computer acting up

[FALLGUY]

Hey Dave,

I downloaded and installed as commy.exe. Run program and it will initialize and create restore point.
Then it wiil start scan. Then nothing for long periods of time with no stages showing up. I've tried
this 4 times.The first 2 failed after I got a notice that my virtual memory is to low. The program update itself 2 times ,so I know it is the latest. Last night I went through the files on my computer individually and found many empty and some remnants of others I've supposedly deleted(017stkv2). abrev. Also more of the registry cleaners files. The first time I ran commy.exe-virtual memory too low then freeze-2nd time updates and then vitual memory and freeze. 3rd it runs for halfour and just closes out and refreshes to desktop and same with 4th try.

[SuperDave]

Did you uninstall all the other stuff? If not, please do so now and then  try this scan.

Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.

[FALLGUY]

Hi Dave,  Advanced registry optimizer was removed. There was a remnant in the program list that I deleted after the scan. Messenger is gone. Stko17-v2.01 just blinks when I try to remove. And finally, Ask toolbar give me an error-2203 Database  C:WINDOWS\Installer\2aea4b5.ipi. cannot open data base file.
system error - 2147287011  .
This program came with webroot spysweeper.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 11/10/2005 7:29:26 PM
System Uptime: 5/12/2010 6:02:57 PM (7 hours ago)

Motherboard: MICRO-STAR |  | MS-7184
Processor: AMD Athlon(tm) 64 Processor 3400+ | Socket 939 | 2188/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 182 GiB total, 109.559 GiB free.
D: is FIXED (FAT32) - 4 GiB total, 2.715 GiB free.
E: is CDROM (CDFS)
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Description: Default Monitor
Device ID: DISPLAY\DEFAULT_MONITOR\5&10AC3848&2&10000000&01&05
Manufacturer: (Standard monitor types)
Name: Default Monitor
PNP Device ID: DISPLAY\DEFAULT_MONITOR\5&10AC3848&2&10000000&01&05
Service:

Class GUID: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Description: Default Monitor
Device ID: DISPLAY\DEFAULT_MONITOR\6&1586D8D5&0&113377A9&03&00
Manufacturer: (Standard monitor types)
Name: Default Monitor
PNP Device ID: DISPLAY\DEFAULT_MONITOR\6&1586D8D5&0&113377A9&03&00
Service:

Class GUID: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Description: Default Monitor
Device ID: DISPLAY\DEFAULT_MONITOR\6&1586D8D5&0&113377A1&03&00
Manufacturer: (Standard monitor types)
Name: Default Monitor
PNP Device ID: DISPLAY\DEFAULT_MONITOR\6&1586D8D5&0&113377A1&03&00
Service:

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Microsoft Kernel Wave Audio Mixer
Device ID: SW\{B7EAFDC0-A680-11D0-96D8-00AA0051E51D}\{9B365890-165F-11D0-A195-0020AFD156E4}
Manufacturer: Microsoft
Name: Microsoft Kernel Wave Audio Mixer
PNP Device ID: SW\{B7EAFDC0-A680-11D0-96D8-00AA0051E51D}\{9B365890-165F-11D0-A195-0020AFD156E4}
Service: kmixer

==== System Restore Points ===================

RP1728: 5/12/2010 6:08:20 AM - Software Distribution Service 3.0
RP1729: 5/12/2010 1:07:10 PM - Software Distribution Service 3.0

