insufficient system error

[godsize71]

quick synopsis... i had vundo virus but after a bit of *censored* got rid of it, then got another virus that puts up that antivirus soft, try to make you buy that crap...got rid of that...got rid of windows firewall and installed zonealarm..i have malware bytes, iobit 360, superantispy and avira antivirus...now i can sign on to internet..mozilla..aol, but after bout half a day a message pops up when i try to start them again and i have to reboot and its fine for a while...been like this for bout a week or so...the message is...C:\programfiles\java\jre6\lib\deploy\jqs\ffl\..\..\..\..\bin\jqsnotify .exe... and below that says...insufficient system resources exist to complete the requested service, i hope someone can help me reolve this problem..thx...also here is hijack log


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:07 PM, on 2/17/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\IObit\IObit Security 360\IS360tray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\IObit\IObit Security 360\is360.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13917&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13917&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13917&gct=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64,2e,68,74,6d,00 (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64,2e,68,74,6d,00 (file missing)
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Apps\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate1c9cf3f12870e60) (gupdate1c9cf3f12870e60) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9707 bytes

[ale52]

Have you updated your Java lately?

Alan <>< 

PM Sent. EF

[godsize71]

yeah i think i did when i had vundo...ill do it again, but dont think thats it, but ill do it

[evilfantasy]

Open HijackThis and select Do a system scan only

Place a check mark next to the following entries: (if there)

• O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64,2e,68,74,6d,00 (file missing)
• O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,77,65,62,5c,72,65,6c-,61,74,65,64,2e,68,74,6d,00 (file missing)

Important: Close all open windows except for HijackThis and then click Fix checked.

Once completed, exit HijackThis.

----------

Download DDS from |HERE| or |HERE| or |HERE| and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.

[godsize71]

DDS (Ver_09-12-01.01) - NTFSx86 
Run by Compaq_Owner at  8:13:04.43 on Fri 02/19/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.446.58 [GMT -5:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated)   {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Norton Internet Worm Protection *disabled*   {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: ZoneAlarm Firewall *enabled*   {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\IObit\IObit Security 360\IS360tray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://yahoo.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
mDefault_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13917&gct=&gc=1&q=
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13917&gct=&gc=1&q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: ZoneAlarm Toolbar Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: ZoneAlarm Toolbar: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} -
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [AOL Fast Start] "c:\program files\america online 9.0\AOL.EXE" -b
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [LXBUCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXBUtime.dll,_RunDLLEntry@16
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [IObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe"  -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
mPolicies-explorer: NoPopUpsOnBoot = 1 (0x1)
IE: &Search
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
Notify: WRNotifier - WRLogonNTF.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli tayanage.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\compaq~1\applic~1\mozilla\firefox\profiles\gqdahqaj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?fr=fptb-
FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - falsec:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-1-29 28552]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-3-31 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-1-5 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-1-5 74480]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2010-2-10 486280]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-3-31 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-3-31 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-3-31 56816]
R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2010-1-27 311568]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2009-10-14 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2009-10-14 476528]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S2 Ca50xav;Digital Blue DMC2 Video Device;c:\windows\system32\drivers\Ca50xav.sys [2007-12-24 508304]
S2 gupdate1c9cf3f12870e60;Google Update Service (gupdate1c9cf3f12870e60);c:\program files\google\update\GoogleUpdate.exe [2009-5-7 133104]
S2 ioloFileInfoList;iolo FileInfoList Service;

S2 ioloSystemService;iolo System Service;

S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-1-5 7408]

