5FAEF8449A63262E6C1 444B78B1E6E40D91B9CB2F54DA6C74F3FA2A8F8 2A262585F3C090CCD4BE22930D3A4A0414079D3 E675389212C53A8841F1B94F1703979E1D89E0C A1AA19901AB4C80FDF0EFDFADFA12ABE668A3EA BFC17533A1869D42960CEE6A8F914A64FC2D6F4 20D710606E70096AE36569DA2CB0477E1433A54 DC713AE5D4E6AA01316DDA5D1E49E6B6F1185EE F1A914C029B1F4D4DE5748F2E7724664E26E14F A58269149F9E3869DA3A14AEEF1E8BAEBE24F29 3AF327A5952B0E786693519DE3970CCE92221DF 05EB8BF6BF48BC3CD76B1BC302BC8F1EDE10423 9C1DE30A22C6426B2A133584B390B271F15144C 40143F77D0F8F51AABD7"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(676)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Completion time: 2009-06-01 22:36
ComboFix-quarantined-files.txt  2009-06-01 21:36
ComboFix2.txt  2009-02-10 06:45
ComboFix3.txt  2009-02-04 06:41
ComboFix4.txt  2009-01-31 06:27
ComboFix5.txt  2009-06-01 21:18

Pre-Run: 27,784,314,880 bytes free
Post-Run: 27,791,364,096 bytes free

214   --- E O F ---   2009-05-13 06:03
Than

[mopy]

All seems fine now.
Many Thanks Kevin.

[evilfantasy]

Finally!

Still a few things to do.

Go to Start > Run and type notepad.exe then click OK

Copy and paste the below into Notepad and save as fixme.reg to Your Desktop

Code: [Select]

REGEDIT4

[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
Locate fixme.reg on your Desktop and double-click it. Answer Yes when prompted to merge with the Registry.

Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it did not work.

Delete the fixme.reg from the Desktop.

----------

• Click START then RUN
  
• Now type Combofix /u in the runbox
  
• Make sure there's a space between Combofix and /u
• Then hit Enter.

.
.
The above procedure will:

• Delete: ComboFix and its associated files and folders.
• Reset the clock settings.
• Hide file extensions, if required.
• Hide System/Hidden files, if required.
• Set a new, clean Restore Point.

.
----------

Use the Secunia Software Inspector to check for out of date software.

• Click Start Now
  
• Check the box next to Enable thorough system inspection.
  
• Click Start
  
• Allow the scan to finish and scroll down to see if any updates are needed.
• Update anything listed.

.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.

[mopy]

Hi
Reg entry was OK.
Secunia Software Inspector said that java was not on this computer.
Went to java site and confirmed java is up to date but not working, checked out the settings suggested and everthing i is as it should be.
Thanks Kevin.

[mopy]

I should like thank evilfantasy for his help with this topic.
With out his help I do not know what i would have done, Thanks for your time and understanding
you are a star.
Many thanks Kevin.

[evilfantasy]

Your welcome.

Safe surfing...