==== Installed Programs ======================

Acrobat.com
Actiontec Gateway
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11.5
Advanced Registry Optimizer
ArcSoft Print Creations
ArcSoft Print Creations - Greeting Card
ArcSoft Software Suite
Ask Toolbar
ATI Display Driver
avast! Free Antivirus
Belarc Advisor 7.2
Big Kahuna Reef 2
BigFix
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCScore
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Digital Media Reader
DIGOpt
EPSON NX100 Series Printer Uninstall
EPSON Scan
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
FATE
FATE from HP Media Center (remove only)
fflink
Google Earth
Google Photos Screensaver
Google Updater
Google Video Player
Google Web Accelerator
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hunting Unlimited 2010
J2SE Development Kit 5.0 Update 5
J2SE Runtime Environment 5.0 Update 2
Java(TM) 6 Update 17
kgcbaby
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
Logitech SetPoint
Media Go
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office Outlook Connector
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WinUsb 1.0
Microsoft Works
Mozilla Firefox (3.6.3)
MSN
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyDSC2
Napster Burn Engine
Nero BurnRights
netbrdg
NVIDIA Drivers
OfotoXMI
Online Armor 4.0
PCDADDIN
PCDHELP
Picasa 3
PlayStation(R)Network Downloader
PlayStation(R)Store
PowerDVD
QuickConnect
QuickTime
Qwest eChat Support Tools
Realtek AC'97 Audio
Recovery Software Suite eMachines
Scholastic's I SPY Fantasy
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980232)
SFR
SHASTA
skin0001
SKINXSDK
SoftV92 Data Fax Modem with SmartCP
Spy Sweeper Core
staticcr
STK017_V2.01
SUPERAntiSpyware Free Edition
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
VPRINTOL
WebFldrs XP
Webroot AntiVirus with Spy Sweeper
WildTangent Games
WildTangent Web Driver
Windows Backup Utility
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows XP Service Pack 3
WIRELESS
Zune
Zune Language Pack (DE)
Zune Language Pack (ES)
Zune Language Pack (FR)
Zune Language Pack (IT)

==== Event Viewer Messages From Past Week ========

5/8/2010 8:52:39 AM, error: Service Control Manager [7011]  - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
5/8/2010 2:09:46 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  eeCtrl
5/8/2010 2:09:46 PM, error: Service Control Manager [7000]  - The Automatic LiveUpdate Scheduler service failed to start due to the following error:  The system cannot find the path specified.
5/8/2010 1:56:58 PM, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: Insufficient system resources exist to complete the requested service. .
5/8/2010 1:56:58 PM, error: SideBySide [59]  - Generate Activation Context failed for C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll. Reference error message: The operation completed successfully. .
5/8/2010 1:56:58 PM, error: SideBySide [58]  - Syntax error in manifest or policy file "C:\WINDOWS\WinSxS\Policies\x86_Policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\8.0.50727.4053.policy" on line 0.
5/8/2010 1:56:56 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
5/8/2010 1:56:56 PM, error: Service Control Manager [7000]  - The IMAPI CD-Burning COM Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
5/8/2010 1:34:20 PM, error: Service Control Manager [7023]  - The Application Management service terminated with the following error:  The specified module could not be found.
5/8/2010 1:18:50 AM, error: Service Control Manager [7000]  - The OAnet service failed to start due to the following error:  The specified driver is invalid.
5/8/2010 1:18:50 AM, error: Service Control Manager [7000]  - The OADriver service failed to start due to the following error:  The specified driver is invalid.
5/8/2010 1:08:00 AM, error: Service Control Manager [7001]  - The avast! Antivirus service depends on the aswMon2 service which failed to start because of the following error:  The specified driver is invalid.