============== File Associations ===============

JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2010-02-19 13:12:51   524288   ----a-w-   C:\dds.scr
2010-02-18 19:28:18   918816   ----a-w-   C:\jxpiinstall.exe
2010-02-17 03:04:29   116224   ----a-w-   c:\windows\system32\dllcache\xrxwiadr.dll
2010-02-17 03:04:25   23040   ----a-w-   c:\windows\system32\dllcache\xrxwbtmp.dll
2010-02-17 03:04:23   18944   ----a-w-   c:\windows\system32\dllcache\xrxscnui.dll
2010-02-17 03:04:19   27648   ----a-w-   c:\windows\system32\dllcache\xrxftplt.exe
2010-02-17 03:04:14   4608   ----a-w-   c:\windows\system32\dllcache\xrxflnch.exe
2010-02-17 03:04:07   99865   ----a-w-   c:\windows\system32\dllcache\xlog.exe
2010-02-17 03:04:00   16970   ----a-w-   c:\windows\system32\dllcache\xem336n5.sys
2010-02-17 03:03:59   19455   ----a-w-   c:\windows\system32\dllcache\wvchntxx.sys
2010-02-17 03:03:54   12063   ----a-w-   c:\windows\system32\dllcache\wsiintxx.sys
2010-02-17 03:03:51   8192   ----a-w-   c:\windows\system32\dllcache\wshirda.dll
2010-02-17 03:03:33   8832   ----a-w-   c:\windows\system32\dllcache\wmiacpi.sys
2010-02-17 03:03:28   154624   ----a-w-   c:\windows\system32\dllcache\wlluc48.sys
2010-02-17 03:03:24   34890   ----a-w-   c:\windows\system32\dllcache\wlandrv2.sys
2010-02-17 03:03:12   771581   ----a-w-   c:\windows\system32\dllcache\winacisa.sys
2010-02-17 03:03:03   53760   ----a-w-   c:\windows\system32\dllcache\wiamsmud.dll
2010-02-17 03:01:59   604253   ----a-w-   c:\windows\system32\dllcache\vmodem.sys
2010-02-17 03:01:55   249402   ----a-w-   c:\windows\system32\dllcache\vinwm.sys
2010-02-17 03:01:48   24576   ----a-w-   c:\windows\system32\dllcache\viairda.sys
2010-02-17 03:01:41   687999   ----a-w-   c:\windows\system32\dllcache\usrwdxjs.sys
2010-02-17 03:01:37   765884   ----a-w-   c:\windows\system32\dllcache\usrti.sys
2010-02-17 03:01:32   113762   ----a-w-   c:\windows\system32\dllcache\usrpda.sys
2010-02-17 03:01:28   7556   ----a-w-   c:\windows\system32\dllcache\usroslba.sys
2010-02-17 03:01:23   224802   ----a-w-   c:\windows\system32\dllcache\usr1807a.sys
2010-02-17 03:01:19   794399   ----a-w-   c:\windows\system32\dllcache\usr1806v.sys
2010-02-17 03:01:15   793598   ----a-w-   c:\windows\system32\dllcache\usr1806.sys
2010-02-17 03:01:09   794654   ----a-w-   c:\windows\system32\dllcache\usr1801.sys
2010-02-17 03:01:06   26112   ----a-w-   c:\windows\system32\dllcache\usbser.sys
2010-02-17 03:01:03   32384   ----a-w-   c:\windows\system32\dllcache\usb101et.sys
2010-02-17 02:59:56   159232   ----a-w-   c:\windows\system32\dllcache\tridkbm.sys
2010-02-17 02:58:58   149376   ----a-w-   c:\windows\system32\dllcache\tffsport.sys
2010-02-17 02:57:58   10240   ----a-w-   c:\windows\system32\dllcache\swpidflt.dll
2010-02-17 02:57:54   10240   ----a-w-   c:\windows\system32\dllcache\swpdflt2.dll
2010-02-17 02:57:51   53760   ----a-w-   c:\windows\system32\dllcache\sw_wheel.dll
2010-02-17 02:57:47   41472   ----a-w-   c:\windows\system32\dllcache\sw_effct.dll
2010-02-17 02:57:43   155648   ----a-w-   c:\windows\system32\dllcache\stlnprop.dll
2010-02-17 02:57:36   53248   ----a-w-   c:\windows\system32\dllcache\stlncoin.dll
2010-02-17 02:57:32   285760   ----a-w-   c:\windows\system32\dllcache\stlnata.sys
2010-02-17 02:57:28   16896   ----a-w-   c:\windows\system32\dllcache\stcusb.sys
2010-02-17 02:57:22   48736   ----a-w-   c:\windows\system32\dllcache\srwlnd5.sys
2010-02-17 02:57:19   99328   ----a-w-   c:\windows\system32\dllcache\srusd.dll
2010-02-17 02:57:12   24660   ----a-w-   c:\windows\system32\dllcache\spxupchk.dll
2010-02-17 02:57:06   61824   ----a-w-   c:\windows\system32\dllcache\speed.sys
2010-02-17 02:57:03   106584   ----a-w-   c:\windows\system32\dllcache\spdports.dll
2010-02-17 02:55:58   45568   ----a-w-   c:\windows\system32\dllcache\smb3w.dll
2010-02-17 02:54:48   161568   ----a-w-   c:\windows\system32\dllcache\sgsmusb.sys
2010-02-17 02:54:45   18400   ----a-w-   c:\windows\system32\dllcache\sgsmld.sys
2010-02-17 02:54:41   98080   ----a-w-   c:\windows\system32\dllcache\sgiulnt5.sys
2010-02-17 02:54:38   386560   ----a-w-   c:\windows\system32\dllcache\sgiul50.dll
2010-02-17 02:54:34   36480   ----a-w-   c:\windows\system32\dllcache\sfmanm.sys
2010-02-17 02:54:28   6784   ----a-w-   c:\windows\system32\dllcache\serscan.sys
2010-02-17 02:54:24   17664   ----a-w-   c:\windows\system32\dllcache\sermouse.sys
2010-02-17 02:54:17   6912   ----a-w-   c:\windows\system32\dllcache\seaddsmc.sys
2010-02-17 02:54:15   11520   ----a-w-   c:\windows\system32\dllcache\scsiscan.sys
2010-02-17 02:54:11   11648   ----a-w-   c:\windows\system32\dllcache\scsiprnt.sys
2010-02-17 02:54:07   17280   ----a-w-   c:\windows\system32\dllcache\scr111.sys
2010-02-17 02:54:03   16640   ----a-w-   c:\windows\system32\dllcache\scmstcs.sys
2010-02-17 02:52:58   65664   ----a-w-   c:\windows\system32\dllcache\s3legacy.sys
2010-02-17 02:52:54   82432   ----a-w-   c:\windows\system32\dllcache\rwia450.dll
2010-02-17 02:52:51   79872   ----a-w-   c:\windows\system32\dllcache\rwia430.dll
2010-02-17 02:52:49   29696   ----a-w-   c:\windows\system32\dllcache\rw450ext.dll
2010-02-17 02:52:48   27648   ----a-w-   c:\windows\system32\dllcache\rw430ext.dll
2010-02-17 02:52:43   19017   ----a-w-   c:\windows\system32\dllcache\rtl8029.sys
2010-02-17 02:52:37   30720   ----a-w-   c:\windows\system32\dllcache\rthwcls.sys
2010-02-17 02:52:30   9216   ----a-w-   c:\windows\system32\dllcache\rsmgrstr.dll
2010-02-17 02:52:24   3840   ----a-w-   c:\windows\system32\dllcache\rpfun.sys
2010-02-17 02:52:22   79104   ----a-w-   c:\windows\system32\dllcache\rocket.sys
2010-02-17 02:52:18   37563   ----a-w-   c:\windows\system32\dllcache\rlnet5.sys
2010-02-17 02:52:14   86097   ----a-w-   c:\windows\system32\dllcache\reslog32.dll
2010-02-17 02:50:56   16128   ----a-w-   c:\windows\system32\dllcache\pscr.sys
2010-02-17 02:49:59   35328   ----a-w-   c:\windows\system32\dllcache\pcntpci5.sys
2010-02-17 02:48:58   43689   ----a-w-   c:\windows\system32\dllcache\otceth5.sys
2010-02-17 02:47:54   65278   ----a-w-   c:\windows\system32\dllcache\netflx3.sys
2010-02-17 02:46:58   19968   ----a-w-   c:\windows\system32\dllcache\mxicfg.dll
2010-02-17 02:45:55   17280   ----a-w-   c:\windows\system32\dllcache\mraid35x.sys
2010-02-17 02:45:53   15232   ----a-w-   c:\windows\system32\dllcache\mpe.sys
2010-02-17 02:45:45   16128   ----a-w-   c:\windows\system32\dllcache\modemcsa.sys
2010-02-17 02:45:35   6528   ----a-w-   c:\windows\system32\dllcache\miniqic.sys
2010-02-17 02:45:29   320384   ----a-w-   c:\windows\system32\dllcache\mgaum.sys
2010-02-17 02:45:26   235648   ----a-w-   c:\windows\system32\dllcache\mgaud.dll
2010-02-17 02:45:25   26112   ----a-w-   c:\windows\system32\dllcache\memstpci.sys
2010-02-17 02:45:22   47616   ----a-w-   c:\windows\system32\dllcache\memgrp.dll
2010-02-17 02:45:19   8320   ----a-w-   c:\windows\system32\dllcache\memcard.sys
2010-02-17 02:45:12   164586   ----a-w-   c:\windows\system32\dllcache\mdgndis5.sys
2010-02-17 02:45:06   7424   ----a-w-   c:\windows\system32\dllcache\mammoth.sys
2010-02-17 02:45:02   48768   ----a-w-   c:\windows\system32\dllcache\maestro.sys
2010-02-17 02:43:51   14592   ----a-w-   c:\windows\system32\dllcache\kbdhid.sys
2010-02-17 02:42:59   372824   ----a-w-   c:\windows\system32\dllcache\iconf32.dll
2010-02-17 02:41:59   488383   ----a-w-   c:\windows\system32\dllcache\hsf_v124.sys
2010-02-17 02:40:58   126976   ----a-w-   c:\windows\system32\dllcache\hpgt34tk.dll
2010-02-17 02:39:55   442240   ----a-w-   c:\windows\system32\dllcache\fpnpbase.sys
2010-02-17 02:39:53   441728   ----a-w-   c:\windows\system32\dllcache\fpcmbase.sys
2010-02-17 02:39:51   444416   ----a-w-   c:\windows\system32\dllcache\fpcibase.sys
2010-02-17 02:39:47   34173   ----a-w-   c:\windows\system32\dllcache\forehe.sys
2010-02-17 02:39:43   71680   ----a-w-   c:\windows\system32\dllcache\fnfilter.dll
2010-02-17 02:39:31   27165   ----a-w-   c:\windows\system32\dllcache\fetnd5.sys
2010-02-17 02:39:24   22090   ----a-w-   c:\windows\system32\dllcache\fem556n5.sys
2010-02-17 02:39:17   24618   ----a-w-   c:\windows\system32\dllcache\fa410nd5.sys
2010-02-17 02:39:14   16074   ----a-w-   c:\windows\system32\dllcache\fa312nd5.sys
2010-02-17 02:39:11   11850   ----a-w-   c:\windows\system32\dllcache\f3ab18xj.sys
2010-02-17 02:39:09   12362   ----a-w-   c:\windows\system32\dllcache\f3ab18xi.sys
2010-02-17 02:39:00   7040   ----a-w-   c:\windows\system32\dllcache\exabyte2.sys
2010-02-17 02:37:57   19996   ----a-w-   c:\windows\system32\dllcache\em556n4.sys
2010-02-17 02:36:59   37962   ----a-w-   c:\windows\system32\dllcache\divaprop.dll
2010-02-17 02:35:58   27648   ----a-w-   c:\windows\system32\dllcache\cyyports.dll
2010-02-17 02:34:59   37916   ----a-w-   c:\windows\system32\dllcache\cb102.sys
2010-02-17 02:33:59   871388   ----a-w-   c:\windows\system32\dllcache\bcmdm.sys
2010-02-17 02:32:33   66048   ----a-w-   c:\windows\system32\dllcache\s3legacy.dll
2010-02-11 03:58:40   0   d-----w-   c:\docume~1\compaq~1\applic~1\CheckPoint
2010-02-11 03:55:42   0   d-----w-   c:\program files\CheckPoint
2010-02-11 03:55:39   4212   ---ha-w-   c:\windows\system32\zllictbl.dat
2010-02-11 03:55:29   1238408   ----a-w-   c:\windows\system32\zpeng25.dll
2010-02-11 03:55:29   0   d-----w-   c:\windows\system32\ZoneLabs
2010-02-11 03:55:28   422437   ----a-w-   c:\windows\system32\vsconfig.xml
2010-02-11 03:55:27   0   d-----w-   c:\program files\Zone Labs
2010-02-11 03:54:59   0   d-----w-   c:\windows\Internet Logs
2010-02-11 03:53:08   40233352   ----a-w-   C:\zaSetup_91_007_002_en.exe
2010-02-11 03:51:04   16409960   ----a-w-   C:\havefun.exe
2010-02-11 01:56:52   363008   ----a-w-   C:\rkill.com
2010-02-09 02:16:12   5632   --sha-w-   c:\windows\Thumbs.db
2010-02-08 19:43:46   0   d-----w-   c:\docume~1\compaq~1\applic~1\Digital Support
2010-02-08 19:43:39   0   d-----w-   c:\program files\Digital Support
2010-02-08 19:43:07   1284416   ----a-w-   C:\PCFixerSetup.exe
2010-02-06 23:25:42   0   d-----w-   c:\program files\uTorrent
2010-02-06 23:25:16   319280   ----a-w-   C:\utorrent.exe
2010-02-04 14:22:34   0   d-----w-   c:\program files\Free Window Registry Repair
2010-02-04 14:22:24   798000   ----a-w-   C:\RegpairSetup.exe
2010-02-02 01:02:01   50955   ----a-w-   C:\VETlog.dmp
2010-01-31 02:46:27   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-31 02:46:22   19160   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-01-31 02:46:22   0   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-01-31 02:45:07   0   d-----w-   c:\program files\MetaStream
2010-01-31 00:51:25   0   d-----w-   c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-01-31 00:51:01   0   d-----w-   c:\program files\SUPERAntiSpyware
2010-01-31 00:51:01   0   d-----w-   c:\docume~1\compaq~1\applic~1\SUPERAntiSpyware.com
2010-01-31 00:49:51   5115824   ----a-w-   C:\mb.exe
2010-01-31 00:43:44   0   d-s---w-   C:\ComboFix
2010-01-30 15:16:33   0   d-----w-   c:\program files\3345setup.exe
2010-01-30 13:35:05   2   --shatr-   c:\windows\winstart.bat
2010-01-30 13:34:00   0   d-----w-   c:\program files\UnHackMe
2010-01-29 18:38:47   96978   ----a-w-   c:\program files\VirtumundoBeGone.exe
2010-01-29 14:00:14   28552   ----a-w-   c:\windows\system32\drivers\pavboot.sys
2010-01-29 00:16:54   0   d-----w-   c:\windows\pss
2010-01-28 23:47:49   0   d-----w-   c:\documents and settings\compaq_owner\.SunDownloadManager
2010-01-28 22:48:44   0   d-----w-   C:\VundoFix Backups
2010-01-28 13:45:45   0   d-----w-   c:\docume~1\compaq~1\applic~1\QuickScan
2010-01-23 23:52:43   917504   ----a-w-   c:\windows\system32\FLASH.OCX

==================== Find3M  ====================

2009-12-31 16:50:03   353792   ----a-w-   c:\windows\system32\drivers\srv.sys
2009-12-31 16:50:03   353792   ----a-w-   c:\windows\system32\dllcache\srv.sys
2009-12-22 05:21:05   667136   ----a-w-   c:\windows\system32\wininet.dll
2009-12-22 05:21:05   667136   ----a-w-   c:\windows\system32\dllcache\wininet.dll
2009-12-22 05:21:03   627712   ----a-w-   c:\windows\system32\dllcache\urlmon.dll
2009-12-22 05:21:02   1509888   ----a-w-   c:\windows\system32\dllcache\shdocvw.dll
2009-12-22 05:21:00   3071488   ----a-w-   c:\windows\system32\dllcache\mshtml.dll
2009-12-22 05:20:58   81920   ----a-w-   c:\windows\system32\ieencode.dll
2009-12-22 05:20:58   81920   ----a-w-   c:\windows\system32\dllcache\ieencode.dll
2009-12-17 22:14:00   411368   -c--a-w-   c:\windows\system32\deploytk.dll
2009-12-16 18:43:27   343040   ----a-w-   c:\windows\system32\mspaint.exe
2009-12-16 18:43:27   343040   ----a-w-   c:\windows\system32\dllcache\mspaint.exe
2009-12-14 07:08:23   33280   ----a-w-   c:\windows\system32\dllcache\csrsrv.dll
2009-12-14 07:08:23   33280   ----a-w-   c:\windows\system32\csrsrv.dll
2009-12-08 19:27:51   2189184   ----a-w-   c:\windows\system32\ntoskrnl.exe
2009-12-08 19:27:51   2189184   ----a-w-   c:\windows\system32\dllcache\ntoskrnl.exe
2009-12-08 19:26:15   2145280   ----a-w-   c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-08 18:43:51   2023936   ----a-w-   c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-08 18:43:50   2066048   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2009-12-08 18:43:50   2066048   ----a-w-   c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-08 09:23:28   474112   ----a-w-   c:\windows\system32\dllcache\shlwapi.dll
2009-12-04 18:22:22   455424   ----a-w-   c:\windows\system32\dllcache\mrxsmb.sys
2009-11-27 17:11:44   17920   ----a-w-   c:\windows\system32\msyuv.dll
2009-11-27 17:11:44   17920   ----a-w-   c:\windows\system32\dllcache\msyuv.dll
2009-11-27 17:11:44   1291776   ----a-w-   c:\windows\system32\quartz.dll
2009-11-27 17:11:44   1291776   ----a-w-   c:\windows\system32\dllcache\quartz.dll
2009-11-27 16:07:35   8704   ----a-w-   c:\windows\system32\tsbyuv.dll
2009-11-27 16:07:35   8704   ----a-w-   c:\windows\system32\dllcache\tsbyuv.dll
2009-11-27 16:07:35   28672   ----a-w-   c:\windows\system32\msvidc32.dll
2009-11-27 16:07:35   28672   ----a-w-   c:\windows\system32\dllcache\msvidc32.dll
2009-11-27 16:07:34   84992   ----a-w-   c:\windows\system32\dllcache\avifil32.dll
2009-11-27 16:07:34   84992   ----a-w-   c:\windows\system32\avifil32.dll
2009-11-27 16:07:34   48128   ----a-w-   c:\windows\system32\iyuv_32.dll
2009-11-27 16:07:34   48128   ----a-w-   c:\windows\system32\dllcache\iyuv_32.dll
2009-11-27 16:07:34   11264   ----a-w-   c:\windows\system32\msrle32.dll
2009-11-27 16:07:34   11264   ----a-w-   c:\windows\system32\dllcache\msrle32.dll
2009-11-21 15:51:04   471552   ----a-w-   c:\windows\system32\dllcache\aclayers.dll
2008-10-09 19:00:16   19088   -c--a-w-   c:\program files\common files\irywuzubu.bat
2008-10-09 19:00:16   18489   -c--a-w-   c:\program files\common files\vedu.dl
2008-10-09 19:00:16   14113   -c--a-w-   c:\program files\common files\xipa.bat
2008-10-09 19:00:16   12606   -c--a-w-   c:\program files\common files\badyxyret.reg

============= FINISH:  8:15:58.01 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 7/18/2007 2:22:34 PM
System Uptime: 2/19/2010 7:59:26 AM (1 hours ago)

Motherboard: ASUSTek Computer INC. |  | NAOS
Processor: AMD Sempron(tm) Processor 3400+ | Socket AM2  | 1803/199mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 104 GiB total, 72.285 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 0.532 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Digital Blue DMC2 Video Device
Device ID: ROOT\LEGACY_CA50XAV\0000
Manufacturer:
Name: Digital Blue DMC2 Video Device
PNP Device ID: ROOT\LEGACY_CA50XAV\0000
Service: Ca50xav

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Serial
Device ID: ROOT\LEGACY_SERIAL\0000
Manufacturer:
Name: Serial
PNP Device ID: ROOT\LEGACY_SERIAL\0000
Service: Serial

==== System Restore Points ===================

RP950: 2/19/2010 4:01:32 AM - System Checkpoint

==== Installed Programs ======================

µTorrent
AAC Decoder
ABBYY FineReader 6.0 Sprint Plus
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.1.0
Advanced SystemCare 3
AOL Connectivity Services
AOL Uninstaller
AOL You've Got Pictures Screensaver
AutoUpdate
Avira AntiVir Personal - Free Antivirus
BufferChm
CCleaner (remove only)
Compaq Connections (remove only)
ConvertXtoDVD 3.5.3.139
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
cp_PosterPrintConfig
cp_UpdateProjectsConfig
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Data Fax SoftModem with SmartCP
Destinations
DeviceManagementQFolder
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DVD-CLONER V6.00 Build 977
Eraser
Free Window Registry Repair
FullDPAppQFolder
Google Earth
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
H.264 Decoder
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
HP Boot Optimizer
HP DVD Play 2.1
HP Games
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Support Overview
HP Update
HP Web Helper
HPPhotoSmartExpress
HpSdpAppCoreApp
InstantShareDevices
IObit Security 360
Java Auto Updater
Java(TM) 6 Update 18
Lexmark 6200 Series
LightScribe System Software  1.10.13.1
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
MKV Splitter
Mozilla Firefox (3.0.10)
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My HP Games
Nero 7 Essentials
neroxml
NVIDIA Drivers
OpenOffice.org Installer 1.0
OptionalContentQFolder
PC-Doctor 5 for Windows
PC Fixer
PhotoGallery
Python 2.2 pywin32 extensions (build 203)
Quicken 2006
QuickTime
RandMap
RealPlayer
Realtek High Definition Audio Driver
Rhapsody
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978706)
SkinsHP1
SlideShow
SlideShowMusic
Smart Defrag
Sonic Audio module
Sonic DLA
Sonic Express Labeler
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic_PrimoSDK
SUPERAntiSpyware Free Edition
TomTom HOME 2.7.3.1894
TomTom HOME Visual Studio Merge Modules
Unload
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
Update for Windows XP (KB978207)
VC80CRTRedist - 8.0.50727.762
WebFldrs XP
WildTangent Web Driver
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
Yahoo! Toolbar
ZoneAlarm
ZoneAlarm Toolbar
Zuma's Revenge

==== Event Viewer Messages From Past Week ========

2/18/2010 2:31:21 PM, error: Service Control Manager [7034]  - The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).
2/17/2010 7:01:01 PM, error: Service Control Manager [7001]  - The Universal Plug and Play Device Host service depends on the SSDP Discovery Service service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2/17/2010 7:00:49 PM, error: DCOM [10005]  - DCOM got error "%1068" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
2/16/2010 9:32:45 PM, information: Windows File Protection [64020]  - Windows File Protection scan found that the system file c:\windows\system32\drmstor.dll has a bad signature. This file was restored to the original version to maintain system stability.  The file version of the system file is 10.0.0.3646.
2/16/2010 9:32:45 PM, information: Windows File Protection [64004]  - The protected system file c:\windows\system32\drmstor.dll could not be restored to its original, valid version. The file version of the bad file is 10.0.0.3646 The specific error code is 0x800b0100 [No signature was present in the subject. ].
2/16/2010 9:32:45 PM, information: Windows File Protection [64004]  - The protected system file c:\windows\system32\drmclien.dll could not be restored to its original, valid version. The file version of the bad file is 10.0.0.3646 The specific error code is 0x800b0110 [The certificate is not valid for the requested usage. ].
2/16/2010 9:32:44 PM, information: Windows File Protection [64020]  - Windows File Protection scan found that the system file c:\windows\system32\drmclien.dll has a bad signature. This file was restored to the original version to maintain system stability.  The file version of the system file is 10.0.0.3646.
2/16/2010 9:32:00 PM, information: Windows File Protection [64016]  - Windows File Protection file scan was started.
2/16/2010 6:17:40 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the AOL TopSpeed Monitor service to connect.
2/16/2010 6:17:15 PM, error: Service Control Manager [7031]  - The AOL TopSpeed Monitor service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
2/16/2010 10:04:32 PM, information: Windows File Protection [64017]  - Windows File Protection file scan completed successfully.
2/15/2010 8:40:39 PM, error: Service Control Manager [7023]  - The Application Management service terminated with the following error:  The system cannot find the file specified.
2/15/2010 8:27:03 PM, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
2/15/2010 8:26:51 PM, error: Service Control Manager [7000]  - The Windows Installer service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/15/2010 8:26:50 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Windows Installer service to connect.
2/15/2010 8:25:20 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  ftsata2
2/15/2010 8:25:18 PM, error: Service Control Manager [7000]  - The iolo System Service service failed to start due to the following error:  The system cannot find the path specified.
2/15/2010 8:25:17 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the TrueVector Internet Monitor service to connect.
2/15/2010 8:25:17 PM, error: Service Control Manager [7000]  - The TrueVector Internet Monitor service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/15/2010 8:25:17 PM, error: Service Control Manager [7000]  - The iolo FileInfoList Service service failed to start due to the following error:  The system cannot find the path specified.
2/15/2010 3:55:03 AM, error: DCOM [10000]  - Unable to start a DCOM Server: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}. The error: "%1450" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
2/15/2010 3:46:58 AM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC00000A1' while processing the file 'BACKUP.RDB' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume.
2/15/2010 11:59:35 AM, error: Dhcp [1002]  - The IP address lease 192.168.1.33 for the Network Card with network address 0018F361A203 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
2/14/2010 7:05:04 AM, error: DCOM [10000]  - Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error: "%1450" Happened while starting this command: C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe -Embedding
2/14/2010 7:05:04 AM, error: DCOM [10000]  - Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error: "%1450" Happened while starting this command: "c:\Program Files\Common Files\InstallShield\UpdateService\agent.exe" -Embedding

==== End Of File ===========================

[evilfantasy]

Go to Add or Remove Programs and uninstall:

- Free Window Registry Repair
- ZoneAlarm Toolbar <- This is actually the Ask.com toolbar and is useless
.
-----------

If you already have ComboFix be sure to delete it and download a new copy.

Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note:  It is important that it is saved directly to your Desktop

DO NOT run it yet!

Note: the below instructions were created specifically for this user. If you are not this user, DO NOT follow these directions as they could damage the workings of your system

Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Delete these files/folders, as follows:

1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C

Code: [Select]

KillAll::

DDS::
mDefault_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13917&gct=&gc=1&q=
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13917&gct=&gc=1&q=%s
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} -
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSA: Notification Packages = scecli tayanage.dll

Folder::
C:\VundoFix Backups


3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!



ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.

Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze

[godsize71]

i did a everything you asked me to do, twice, when combofix was rebooting is just stayed on the blue shutting down windows page for bout 10 min so i had to restart it, and when it did come back combofix was preparing log bout didnt, so i clicked it off after bout 10 min

[evilfantasy]

Try running it without the script.

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
 
Double click combofix.exe & follow the prompts.
Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)
When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.

Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

If you have problems with ComboFix usage, see How to use ComboFix

[godsize71]

ComboFix 10-02-19.03 - Compaq_Owner 02/19/2010  16:41:27.3.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.446.175 [GMT -5:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

(((((((((((((((((((((((((   Files Created from 2010-01-19 to 2010-02-19  )))))))))))))))))))))))))))))))
.