5/8/2010 1:08:00 AM, error: Service Control Manager [7000]  - The aswMon2 service failed to start due to the following error:  The specified driver is invalid.
5/8/2010 1:07:20 AM, error: Service Control Manager [7000]  - The aswSP service failed to start due to the following error:  The specified driver is invalid.
5/8/2010 1:07:20 AM, error: Service Control Manager [7000]  - The aswFsBlk service failed to start due to the following error:  The system cannot find the file specified.
5/8/2010 1:07:18 AM, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.VC90.MFC. Reference error message: Insufficient system resources exist to complete the requested service. .
5/8/2010 1:07:18 AM, error: SideBySide [59]  - Generate Activation Context failed for C:\Program Files\Alwil Software\Avast5\avastUI.exe. Reference error message: The operation completed successfully. .
5/7/2010 6:55:16 AM, error: SAM [12288]  - SAM failed to write changes to the database. This is most likely due to a memory or disk-space shortage. The SAM database will be restored to an earlier state. Recent changes will be lost. Check the disk-space available and maximum pagefile size setting.
5/7/2010 3:13:07 PM, error: SideBySide [59]  - Generate Activation Context failed for C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe. Reference error message: The operation completed successfully. .
5/7/2010 3:04:08 PM, error: Service Control Manager [7034]  - The Online Armor service terminated unexpectedly.  It has done this 1 time(s).
5/7/2010 2:41:23 PM, error: Dhcp [1008]  - Your computer was unable to initialize a Network Interface attached to the system. The error code is: A device attached to the system is not functioning. .
5/7/2010 2:41:15 PM, error: Service Control Manager [7023]  - The Computer Browser service terminated with the following error:  Insufficient system resources exist to complete the requested service.
5/7/2010 2:28:47 PM, error: SideBySide [59]  - Generate Activation Context failed for c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll. Reference error message: The operation completed successfully. .
5/7/2010 10:33:32 AM, error: WPDMTPDriver [15300]  - MTP WPD Driver has failed to start. Error 0x800705aa.
5/7/2010 1:49:42 PM, error: WPDMTPDriver [15300]  - MTP WPD Driver has failed to start. Error 0x80070490.
5/6/2010 4:06:20 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Webroot Spy Sweeper Engine service to connect.
5/6/2010 4:06:20 PM, error: Service Control Manager [7000]  - The Webroot Spy Sweeper Engine service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
5/6/2010 11:52:51 AM, error: Service Control Manager [7023]  - The Remote Access Connection Manager service terminated with the following error:  The specified module could not be found.
5/6/2010 11:52:42 AM, error: Service Control Manager [7000]  - The Application Layer Gateway Service service failed to start due to the following error:  Insufficient system resources exist to complete the requested service.
5/6/2010 11:52:24 AM, error: Rasman [20063]  - Remote Access Connection Manager failed to start because the Point to Point Protocol failed to initialize. The specified module could not be found.
5/6/2010 1:28:07 PM, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service WebrootSpySweeperService with arguments "" in order to run the server: {1281A68F-9E75-418F-B3AC-D5B23DD86408}
5/12/2010 6:11:56 AM, error: Service Control Manager [7023]  - The SSDP Discovery Service service terminated with the following error:  The specified module could not be found.
5/12/2010 3:15:13 AM, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2003 (KB976382).
5/10/2010 9:33:04 PM, error: SideBySide [59]  - Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls. Reference error message: Insufficient system resources exist to complete the requested service. .
5/10/2010 9:33:04 PM, error: SideBySide [59]  - Generate Activation Context failed for C:\Program Files\Mozilla Firefox\firefox.exe. Reference error message: The operation completed successfully. .