2010-02-19 13:12 . 2010-02-19 13:12   524288   ----a-w-   C:\dds.scr
2010-02-18 19:28 . 2010-02-18 19:28   918816   ----a-w-   C:\jxpiinstall.exe
2010-02-17 03:04 . 2008-04-14 01:12   116224   ----a-w-   c:\windows\system32\dllcache\xrxwiadr.dll
2010-02-17 03:04 . 2001-08-18 03:36   23040   ----a-w-   c:\windows\system32\dllcache\xrxwbtmp.dll
2010-02-17 03:04 . 2008-04-14 01:12   18944   ----a-w-   c:\windows\system32\dllcache\xrxscnui.dll
2010-02-17 03:04 . 2001-08-18 03:37   27648   ----a-w-   c:\windows\system32\dllcache\xrxftplt.exe
2010-02-17 03:04 . 2001-08-18 03:37   4608   ----a-w-   c:\windows\system32\dllcache\xrxflnch.exe
2010-02-17 03:04 . 2001-08-18 03:37   99865   ----a-w-   c:\windows\system32\dllcache\xlog.exe
2010-02-17 03:04 . 2001-08-17 17:11   16970   ----a-w-   c:\windows\system32\dllcache\xem336n5.sys
2010-02-17 03:03 . 2004-08-04 03:29   19455   ----a-w-   c:\windows\system32\dllcache\wvchntxx.sys
2010-02-17 03:03 . 2004-08-04 03:29   12063   ----a-w-   c:\windows\system32\dllcache\wsiintxx.sys
2010-02-17 03:03 . 2008-04-14 01:12   8192   ----a-w-   c:\windows\system32\dllcache\wshirda.dll
2010-02-17 03:03 . 2008-04-13 19:36   8832   ----a-w-   c:\windows\system32\dllcache\wmiacpi.sys
2010-02-17 03:03 . 2004-08-04 03:31   154624   ----a-w-   c:\windows\system32\dllcache\wlluc48.sys
2010-02-17 03:03 . 2001-08-17 17:12   34890   ----a-w-   c:\windows\system32\dllcache\wlandrv2.sys
2010-02-17 03:03 . 2001-08-17 18:28   771581   ----a-w-   c:\windows\system32\dllcache\winacisa.sys
2010-02-17 03:03 . 2001-08-18 03:36   53760   ----a-w-   c:\windows\system32\dllcache\wiamsmud.dll
2010-02-17 03:01 . 2001-08-17 18:28   604253   ----a-w-   c:\windows\system32\dllcache\vmodem.sys
2010-02-17 03:01 . 2001-08-17 17:14   249402   ----a-w-   c:\windows\system32\dllcache\vinwm.sys
2010-02-17 03:01 . 2001-08-17 18:49   24576   ----a-w-   c:\windows\system32\dllcache\viairda.sys
2010-02-17 03:01 . 2001-08-17 18:28   687999   ----a-w-   c:\windows\system32\dllcache\usrwdxjs.sys
2010-02-17 03:01 . 2001-08-17 18:28   765884   ----a-w-   c:\windows\system32\dllcache\usrti.sys
2010-02-17 03:01 . 2001-08-17 18:28   113762   ----a-w-   c:\windows\system32\dllcache\usrpda.sys
2010-02-17 03:01 . 2001-08-17 18:28   7556   ----a-w-   c:\windows\system32\dllcache\usroslba.sys
2010-02-17 03:01 . 2001-08-17 18:28   224802   ----a-w-   c:\windows\system32\dllcache\usr1807a.sys
2010-02-17 03:01 . 2001-08-17 18:28   794399   ----a-w-   c:\windows\system32\dllcache\usr1806v.sys
2010-02-17 03:01 . 2001-08-17 18:28   793598   ----a-w-   c:\windows\system32\dllcache\usr1806.sys
2010-02-17 03:01 . 2001-08-17 18:28   794654   ----a-w-   c:\windows\system32\dllcache\usr1801.sys
2010-02-17 03:01 . 2008-04-13 19:45   26112   ----a-w-   c:\windows\system32\dllcache\usbser.sys
2010-02-17 03:01 . 2004-08-04 03:31   32384   ----a-w-   c:\windows\system32\dllcache\usb101et.sys
2010-02-17 02:59 . 2001-08-17 17:51   159232   ----a-w-   c:\windows\system32\dllcache\tridkbm.sys
2010-02-17 02:58 . 2008-04-13 19:40   149376   ----a-w-   c:\windows\system32\dllcache\tffsport.sys
2010-02-17 02:57 . 2001-08-18 03:36   10240   ----a-w-   c:\windows\system32\dllcache\swpidflt.dll
2010-02-17 02:57 . 2001-08-18 03:36   10240   ----a-w-   c:\windows\system32\dllcache\swpdflt2.dll
2010-02-17 02:57 . 2001-08-18 03:36   53760   ----a-w-   c:\windows\system32\dllcache\sw_wheel.dll
2010-02-17 02:57 . 2001-08-18 03:36   41472   ----a-w-   c:\windows\system32\dllcache\sw_effct.dll
2010-02-17 02:57 . 2001-08-18 03:36   155648   ----a-w-   c:\windows\system32\dllcache\stlnprop.dll
2010-02-17 02:57 . 2001-08-18 03:36   53248   ----a-w-   c:\windows\system32\dllcache\stlncoin.dll
2010-02-17 02:57 . 2001-08-17 17:18   285760   ----a-w-   c:\windows\system32\dllcache\stlnata.sys
2010-02-17 02:57 . 2001-08-17 18:51   16896   ----a-w-   c:\windows\system32\dllcache\stcusb.sys
2010-02-17 02:57 . 2001-08-17 17:11   48736   ----a-w-   c:\windows\system32\dllcache\srwlnd5.sys
2010-02-17 02:57 . 2001-08-18 03:36   99328   ----a-w-   c:\windows\system32\dllcache\srusd.dll
2010-02-17 02:57 . 2001-08-18 03:36   24660   ----a-w-   c:\windows\system32\dllcache\spxupchk.dll
2010-02-17 02:57 . 2001-08-17 18:51   61824   ----a-w-   c:\windows\system32\dllcache\speed.sys
2010-02-17 02:57 . 2001-08-18 03:36   106584   ----a-w-   c:\windows\system32\dllcache\spdports.dll
2010-02-17 02:55 . 2001-08-18 03:36   45568   ----a-w-   c:\windows\system32\dllcache\smb3w.dll
2010-02-17 02:54 . 2001-07-21 19:29   161568   ----a-w-   c:\windows\system32\dllcache\sgsmusb.sys
2010-02-17 02:54 . 2001-07-21 19:29   18400   ----a-w-   c:\windows\system32\dllcache\sgsmld.sys
2010-02-17 02:54 . 2001-08-17 17:51   98080   ----a-w-   c:\windows\system32\dllcache\sgiulnt5.sys
2010-02-17 02:54 . 2001-08-18 03:36   386560   ----a-w-   c:\windows\system32\dllcache\sgiul50.dll
2010-02-17 02:54 . 2001-08-17 17:19   36480   ----a-w-   c:\windows\system32\dllcache\sfmanm.sys
2010-02-17 02:54 . 2001-08-17 18:53   6784   ----a-w-   c:\windows\system32\dllcache\serscan.sys
2010-02-17 02:54 . 2001-08-17 18:48   17664   ----a-w-   c:\windows\system32\dllcache\sermouse.sys
2010-02-17 02:54 . 2001-08-17 18:53   6912   ----a-w-   c:\windows\system32\dllcache\seaddsmc.sys
2010-02-17 02:54 . 2008-04-13 19:45   11520   ----a-w-   c:\windows\system32\dllcache\scsiscan.sys
2010-02-17 02:54 . 2001-08-17 18:52   11648   ----a-w-   c:\windows\system32\dllcache\scsiprnt.sys
2010-02-17 02:54 . 2001-08-17 18:51   17280   ----a-w-   c:\windows\system32\dllcache\scr111.sys
2010-02-17 02:54 . 2001-08-17 18:51   16640   ----a-w-   c:\windows\system32\dllcache\scmstcs.sys
2010-02-17 02:52 . 2001-08-17 18:57   65664   ----a-w-   c:\windows\system32\dllcache\s3legacy.sys
2010-02-17 02:52 . 2001-08-18 03:36   82432   ----a-w-   c:\windows\system32\dllcache\rwia450.dll
2010-02-17 02:52 . 2001-08-18 03:36   79872   ----a-w-   c:\windows\system32\dllcache\rwia430.dll
2010-02-17 02:52 . 2008-04-14 01:12   29696   ----a-w-   c:\windows\system32\dllcache\rw450ext.dll
2010-02-17 02:52 . 2008-04-14 01:12   27648   ----a-w-   c:\windows\system32\dllcache\rw430ext.dll
2010-02-17 02:52 . 2001-08-17 17:12   19017   ----a-w-   c:\windows\system32\dllcache\rtl8029.sys
2010-02-17 02:52 . 2001-08-17 17:19   30720   ----a-w-   c:\windows\system32\dllcache\rthwcls.sys
2010-02-17 02:52 . 2001-08-18 03:36   9216   ----a-w-   c:\windows\system32\dllcache\rsmgrstr.dll
2010-02-17 02:52 . 2001-08-17 17:19   3840   ----a-w-   c:\windows\system32\dllcache\rpfun.sys
2010-02-17 02:52 . 2008-04-13 19:40   79104   ----a-w-   c:\windows\system32\dllcache\rocket.sys
2010-02-17 02:52 . 2001-08-17 17:12   37563   ----a-w-   c:\windows\system32\dllcache\rlnet5.sys
2010-02-17 02:52 . 2001-08-18 03:36   86097   ----a-w-   c:\windows\system32\dllcache\reslog32.dll
2010-02-17 02:50 . 2001-08-17 18:51   16128   ----a-w-   c:\windows\system32\dllcache\pscr.sys
2010-02-17 02:49 . 2001-08-17 17:11   35328   ----a-w-   c:\windows\system32\dllcache\pcntpci5.sys
2010-02-17 02:48 . 2001-08-17 17:12   43689   ----a-w-   c:\windows\system32\dllcache\otceth5.sys
2010-02-17 02:47 . 2001-08-17 17:11   65278   ----a-w-   c:\windows\system32\dllcache\netflx3.sys
2010-02-17 02:46 . 2001-08-18 03:36   19968   ----a-w-   c:\windows\system32\dllcache\mxicfg.dll
2010-02-17 02:46 . 2004-08-04 04:00   229439   ----a-w-   c:\windows\system32\dllcache\multibox.dll
2010-02-17 02:46 . 2001-08-17 18:50   21888   ----a-w-   c:\windows\system32\dllcache\mxcard.sys
2010-02-17 02:46 . 2001-08-17 17:50   103296   ----a-w-   c:\windows\system32\dllcache\mtxvideo.sys
2010-02-17 02:46 . 2008-04-13 19:46   49024   ----a-w-   c:\windows\system32\dllcache\mstape.sys
2010-02-17 02:46 . 2001-08-17 18:48   12416   ----a-w-   c:\windows\system32\dllcache\msriffwv.sys
2010-02-17 02:46 . 2001-08-17 19:00   2944   ----a-w-   c:\windows\system32\dllcache\msmpu401.sys
2010-02-17 02:46 . 2008-04-13 19:54   22016   ----a-w-   c:\windows\system32\dllcache\msircomm.sys
2010-02-17 02:46 . 2004-08-04 04:00   98304   ----a-w-   c:\windows\system32\dllcache\msir3jp.dll
2010-02-17 02:46 . 2001-08-17 19:02   35200   ----a-w-   c:\windows\system32\dllcache\msgame.sys
2010-02-17 02:46 . 2001-08-17 18:48   6016   ----a-w-   c:\windows\system32\dllcache\msfsio.sys
2010-02-17 02:46 . 2008-04-13 19:46   51200   ----a-w-   c:\windows\system32\dllcache\msdv.sys
2010-02-17 02:45 . 2001-08-17 18:52   17280   ----a-w-   c:\windows\system32\dllcache\mraid35x.sys
2010-02-17 02:45 . 2008-04-13 19:46   15232   ----a-w-   c:\windows\system32\dllcache\mpe.sys
2010-02-17 02:45 . 2001-08-17 18:57   16128   ----a-w-   c:\windows\system32\dllcache\modemcsa.sys
2010-02-17 02:45 . 2001-08-17 18:52   6528   ----a-w-   c:\windows\system32\dllcache\miniqic.sys
2010-02-17 02:45 . 2001-08-17 17:50   320384   ----a-w-   c:\windows\system32\dllcache\mgaum.sys
2010-02-17 02:45 . 2001-08-17 19:56   235648   ----a-w-   c:\windows\system32\dllcache\mgaud.dll
2010-02-17 02:45 . 2008-04-13 19:41   26112   ----a-w-   c:\windows\system32\dllcache\memstpci.sys
2010-02-17 02:45 . 2001-08-18 03:36   47616   ----a-w-   c:\windows\system32\dllcache\memgrp.dll
2010-02-17 02:45 . 2001-08-17 18:58   8320   ----a-w-   c:\windows\system32\dllcache\memcard.sys
2010-02-17 02:45 . 2001-08-17 17:12   164586   ----a-w-   c:\windows\system32\dllcache\mdgndis5.sys
2010-02-17 02:45 . 2001-08-17 18:52   7424   ----a-w-   c:\windows\system32\dllcache\mammoth.sys
2010-02-17 02:45 . 2001-08-17 17:19   48768   ----a-w-   c:\windows\system32\dllcache\maestro.sys
2010-02-17 02:43 . 2008-04-13 19:39   14592   ----a-w-   c:\windows\system32\dllcache\kbdhid.sys
2010-02-17 02:42 . 2001-08-18 03:36   372824   ----a-w-   c:\windows\system32\dllcache\iconf32.dll
2010-02-17 02:41 . 2001-08-17 18:28   488383   ----a-w-   c:\windows\system32\dllcache\hsf_v124.sys
2010-02-17 02:40 . 2001-08-18 03:36   126976   ----a-w-   c:\windows\system32\dllcache\hpgt34tk.dll
2010-02-17 02:39 . 2001-08-17 17:15   442240   ----a-w-   c:\windows\system32\dllcache\fpnpbase.sys
2010-02-17 02:39 . 2001-08-17 17:14   441728   ----a-w-   c:\windows\system32\dllcache\fpcmbase.sys
2010-02-17 02:39 . 2001-08-17 17:14   444416   ----a-w-   c:\windows\system32\dllcache\fpcibase.sys
2010-02-17 02:39 . 2004-08-04 03:31   34173   ----a-w-   c:\windows\system32\dllcache\forehe.sys
2010-02-17 02:39 . 2001-08-18 03:36   71680   ----a-w-   c:\windows\system32\dllcache\fnfilter.dll
2010-02-17 02:39 . 2001-08-17 17:13   27165   ----a-w-   c:\windows\system32\dllcache\fetnd5.sys
2010-02-17 02:39 . 2001-08-17 17:10   22090   ----a-w-   c:\windows\system32\dllcache\fem556n5.sys
2010-02-17 02:39 . 2001-08-17 17:12   24618   ----a-w-   c:\windows\system32\dllcache\fa410nd5.sys
2010-02-17 02:39 . 2001-08-17 17:12   16074   ----a-w-   c:\windows\system32\dllcache\fa312nd5.sys
2010-02-17 02:39 . 2001-08-17 17:11   11850   ----a-w-   c:\windows\system32\dllcache\f3ab18xj.sys
2010-02-17 02:39 . 2001-08-17 17:11   12362   ----a-w-   c:\windows\system32\dllcache\f3ab18xi.sys
2010-02-17 02:39 . 2001-08-17 18:52   7040   ----a-w-   c:\windows\system32\dllcache\exabyte2.sys
2010-02-17 02:37 . 2001-08-17 17:10   19996   ----a-w-   c:\windows\system32\dllcache\em556n4.sys
2010-02-17 02:36 . 2001-08-18 03:36   37962   ----a-w-   c:\windows\system32\dllcache\divaprop.dll
2010-02-17 02:35 . 2001-08-18 03:36   27648   ----a-w-   c:\windows\system32\dllcache\cyyports.dll
2010-02-17 02:34 . 2001-08-17 17:12   37916   ----a-w-   c:\windows\system32\dllcache\cb102.sys
2010-02-17 02:33 . 2001-08-17 18:28   871388   ----a-w-   c:\windows\system32\dllcache\bcmdm.sys
2010-02-17 02:32 . 2001-08-17 19:56   66048   ----a-w-   c:\windows\system32\dllcache\s3legacy.dll
2010-02-11 03:58 . 2010-02-11 03:58   --------   d-----w-   c:\documents and settings\Compaq_Owner\Application Data\CheckPoint
2010-02-11 03:54 . 2010-02-19 21:50   --------   d-----w-   c:\windows\Internet Logs
2010-02-11 03:53 . 2010-02-11 03:54   40233352   ----a-w-   C:\zaSetup_91_007_002_en.exe
2010-02-11 03:51 . 2010-02-11 03:51   16409960   ----a-w-   C:\havefun.exe
2010-02-11 01:56 . 2010-02-11 02:11   363008   ----a-w-   C:\rkill.com