==== End Of File ===========================

[FALLGUY]

next log
DDS (Ver_10-03-17.01) - NTFSx86 
Run by moore family at  1:17:50.20 on Thu 05/13/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.382.143 [GMT -5:00]

AV: Webroot Internet Security Essentials *On-access scanning disabled* (Updated)   {77E10C7F-2CCA-4187-9394-BDBC267AD597}
AV: iolo AntiVirus® *On-access scanning disabled* (Updated)   {2565CEEE-6BDB-4A6D-AD6D-F682F2695014}
FW: Norton Internet Worm Protection *disabled*   {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Webroot Internet Security Essentials *enabled*   {63671000-11A2-46DD-BADD-A084CABCDEAE}
FW: Lavasoft Personal Firewall *disabled*   {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}

============== Running Processes ===============

C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
c:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\moore family\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: &Google Web Accelerator Helper: {69a87b7d-de56-4136-9655-716ba50c19c7} - c:\program files\google\web accelerator\GoogleWebAccToolbar.dll
BHO: Ask Toolbar BHO: {d4027c7f-154a-4066-a1ad-4243d8127440} - Webroot Toolbar
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Web Accelerator: {db87bfa2-a2e3-451e-8e5a-c89982d87cbf} - c:\program files\google\web accelerator\GoogleWebAccToolbar.dll
TB: Webroot Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} -
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Logitech Hardware Abstraction Layer] "KHALMNPR.EXE"
mRun: [NI.UWFX5_0001_N56M0311] c:\documents and settings\moore family\local settings\temporary internet files\content.ie5\gbm547gv\WinFixerScannerInstall[1].exe -nag
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] "nwiz.exe" /install
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [ArcSoft Connection Service] "c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe"
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [@OnlineArmor GUI] "c:\program files\tall emu\online armor\oaui.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\rungoo~1.lnk - c:\program files\google\web accelerator\GoogleWebAccWarden.exe
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - hxxp://www.symantec.com/techsupp/asa/LSSupCtl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132341909031
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} - hxxps://ediagnostics.lexmark.com/serval.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\mooref~1\applic~1\mozilla\firefox\profiles\1ad26hkf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=4&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?rls=ig&hl=en&source=iglk
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=WBR&o=13993&locale=en_US&q=
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa2.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\sony\media go\npmediago.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
user_pref('capability.policy.policynames', 'localfilelinks');user_pref('capability.policy.localfilelinks.sites', 'hxxp://www.webmynd.com http://www.google.com');user_pref('capability.policy.localfilelinks.checkl oaduri.enabled', 'allAccess');c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut. enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_ everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_a s_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugi n", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2009-11-6 29808]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-4-27 61440]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2010-4-22 704432]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2010-4-22 704432]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [2006-12-24 2368]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\spy sweeper\SpySweeper.exe [2009-11-6 4048240]
R2 WRConsumerService;Webroot Client Service;c:\program files\webroot\spy sweeper\WRConsumerService.exe [2010-2-24 1201640]
S3 DCamUSBSTK017;STK017 Camera;c:\windows\system32\drivers\stk017w2.sys --> c:\windows\system32\drivers\STK017W2.sys [?]
S3 PRISM_USB;D-Link Air DWL-121 Wireless USB Adapter Driver;c:\windows\system32\drivers\PRISMUSB.sys [2003-4-10 636416]
S4 ADBLOCK.DLL;Lavasoft Firewall PlugIn (ADBLOCK.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\adblock.dll --> c:\program files\lavasoft\personal firewall\kernel\ADBLOCK.DLL [?]
S4 ARP.DLL;Lavasoft Firewall PlugIn (ARP.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\arp.dll --> c:\program files\lavasoft\personal firewall\kernel\ARP.DLL [?]
S4 CONTENT.DLL;Lavasoft Firewall PlugIn (CONTENT.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\content.dll --> c:\program files\lavasoft\personal firewall\kernel\CONTENT.DLL [?]
S4 DNSCACHE.DLL;Lavasoft Firewall PlugIn (DNSCACHE.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\dnscache.dll --> c:\program files\lavasoft\personal firewall\kernel\DNSCACHE.DLL [?]
S4 FTPFILT.DLL;Lavasoft Firewall PlugIn (FTPFILT.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\ftpfilt.dll --> c:\program files\lavasoft\personal firewall\kernel\FTPFILT.DLL [?]
S4 HTMLFILT.DLL;Lavasoft Firewall PlugIn (HTMLFILT.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\htmlfilt.dll --> c:\program files\lavasoft\personal firewall\kernel\HTMLFILT.DLL [?]
S4 HTTPFILT.DLL;Lavasoft Firewall PlugIn (HTTPFILT.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\httpfilt.dll --> c:\program files\lavasoft\personal firewall\kernel\HTTPFILT.DLL [?]
S4 IMAPFILT.DLL;Lavasoft Firewall PlugIn (IMAPFILT.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\imapfilt.dll --> c:\program files\lavasoft\personal firewall\kernel\IMAPFILT.DLL [?]
S4 LavasoftFirewall;Lavasoft Personal Firewall Service;c:\program files\lavasoft\personal firewall\lpfw.exe /service --> c:\program files\lavasoft\personal firewall\lpfw.exe  [?]
S4 MAILFILT.DLL;Lavasoft Firewall PlugIn (MAILFILT.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\mailfilt.dll --> c:\program files\lavasoft\personal firewall\kernel\MAILFILT.DLL [?]
S4 NNTPFILT.DLL;Lavasoft Firewall PlugIn (NNTPFILT.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\nntpfilt.dll --> c:\program files\lavasoft\personal firewall\kernel\NNTPFILT.DLL [?]
S4 POP3FILT.DLL;Lavasoft Firewall PlugIn (POP3FILT.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\pop3filt.dll --> c:\program files\lavasoft\personal firewall\kernel\POP3FILT.DLL [?]
S4 PROTECT.DLL;Lavasoft Firewall PlugIn (PROTECT.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\protect.dll --> c:\program files\lavasoft\personal firewall\kernel\PROTECT.DLL [?]
S4 SECRET.DLL;Lavasoft Firewall PlugIn (SECRET.DLL);\??\c:\program files\lavasoft\personal firewall\kernel\secret.dll --> c:\program files\lavasoft\personal firewall\kernel\SECRET.DLL [?]
S4 VFILT;Lavasoft Firewall Kernel Driver;\??\c:\program files\lavasoft\personal firewall\kernel\filtnt.sys --> c:\program files\lavasoft\personal firewall\kernel\FILTNT.SYS [?]