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 21:35 . 2008-01-31 02:51   --------   d-----w-   c:\documents and settings\Compaq_Owner\Application Data\Vso
2010-02-19 19:16 . 2010-02-12 17:17   3800595   ----a-w-   c:\windows\Internet Logs\tvDebug.Zip
2010-02-19 18:35 . 2009-05-07 18:09   --------   d-----w-   c:\documents and settings\All Users\Application Data\Google Updater
2010-02-18 19:34 . 2010-02-18 19:34   503808   ----a-w-   c:\documents and settings\Compaq_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5841e772-n\msvcp71.dll
2010-02-18 19:34 . 2010-02-18 19:34   499712   ----a-w-   c:\documents and settings\Compaq_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5841e772-n\jmc.dll
2010-02-18 19:34 . 2010-02-18 19:34   348160   ----a-w-   c:\documents and settings\Compaq_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5841e772-n\msvcr71.dll
2010-02-18 19:34 . 2010-02-18 19:34   61440   ----a-w-   c:\documents and settings\Compaq_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-14e7b00d-n\decora-sse.dll
2010-02-18 19:34 . 2010-02-18 19:34   12800   ----a-w-   c:\documents and settings\Compaq_Owner\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-14e7b00d-n\decora-d3d.dll
2010-02-18 19:33 . 2006-09-04 22:01   --------   d-----w-   c:\program files\Java
2010-02-17 02:24 . 2010-01-31 00:52   117760   ----a-w-   c:\documents and settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-02-14 00:32 . 2010-02-14 00:32   125806   ----a-w-   c:\windows\Internet Logs\vsmon_2nd_2010_02_13_19_27_25_small.dmp.zip
2010-02-14 00:08 . 2010-02-14 00:13   1638912   ----a-w-   c:\windows\Internet Logs\xDB94.tmp
2010-02-11 03:55 . 2010-02-11 03:55   --------   d-----w-   c:\program files\CheckPoint
2010-02-11 03:55 . 2010-02-11 03:55   4212   ---ha-w-   c:\windows\system32\zllictbl.dat
2010-02-11 03:55 . 2010-02-11 03:55   --------   d-----w-   c:\program files\Zone Labs
2010-02-09 02:16 . 2008-12-16 14:29   --------   d-----w-   c:\program files\Dvd-cloner
2010-02-09 02:16 . 2006-09-04 22:47   --------   d-----w-   c:\program files\PC-Doctor 5 for Windows
2010-02-09 02:16 . 2006-09-04 22:23   --------   d-----w-   c:\program files\music_now
2010-02-09 02:16 . 2007-09-05 22:54   --------   d-----w-   c:\program files\Windows Media Connect 2
2010-02-09 02:16 . 2007-07-29 23:12   --------   d-----w-   c:\program files\DivX
2010-02-09 02:16 . 2006-09-04 22:33   --------   d-----w-   c:\program files\MSN Encarta Standard
2010-02-09 02:16 . 2006-09-04 22:34   --------   d-----w-   c:\program files\Microsoft Works
2010-02-09 02:16 . 2007-07-28 21:02   --------   d-----w-   c:\program files\America Online 9.0
2010-02-03 15:26 . 2007-07-29 23:17   --------   d-----w-   c:\program files\Google
2010-01-31 00:52 . 2010-01-31 00:52   52224   ----a-w-   c:\documents and settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-31 00:50 . 2007-12-13 01:23   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
2010-01-31 00:20 . 2006-09-04 22:01   --------   d-----w-   c:\program files\Common Files\Java
2010-01-31 00:14 . 2007-07-28 21:03   --------   d-----w-   c:\documents and settings\All Users\Application Data\Viewpoint
2010-01-30 17:13 . 2007-07-29 12:55   --------   d-----w-   c:\program files\Eraser
2010-01-29 21:23 . 2009-03-31 18:40   --------   d---a-w-   c:\documents and settings\All Users\Application Data\TEMP
2010-01-29 19:46 . 2008-12-07 12:27   --------   d-----w-   c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-31 16:50 . 2004-08-04 11:00   353792   ----a-w-   c:\windows\system32\drivers\srv.sys
2009-12-26 18:22 . 2006-09-04 22:27   --------   d-----w-   c:\documents and settings\All Users\Application Data\WildTangent
2009-12-26 18:21 . 2006-09-04 22:27   --------   d-----w-   c:\program files\HP Games
2009-12-26 18:13 . 2009-12-26 18:12   18438256   ----a-w-   c:\documents and settings\All Users\Application Data\WildTangent\My HP Game Console\Downloads\Installers\SetupGamesClient.exe
2009-12-24 03:13 . 2009-12-24 03:13   --------   d-----w-   c:\documents and settings\All Users\Application Data\TomTom
2009-12-24 03:12 . 2009-12-24 03:12   --------   d-----w-   c:\documents and settings\Compaq_Owner\Application Data\TomTom
2009-12-24 03:11 . 2009-12-24 03:11   --------   d-----w-   c:\program files\TomTom International B.V
2009-12-24 03:11 . 2009-12-24 03:10   --------   d-----w-   c:\program files\TomTom HOME 2
2009-12-24 03:05 . 2009-12-24 03:05   --------   d-----w-   c:\program files\TomTom DesktopSuite
2009-12-22 05:21 . 2004-08-04 11:00   667136   ------w-   c:\windows\system32\wininet.dll
2009-12-22 05:20 . 2004-08-04 11:00   81920   ----a-w-   c:\windows\system32\ieencode.dll
2009-12-17 22:14 . 2008-12-07 12:05   411368   -c--a-w-   c:\windows\system32\deploytk.dll
2009-12-16 18:43 . 2004-08-04 11:00   343040   ----a-w-   c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2004-08-04 11:00   33280   ----a-w-   c:\windows\system32\csrsrv.dll
2009-12-08 19:27 . 2004-08-04 11:00   2189184   ------w-   c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 2004-08-04 11:00   2066048   ------w-   c:\windows\system32\ntkrnlpa.exe
2009-12-08 11:30 . 2009-03-31 23:16   56816   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2009-12-04 18:22 . 2004-08-04 11:00   455424   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:11 . 2004-08-04 11:00   17920   ----a-w-   c:\windows\system32\msyuv.dll
2009-11-27 17:11 . 2004-08-04 11:00   1291776   ----a-w-   c:\windows\system32\quartz.dll
2009-11-27 16:07 . 2004-08-04 11:00   8704   ----a-w-   c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2004-08-04 11:00   28672   ----a-w-   c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2004-08-04 11:00   84992   ----a-w-   c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2004-08-04 11:00   48128   ----a-w-   c:\windows\system32\iyuv_32.dll
2009-11-27 16:07 . 2004-08-04 11:00   11264   ----a-w-   c:\windows\system32\msrle32.dll
2009-11-22 20:42 . 2010-02-11 03:55   1238408   ----a-w-   c:\windows\system32\zpeng25.dll
2009-11-22 20:42 . 2010-02-11 03:55   69000   ----a-w-   c:\windows\system32\zlcomm.dll
2009-11-22 20:42 . 2010-02-11 03:55   103816   ----a-w-   c:\windows\system32\zlcommdb.dll
2008-10-09 19:00 . 2008-10-09 19:00   18489   -c--a-w-   c:\program files\Common Files\vedu.dl
2009-02-24 19:34 . 2009-02-24 19:34   1044480   -c--a-w-   c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34   200704   -c--a-w-   c:\program files\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[7] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys

c:\windows\System32\drivers\beep.sys ... is missing !!
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AOL Fast Start"="c:\program files\America Online 9.0\AOL.EXE" [2005-07-28 50776]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"LXBUCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [2004-08-20 65536]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2009-12-24 1280272]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-09-04 180269]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 68856]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      autocheck autochk *\0smrgdf c:\program files\iolo\System Mechanic Professional 6\\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.e\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
2005-01-20 21:46   2953216   -c--a-w-   c:\program files\BearShare\BearShare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
2005-07-23 05:14   237568   -c--a-w-   c:\windows\SMINST\Recguard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-09-03 13:37   68856   ----a-w-   c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31   247144   ----a-w-   c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1185656573\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\WINDOWS\\system32\\lxbucoms.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Rhapsody\\rhapsody.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [1/29/2010 9:00 AM 28552]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [1/5/2010 7:56 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [1/5/2010 7:56 AM 74480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [3/31/2009 6:16 PM 108289]
R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [1/27/2010 4:19 PM 311568]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [11/13/2009 6:31 AM 92008]
S2 Ca50xav;Digital Blue DMC2 Video Device;c:\windows\system32\drivers\Ca50xav.sys [12/24/2007 3:57 PM 508304]
S2 gupdate1c9cf3f12870e60;Google Update Service (gupdate1c9cf3f12870e60);c:\program files\Google\Update\GoogleUpdate.exe [5/7/2009 1:10 PM 133104]
S2 ioloFileInfoList;iolo FileInfoList Service;

S2 ioloSystemService;iolo System Service;

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [1/5/2010 7:56 AM 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 22:34   451872   -c--a-w-   c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-02-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-02 18:09]

2010-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-07 18:10]

2010-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-07 18:10]

2010-02-08 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-01-20 20:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gqdahqaj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?fr=fptb-
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-19 16:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  LXBUCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16??

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(6592)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-02-19  16:56:19
ComboFix-quarantined-files.txt  2010-02-19 21:56

Pre-Run: 79,875,637,248 bytes free
Post-Run: 79,811,575,808 bytes free

- - End Of File - - 5D5B992E088C45317B7A95CE4B2851E4

[evilfantasy]

Please download SystemLook from one of the below links and save it to your desktop.

Link #1
Link #2

Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

* Double-click SystemLook.exe to run it.
* Copy the contents of the following codebox into the main textfield.

Code: [Select]

:filefind
beep.sys

* Click the Look button to start the scan.
* Note: The scan may take some time so please just let it do its work and be patient (or do something else unrelated to the computer).
* When finished, a notepad window will open with the results of the scan. Please post the log.

The log can also be found on your desktop entitled SystemLook.txt

[godsize71]

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 18:34 on 19/02/2010 by Compaq_Owner (Administrator - Elevation successful)

========== filefind ==========

Searching for "beep.sys"
C:\WINDOWS\system32\dllcache\beep.sys   --a--- 4224 bytes   [02:34 17/02/2010]   [04:00 04/08/2004] DA1F27D85E0D1525F6621372E7B685E9

-=End Of File

[evilfantasy]

Download the attached beep.zip file (at the bottom of this post) to your desktop and unzip it to your desktop then follow the instructions.


1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C

Code: [Select]

KillAll::

FCopy::
c:\documents and settings\Compaq_Owner\Desktop\beep.sys | c:\windows\System32\drivers\beep.sys

DDS::
mDefault_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13917&gct=&gc=1&q=
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13917&gct=&gc=1&q=%s
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} -
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSA: Notification Packages = scecli tayanage.dll

Folder::
C:\VundoFix Backups


3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!



ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.

Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze

[godsize71]

ComboFix 10-02-19.03 - Compaq_Owner 02/19/2010  19:25:33.4.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.446.128 [GMT -5:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Compaq_Owner\Desktop\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

(((((((((((((((((((((((((   Files Created from 2010-01-20 to 2010-02-20  )))))))))))))))))))))))))))))))
.