=============== Created Last 30 ================

2010-05-12 17:26:56   0   d-s---w-   C:\commy.exe
2010-05-12 11:32:20   0   d-sha-r-   C:\cmdcons
2010-05-12 06:35:28   0   d-s---w-   C:\ComboFix
2010-05-11 03:17:06   0   d-----w-   c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-05-11 03:16:59   0   d-----w-   c:\program files\SUPERAntiSpyware
2010-05-11 03:16:59   0   d-----w-   c:\docume~1\mooref~1\applic~1\SUPERAntiSpyware.com
2010-05-08 19:52:55   98816   ----a-w-   c:\windows\sed.exe
2010-05-08 19:52:55   77312   ----a-w-   c:\windows\MBR.exe
2010-05-08 19:52:55   256512   ----a-w-   c:\windows\PEV.exe
2010-05-08 19:52:55   161792   ----a-w-   c:\windows\SWREG.exe
2010-05-08 06:24:07   0   d-----w-   C:\3399b69f05089dbfd00560f2
2010-05-08 06:06:18   0   d-----w-   c:\docume~1\alluse~1\applic~1\Alwil Software
2010-05-07 19:30:27   0   d-----w-   c:\docume~1\mooref~1\applic~1\Uniblue
2010-05-07 18:51:17   26368   -c--a-w-   c:\windows\system32\dllcache\usbstor.sys
2010-05-07 07:03:16   54016   ----a-w-   c:\windows\system32\drivers\rewac.sys
2010-05-06 19:42:29   0   d-----w-   c:\program files\3ivx
2010-05-06 18:21:04   54016   ----a-w-   c:\windows\system32\drivers\cxxqtr.sys
2010-05-06 15:17:27   54016   ----a-w-   c:\windows\system32\drivers\sdfsaevy.sys
2010-05-06 14:10:24   0   d-----w-   c:\docume~1\mooref~1\applic~1\Malwarebytes
2010-05-06 14:10:16   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-06 14:10:14   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-05-06 14:10:14   0   d-----w-   c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-05-04 13:17:41   0   d-----w-   c:\docume~1\mooref~1\applic~1\Registry Mechanic
2010-05-03 02:05:36   126   ----a-w-   c:\windows\system32\mmc.exe.config
2010-04-27 05:40:16   0   d-sh--w-   C:\found.000
2010-04-24 13:39:56   126976   ----a-w-   c:\windows\system32\iavlsp.dll
2010-04-24 13:38:58   681984   ----a-w-   c:\windows\is-QMTOA.exe
2010-04-24 13:38:58   234   ----a-w-   c:\windows\is-QMTOA.lst
2010-04-24 13:38:58   10607   ----a-w-   c:\windows\is-QMTOA.msg
2010-04-24 06:02:20   206608   ----a-w-   c:\windows\system32\drivers\TMPassthru.sys
2010-04-22 18:48:51   108880   ----a-w-   c:\windows\system32\drivers\pwipf6.sys
2010-04-22 16:28:11   696832   ----a-w-   c:\windows\is-NJKBP.exe
2010-04-22 16:28:11   456   ----a-w-   c:\windows\is-NJKBP.lst
2010-04-22 16:28:11   10482   ----a-w-   c:\windows\is-NJKBP.msg
2010-04-22 15:45:23   406   ----a-w-   c:\windows\system32\ioloBootDefrag.cfg
2010-04-22 15:44:17   0   d-----w-   c:\program files\iolo
2010-04-22 15:40:24   74703   ----a-w-   c:\windows\system32\mfc45.dll
2010-04-22 15:37:42   0   d-----w-   c:\docume~1\mooref~1\applic~1\iolo
2010-04-22 15:37:42   0   d-----w-   c:\docume~1\alluse~1\applic~1\iolo
2010-04-21 16:08:42   40224   ----a-w-   c:\windows\system32\GDIPFONTCACHEV1.DAT

==================== Find3M  ====================

2010-05-12 07:10:29   507   ----a-w-   c:\program files\Shortcut to Absolutist.com.lnk
2010-05-09 21:39:18   1984   ----a-w-   c:\windows\system32\d3d9caps.dat
2010-03-10 06:15:52   420352   ----a-w-   c:\windows\system32\vbscript.dll
2010-02-25 06:24:37   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-02-19 23:47:50   3604480   ----a-w-   c:\windows\system32\GPhotos.scr
2010-02-17 14:10:28   2189952   ----a-w-   c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25:04   2066816   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2008-12-03 17:54:02   170   ----a-w-   c:\program files\1bomb.ini
2008-09-01 21:44:14   32768   --sha-w-   c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090120080902\index.dat

[FALLGUY]

        I have never been able to remove Norton. I'll try now to remove Iolo now. I really do appreciate your time with this . THANK YOU!