2010-02-19 13:12 . 2010-02-19 13:12   524288   ----a-w-   C:\dds.scr
2010-02-18 19:28 . 2010-02-18 19:28   918816   ----a-w-   C:\jxpiinstall.exe
2010-02-17 03:04 . 2008-04-14 01:12   116224   ----a-w-   c:\windows\system32\dllcache\xrxwiadr.dll
2010-02-17 03:04 . 2001-08-18 03:36   23040   ----a-w-   c:\windows\system32\dllcache\xrxwbtmp.dll
2010-02-17 03:04 . 2008-04-14 01:12   18944   ----a-w-   c:\windows\system32\dllcache\xrxscnui.dll
2010-02-17 03:04 . 2001-08-18 03:37   27648   ----a-w-   c:\windows\system32\dllcache\xrxftplt.exe
2010-02-17 03:04 . 2001-08-18 03:37   4608   ----a-w-   c:\windows\system32\dllcache\xrxflnch.exe
2010-02-17 03:04 . 2001-08-18 03:37   99865   ----a-w-   c:\windows\system32\dllcache\xlog.exe
2010-02-17 03:04 . 2001-08-17 17:11   16970   ----a-w-   c:\windows\system32\dllcache\xem336n5.sys
2010-02-17 03:03 . 2004-08-04 03:29   19455   ----a-w-   c:\windows\system32\dllcache\wvchntxx.sys
2010-02-17 03:03 . 2004-08-04 03:29   12063   ----a-w-   c:\windows\system32\dllcache\wsiintxx.sys
2010-02-17 03:03 . 2008-04-14 01:12   8192   ----a-w-   c:\windows\system32\dllcache\wshirda.dll
2010-02-17 03:03 . 2008-04-13 19:36   8832   ----a-w-   c:\windows\system32\dllcache\wmiacpi.sys
2010-02-17 03:03 . 2004-08-04 03:31   154624   ----a-w-   c:\windows\system32\dllcache\wlluc48.sys
2010-02-17 03:03 . 2001-08-17 17:12   34890   ----a-w-   c:\windows\system32\dllcache\wlandrv2.sys
2010-02-17 03:03 . 2001-08-17 18:28   771581   ----a-w-   c:\windows\system32\dllcache\winacisa.sys
2010-02-17 03:03 . 2001-08-18 03:36   53760   ----a-w-   c:\windows\system32\dllcache\wiamsmud.dll
2010-02-17 03:01 . 2001-08-17 18:28   604253   ----a-w-   c:\windows\system32\dllcache\vmodem.sys
2010-02-17 03:01 . 2001-08-17 17:14   249402   ----a-w-   c:\windows\system32\dllcache\vinwm.sys
2010-02-17 03:01 . 2001-08-17 18:49   24576   ----a-w-   c:\windows\system32\dllcache\viairda.sys
2010-02-17 03:01 . 2001-08-17 18:28   687999   ----a-w-   c:\windows\system32\dllcache\usrwdxjs.sys
2010-02-17 03:01 . 2001-08-17 18:28   765884   ----a-w-   c:\windows\system32\dllcache\usrti.sys
2010-02-17 03:01 . 2001-08-17 18:28   113762   ----a-w-   c:\windows\system32\dllcache\usrpda.sys
2010-02-17 03:01 . 2001-08-17 18:28   7556   ----a-w-   c:\windows\system32\dllcache\usroslba.sys
2010-02-17 03:01 . 2001-08-17 18:28   224802   ----a-w-   c:\windows\system32\dllcache\usr1807a.sys
2010-02-17 03:01 . 2001-08-17 18:28   794399   ----a-w-   c:\windows\system32\dllcache\usr1806v.sys
2010-02-17 03:01 . 2001-08-17 18:28   793598   ----a-w-   c:\windows\system32\dllcache\usr1806.sys
2010-02-17 03:01 . 2001-08-17 18:28   794654   ----a-w-   c:\windows\system32\dllcache\usr1801.sys
2010-02-17 03:01 . 2008-04-13 19:45   26112   ----a-w-   c:\windows\system32\dllcache\usbser.sys
2010-02-17 03:01 . 2004-08-04 03:31   32384   ----a-w-   c:\windows\system32\dllcache\usb101et.sys
2010-02-17 02:59 . 2001-08-17 17:51   159232   ----a-w-   c:\windows\system32\dllcache\tridkbm.sys
2010-02-17 02:58 . 2008-04-13 19:40   149376   ----a-w-   c:\windows\system32\dllcache\tffsport.sys
2010-02-17 02:57 . 2001-08-18 03:36   10240   ----a-w-   c:\windows\system32\dllcache\swpidflt.dll
2010-02-17 02:57 . 2001-08-18 03:36   10240   ----a-w-   c:\windows\system32\dllcache\swpdflt2.dll
2010-02-17 02:57 . 2001-08-18 03:36   53760   ----a-w-   c:\windows\system32\dllcache\sw_wheel.dll
2010-02-17 02:57 . 2001-08-18 03:36   41472   ----a-w-   c:\windows\system32\dllcache\sw_effct.dll
2010-02-17 02:57 . 2001-08-18 03:36   155648   ----a-w-   c:\windows\system32\dllcache\stlnprop.dll
2010-02-17 02:57 . 2001-08-18 03:36   53248   ----a-w-   c:\windows\system32\dllcache\stlncoin.dll
2010-02-17 02:57 . 2001-08-17 17:18   285760   ----a-w-   c:\windows\system32\dllcache\stlnata.sys
2010-02-17 02:57 . 2001-08-17 18:51   16896   ----a-w-   c:\windows\system32\dllcache\stcusb.sys
2010-02-17 02:57 . 2001-08-17 17:11   48736   ----a-w-   c:\windows\system32\dllcache\srwlnd5.sys
2010-02-17 02:57 . 2001-08-18 03:36   99328   ----a-w-   c:\windows\system32\dllcache\srusd.dll
2010-02-17 02:57 . 2001-08-18 03:36   24660   ----a-w-   c:\windows\system32\dllcache\spxupchk.dll
2010-02-17 02:57 . 2001-08-17 18:51   61824   ----a-w-   c:\windows\system32\dllcache\speed.sys
2010-02-17 02:57 . 2001-08-18 03:36   106584   ----a-w-   c:\windows\system32\dllcache\spdports.dll
2010-02-17 02:55 . 2001-08-18 03:36   45568   ----a-w-   c:\windows\system32\dllcache\smb3w.dll
2010-02-17 02:54 . 2001-07-21 19:29   161568   ----a-w-   c:\windows\system32\dllcache\sgsmusb.sys
2010-02-17 02:54 . 2001-07-21 19:29   18400   ----a-w-   c:\windows\system32\dllcache\sgsmld.sys
2010-02-17 02:54 . 2001-08-17 17:51   98080   ----a-w-   c:\windows\system32\dllcache\sgiulnt5.sys
2010-02-17 02:54 . 2001-08-18 03:36   386560   ----a-w-   c:\windows\system32\dllcache\sgiul50.dll
2010-02-17 02:54 . 2001-08-17 17:19   36480   ----a-w-   c:\windows\system32\dllcache\sfmanm.sys
2010-02-17 02:54 . 2001-08-17 18:53   6784   ----a-w-   c:\windows\system32\dllcache\serscan.sys
2010-02-17 02:54 . 2001-08-17 18:48   17664   ----a-w-   c:\windows\system32\dllcache\sermouse.sys
2010-02-17 02:54 . 2001-08-17 18:53   6912   ----a-w-   c:\windows\system32\dllcache\seaddsmc.sys
2010-02-17 02:54 . 2008-04-13 19:45   11520   ----a-w-   c:\windows\system32\dllcache\scsiscan.sys
2010-02-17 02:54 . 2001-08-17 18:52   11648   ----a-w-   c:\windows\system32\dllcache\scsiprnt.sys
2010-02-17 02:54 . 2001-08-17 18:51   17280   ----a-w-   c:\windows\system32\dllcache\scr111.sys
2010-02-17 02:54 . 2001-08-17 18:51   16640   ----a-w-   c:\windows\system32\dllcache\scmstcs.sys
2010-02-17 02:52 . 2001-08-17 18:57   65664   ----a-w-   c:\windows\system32\dllcache\s3legacy.sys
2010-02-17 02:52 . 2001-08-18 03:36   82432   ----a-w-   c:\windows\system32\dllcache\rwia450.dll
2010-02-17 02:52 . 2001-08-18 03:36   79872   ----a-w-   c:\windows\system32\dllcache\rwia430.dll
2010-02-17 02:52 . 2008-04-14 01:12   29696   ----a-w-   c:\windows\system32\dllcache\rw450ext.dll
2010-02-17 02:52 . 2008-04-14 01:12   27648   ----a-w-   c:\windows\system32\dllcache\rw430ext.dll
2010-02-17 02:52 . 2001-08-17 17:12   19017   ----a-w-   c:\windows\system32\dllcache\rtl8029.sys
2010-02-17 02:52 . 2001-08-17 17:19   30720   ----a-w-   c:\windows\system32\dllcache\rthwcls.sys
2010-02-17 02:52 . 2001-08-18 03:36   9216   ----a-w-   c:\windows\system32\dllcache\rsmgrstr.dll
2010-02-17 02:52 . 2001-08-17 17:19   3840   ----a-w-   c:\windows\system32\dllcache\rpfun.sys
2010-02-17 02:52 . 2008-04-13 19:40   79104   ----a-w-   c:\windows\system32\dllcache\rocket.sys
2010-02-17 02:52 . 2001-08-17 17:12   37563   ----a-w-   c:\windows\system32\dllcache\rlnet5.sys
2010-02-17 02:52 . 2001-08-18 03:36   86097   ----a-w-   c:\windows\system32\dllcache\reslog32.dll
2010-02-17 02:50 . 2001-08-17 18:51   16128   ----a-w-   c:\windows\system32\dllcache\pscr.sys
2010-02-17 02:49 . 2001-08-17 17:11   35328   ----a-w-   c:\windows\system32\dllcache\pcntpci5.sys
2010-02-17 02:48 . 2001-08-17 17:12   43689   ----a-w-   c:\windows\system32\dllcache\otceth5.sys
2010-02-17 02:47 . 2001-08-17 17:11   65278   ----a-w-   c:\windows\system32\dllcache\netflx3.sys
2010-02-17 02:46 . 2001-08-18 03:36   19968   ----a-w-   c:\windows\system32\dllcache\mxicfg.dll
2010-02-17 02:46 . 2004-08-04 04:00   229439   ----a-w-   c:\windows\system32\dllcache\multibox.dll
2010-02-17 02:46 . 2001-08-17 18:50   21888   ----a-w-   c:\windows\system32\dllcache\mxcard.sys
2010-02-17 02:46 . 2001-08-17 17:50   103296   ----a-w-   c:\windows\system32\dllcache\mtxvideo.sys
2010-02-17 02:46 . 2008-04-13 19:46   49024   ----a-w-   c:\windows\system32\dllcache\mstape.sys
2010-02-17 02:46 . 2001-08-17 18:48   12416   ----a-w-   c:\windows\system32\dllcache\msriffwv.sys
2010-02-17 02:46 . 2001-08-17 19:00   2944   ----a-w-   c:\windows\system32\dllcache\msmpu401.sys
2010-02-17 02:46 . 2008-04-13 19:54   22016   ----a-w-   c:\windows\system32\dllcache\msircomm.sys
2010-02-17 02:46 . 2004-08-04 04:00   98304   ----a-w-   c:\windows\system32\dllcache\msir3jp.dll
2010-02-17 02:46 . 2001-08-17 19:02   35200   ----a-w-   c:\windows\system32\dllcache\msgame.sys
2010-02-17 02:46 . 2001-08-17 18:48   6016   ----a-w-   c:\windows\system32\dllcache\msfsio.sys
2010-02-17 02:46 . 2008-04-13 19:46   51200   ----a-w-   c:\windows\system32\dllcache\msdv.sys
2010-02-17 02:45 . 2001-08-17 18:52   17280   ----a-w-   c:\windows\system32\dllcache\mraid35x.sys
2010-02-17 02:45 . 2008-04-13 19:46   15232   ----a-w-   c:\windows\system32\dllcache\mpe.sys
2010-02-17 02:45 . 2001-08-17 18:57   16128   ----a-w-   c:\windows\system32\dllcache\modemcsa.sys
2010-02-17 02:45 . 2001-08-17 18:52   6528   ----a-w-   c:\windows\system32\dllcache\miniqic.sys
2010-02-17 02:45 . 2001-08-17 17:50   320384   ----a-w-   c:\windows\system32\dllcache\mgaum.sys
2010-02-17 02:45 . 2001-08-17 19:56   235648   ----a-w-   c:\windows\system32\dllcache\mgaud.dll
2010-02-17 02:45 . 2008-04-13 19:41   26112   ----a-w-   c:\windows\system32\dllcache\memstpci.sys
2010-02-17 02:45 . 2001-08-18 03:36   47616   ----a-w-   c:\windows\system32\dllcache\memgrp.dll
2010-02-17 02:45 . 2001-08-17 18:58   8320   ----a-w-   c:\windows\system32\dllcache\memcard.sys
2010-02-17 02:45 . 2001-08-17 17:12   164586   ----a-w-   c:\windows\system32\dllcache\mdgndis5.sys
2010-02-17 02:45 . 2001-08-17 18:52   7424   ----a-w-   c:\windows\system32\dllcache\mammoth.sys
2010-02-17 02:45 . 2001-08-17 17:19   48768   ----a-w-   c:\windows\system32\dllcache\maestro.sys
2010-02-17 02:43 . 2008-04-13 19:39   14592   ----a-w-   c:\windows\system32\dllcache\kbdhid.sys
2010-02-17 02:42 . 2001-08-18 03:36   372824   ----a-w-   c:\windows\system32\dllcache\iconf32.dll
2010-02-17 02:41 . 2001-08-17 18:28   488383   ----a-w-   c:\windows\system32\dllcache\hsf_v124.sys
2010-02-17 02:40 . 2001-08-18 03:36   126976   ----a-w-   c:\windows\system32\dllcache\hpgt34tk.dll
2010-02-17 02:39 . 2001-08-17 17:15   442240   ----a-w-   c:\windows\system32\dllcache\fpnpbase.sys
2010-02-17 02:39 . 2001-08-17 17:14   441728   ----a-w-   c:\windows\system32\dllcache\fpcmbase.sys
2010-02-17 02:39 . 2001-08-17 17:14   444416   ----a-w-   c:\windows\system32\dllcache\fpcibase.sys
2010-02-17 02:39 . 2004-08-04 03:31   34173   ----a-w-   c:\windows\system32\dllcache\forehe.sys
2010-02-17 02:39 . 2001-08-18 03:36   71680   ----a-w-   c:\windows\system32\dllcache\fnfilter.dll
2010-02-17 02:39 . 2001-08-17 17:13   27165   ----a-w-   c:\windows\system32\dllcache\fetnd5.sys
2010-02-17 02:39 . 2001-08-17 17:10   22090   ----a-w-   c:\windows\system32\dllcache\fem556n5.sys
2010-02-17 02:39 . 2001-08-17 17:12   24618   ----a-w-   c:\windows\system32\dllcache\fa410nd5.sys
2010-02-17 02:39 . 2001-08-17 17:12   16074   ----a-w-   c:\windows\system32\dllcache\fa312nd5.sys
2010-02-17 02:39 . 2001-08-17 17:11   11850   ----a-w-   c:\windows\system32\dllcache\f3ab18xj.sys
2010-02-17 02:39 . 2001-08-17 17:11   12362   ----a-w-   c:\windows\system32\dllcache\f3ab18xi.sys
2010-02-17 02:39 . 2001-08-17 18:52   7040   ----a-w-   c:\windows\system32\dllcache\exabyte2.sys
2010-02-17 02:37 . 2001-08-17 17:10   19996   ----a-w-   c:\windows\system32\dllcache\em556n4.sys
2010-02-17 02:36 . 2001-08-18 03:36   37962   ----a-w-   c:\windows\system32\dllcache\divaprop.dll
2010-02-17 02:35 . 2001-08-18 03:36   27648   ----a-w-   c:\windows\system32\dllcache\cyyports.dll
2010-02-17 02:34 . 2001-08-17 17:12   37916   ----a-w-   c:\windows\system32\dllcache\cb102.sys
2010-02-17 02:33 . 2001-08-17 18:28   871388   ----a-w-   c:\windows\system32\dllcache\bcmdm.sys
2010-02-17 02:32 . 2001-08-17 19:56   66048   ----a-w-   c:\windows\system32\dllcache\s3legacy.dll
2010-02-11 03:58 . 2010-02-11 03:58   --------   d-----w-   c:\documents and settings\Compaq_Owner\Application Data\CheckPoint
2010-02-11 03:54 . 2010-02-20 00:25   --------   d-----w-   c:\windows\Internet Logs
2010-02-11 03:53 . 2010-02-11 03:54   40233352   ----a-w-   C:\zaSetup_91_007_002_en.exe
2010-02-11 03:51 . 2010-02-11 03:51   16409960   ----a-w-   C:\havefun.exe
2010-02-11 01:56 . 2010-02-11 02:11   363008   ----a-w-   C:\rkill.com

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 21:35 . 2008-01-31 02:51   --------   d-----w-   c:\documents and settings\Compaq_Owner\Application Data\Vso
2010-02-19 18:35 . 2009-05-07 18:09   --------   d-----w-   c:\documents and settings\All Users\Application Data\Google Updater
2010-02-18 19:33 . 2006-09-04 22:01   --------   d-----w-   c:\program files\Java
2010-02-11 03:55 . 2010-02-11 03:55   --------   d-----w-   c:\program files\CheckPoint
2010-02-11 03:55 . 2010-02-11 03:55   4212   ---ha-w-   c:\windows\system32\zllictbl.dat
2010-02-11 03:55 . 2010-02-11 03:55   --------   d-----w-   c:\program files\Zone Labs
2010-02-09 02:16 . 2008-12-16 14:29   --------   d-----w-   c:\program files\Dvd-cloner
2010-02-09 02:16 . 2006-09-04 22:47   --------   d-----w-   c:\program files\PC-Doctor 5 for Windows
2010-02-09 02:16 . 2006-09-04 22:23   --------   d-----w-   c:\program files\music_now
2010-02-09 02:16 . 2007-09-05 22:54   --------   d-----w-   c:\program files\Windows Media Connect 2
2010-02-09 02:16 . 2007-07-29 23:12   --------   d-----w-   c:\program files\DivX
2010-02-09 02:16 . 2006-09-04 22:33   --------   d-----w-   c:\program files\MSN Encarta Standard
2010-02-09 02:16 . 2006-09-04 22:34   --------   d-----w-   c:\program files\Microsoft Works
2010-02-09 02:16 . 2007-07-28 21:02   --------   d-----w-   c:\program files\America Online 9.0
2010-02-03 15:26 . 2007-07-29 23:17   --------   d-----w-   c:\program files\Google
2010-01-31 00:50 . 2007-12-13 01:23   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
2010-01-31 00:20 . 2006-09-04 22:01   --------   d-----w-   c:\program files\Common Files\Java
2010-01-31 00:14 . 2007-07-28 21:03   --------   d-----w-   c:\documents and settings\All Users\Application Data\Viewpoint
2010-01-30 17:13 . 2007-07-29 12:55   --------   d-----w-   c:\program files\Eraser
2010-01-29 21:23 . 2009-03-31 18:40   --------   d---a-w-   c:\documents and settings\All Users\Application Data\TEMP
2010-01-29 19:46 . 2008-12-07 12:27   --------   d-----w-   c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-31 16:50 . 2004-08-04 11:00   353792   ----a-w-   c:\windows\system32\drivers\srv.sys
2009-12-26 18:22 . 2006-09-04 22:27   --------   d-----w-   c:\documents and settings\All Users\Application Data\WildTangent
2009-12-26 18:21 . 2006-09-04 22:27   --------   d-----w-   c:\program files\HP Games
2009-12-24 03:13 . 2009-12-24 03:13   --------   d-----w-   c:\documents and settings\All Users\Application Data\TomTom
2009-12-24 03:12 . 2009-12-24 03:12   --------   d-----w-   c:\documents and settings\Compaq_Owner\Application Data\TomTom
2009-12-24 03:11 . 2009-12-24 03:11   --------   d-----w-   c:\program files\TomTom International B.V
2009-12-24 03:11 . 2009-12-24 03:10   --------   d-----w-   c:\program files\TomTom HOME 2
2009-12-24 03:05 . 2009-12-24 03:05   --------   d-----w-   c:\program files\TomTom DesktopSuite
2009-12-22 05:21 . 2004-08-04 11:00   667136   ------w-   c:\windows\system32\wininet.dll
2009-12-22 05:20 . 2004-08-04 11:00   81920   ----a-w-   c:\windows\system32\ieencode.dll
2009-12-17 22:14 . 2008-12-07 12:05   411368   -c--a-w-   c:\windows\system32\deploytk.dll
2009-12-16 18:43 . 2004-08-04 11:00   343040   ----a-w-   c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2004-08-04 11:00   33280   ----a-w-   c:\windows\system32\csrsrv.dll
2009-12-08 19:27 . 2004-08-04 11:00   2189184   ------w-   c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 2004-08-04 11:00   2066048   ------w-   c:\windows\system32\ntkrnlpa.exe
2009-12-08 11:30 . 2009-03-31 23:16   56816   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2009-12-04 18:22 . 2004-08-04 11:00   455424   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:11 . 2004-08-04 11:00   17920   ----a-w-   c:\windows\system32\msyuv.dll
2009-11-27 17:11 . 2004-08-04 11:00   1291776   ----a-w-   c:\windows\system32\quartz.dll
2009-11-27 16:07 . 2004-08-04 11:00   8704   ----a-w-   c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2004-08-04 11:00   28672   ----a-w-   c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2004-08-04 11:00   84992   ----a-w-   c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2004-08-04 11:00   48128   ----a-w-   c:\windows\system32\iyuv_32.dll
2009-11-27 16:07 . 2004-08-04 11:00   11264   ----a-w-   c:\windows\system32\msrle32.dll
2009-11-22 20:42 . 2010-02-11 03:55   1238408   ----a-w-   c:\windows\system32\zpeng25.dll
2009-11-22 20:42 . 2010-02-11 03:55   69000   ----a-w-   c:\windows\system32\zlcomm.dll
2009-11-22 20:42 . 2010-02-11 03:55   103816   ----a-w-   c:\windows\system32\zlcommdb.dll
2008-10-09 19:00 . 2008-10-09 19:00   18489   -c--a-w-   c:\program files\Common Files\vedu.dl
2009-02-24 19:34 . 2009-02-24 19:34   1044480   -c--a-w-   c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34   200704   -c--a-w-   c:\program files\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[7] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys

c:\windows\System32\drivers\beep.sys ... is missing !!
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AOL Fast Start"="c:\program files\America Online 9.0\AOL.EXE" [2005-07-28 50776]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]
"LXBUCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [2004-08-20 65536]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2009-12-24 1280272]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-09-04 180269]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 68856]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      autocheck autochk *\0smrgdf c:\program files\iolo\System Mechanic Professional 6\\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.e\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex\0SsiEfr.e\0SsiEfr.ex

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
2005-01-20 21:46   2953216   -c--a-w-   c:\program files\BearShare\BearShare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
2005-07-23 05:14   237568   -c--a-w-   c:\windows\SMINST\Recguard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-09-03 13:37   68856   ----a-w-   c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31   247144   ----a-w-   c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1185656573\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\WINDOWS\\system32\\lxbucoms.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BearShare\\BearShare.exe"=
"c:\\Program Files\\Rhapsody\\rhapsody.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [1/29/2010 9:00 AM 28552]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [1/5/2010 7:56 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [1/5/2010 7:56 AM 74480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [3/31/2009 6:16 PM 108289]
R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [1/27/2010 4:19 PM 311568]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [11/13/2009 6:31 AM 92008]
S2 Ca50xav;Digital Blue DMC2 Video Device;c:\windows\system32\drivers\Ca50xav.sys [12/24/2007 3:57 PM 508304]
S2 gupdate1c9cf3f12870e60;Google Update Service (gupdate1c9cf3f12870e60);c:\program files\Google\Update\GoogleUpdate.exe [5/7/2009 1:10 PM 133104]
S2 ioloFileInfoList;iolo FileInfoList Service;

S2 ioloSystemService;iolo System Service;

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [1/5/2010 7:56 AM 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 22:34   451872   -c--a-w-   c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-02-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-02 18:09]

2010-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-07 18:10]

2010-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-07 18:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PRESARIO&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: &Search
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\gqdahqaj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?fr=fptb-
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false
FF - user.js: network.http.pipelining - false
FF - user.js: network.http.proxy.pipelining - false.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-19 19:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  LXBUCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16??

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(5688)
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Common Files\aolshare\aolshcpy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
c:\program files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
c:\program files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\program files\America Online 9.0\waol.exe
c:\program files\IObit\IObit Security 360\is360.exe
c:\program files\America Online 9.0\shellmon.exe
.
**************************************************************************
.
Completion time: 2010-02-19  19:59:35 - machine was rebooted
ComboFix-quarantined-files.txt  2010-02-20 00:59
ComboFix2.txt  2010-02-19 21:56

Pre-Run: 79,541,571,584 bytes free
Post-Run: 80,024,301,568 bytes free

- - End Of File - - FA21A306079B4D0CE50ED1CDCCEA29C9

[evilfantasy]

You didn't put the beep.sys file on your desktop?

[godsize71]

the system look right? its there