[SuperDave]

Download the Norton Removal Tool (SymNRT) to your desktop.

Once downloaded please close ALL open browsers, also save any work because this may require a restart.

* Go to your desktop and double click on the 'Norton_Removal_Tool' and then click Setup.
* Once open Click Next
* Accept the license agreement and click Next
* Type in the letters/numbers that you see into the text box then click Next.
* Then click Next and the tool will start running.
* Once finished restart the PC.
* Delete the 'Norton_Removal_Tool' from your desktop.

=====================================

• Please download AskRemover from here[/URL]
  
• Extract the zip file to your Desktop, then run AskRemover.bat
  
• Allow it to run, and select yes to the registry merge warning.
  
• Copy and paste the resulting log in your next post.

===================================

Add or Remove Programs

1. Click on the Windows Start button and click on the Control Panel
2. In the Control Panel window, double-click Add or Remove Programs icon.
3. When the Add or Remove Programs window has fully populated, check for Google Updater and uninstall it.

===================================
Please delete ComboFix from your desktop and download and run a new version as described in Reply #14

[FALLGUY]

Norton errors at download. Could not be saved because source file cannot be read.Ask Remover Version 1.1 - Written by Belahzur
 
The current time and date is 10:28:27.57 Fri 05/14/2010

Microsoft Windows XP [Version 5.1.2600]
 
 
==== STARTING CHECK ====
C:\Documents and Settings\moore family\Local Settings\Application Data\AskToolbar has been found!
 
==== Starting removal of Ask ====
C:\Documents and Settings\moore family\Local Settings\Application Data\AskToolbar Deleted.
 
Applying removal of Ask Toolbar registry keys.
 
==== REGISTRY DUMP ====

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
    Start Page   REG_SZ   http://www.google.com/


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
    Search Bar   REG_SZ   http://www.google.com/ie


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
    Default_Search_URL   REG_SZ   http://go.microsoft.com/fwlink/?LinkId=54896


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
    Default_Page_URL   REG_SZ   http://go.microsoft.com/fwlink/?LinkId=69157


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
    Start Page   REG_SZ   http://go.microsoft.com/fwlink/?LinkId=69157


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
    Search Bar   REG_SZ   http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm

*** The above keys may not need fixing ***
 
==== FINAL CHECK ====
 
==== EOF ====
Combo fix is still doing the same things. It begins start up and scan, then nothing or reloads desktop. The computer freezes up and I'll have to restart. I also have no internet connection immediatly after.

[SuperDave]

Ok. Let's try this. It's the only way I could get ComboFix to run on my computer and my computer was clean.

Delete your copy of ComboFix; download a fresh copy, except before you download it, rename it to blackpudding.bat

Navigate to Start --> Run, and enter the following command exactly as shown:

"%userprofile%\desktop\blackpudding.bat" /killall

See if ComboFix will run now

[FALLGUY]

I've downloaded and renamed but, how or when exactly do I enter the command. If I hit run it auto starts and has a blinking curser after it tells me what has initialized. Is this when I enter command? Because after the initial start it moves right to the scan .

[SuperDave]

I've downloaded and renamed but, how or when exactly do I enter the command. If I hit run it auto starts and has a blinking curser after it tells me what has initialized. Is this when I enter command? Because after the initial start it moves right to the scan .

You have to follow the directions. Go to Start , Run and copy and paste the command into the box. ComboFix should start.

[FALLGUY]

I've gotten it to run without the command. I'm unable to locate the log.

[SuperDave]

Go to your C: Drive and look in the ComboFix folder for a txt file.

[FALLGUY]

I found it . Had the matching dates.

[recovering disk space - old attachment deleted by admin]

[SuperDave]

Sorry. That's not it. Go to Search and put in *.txt in the search box and just scan your C: drive. It should be there.

[FALLGUY]

ComboFix 10-05-16.01 - moore family 05/16/2010  15:19:25.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.382.219 [GMT -5:00]
Running from: C:\Documents and Settings\moore family\Desktop\Blackpudding.bat.exe
AV: iolo AntiVirus® *On-access scanning disabled* (Updated) {2565CEEE-6BDB-4A6D-AD6D-F682F2695014}
AV: Webroot Internet Security Essentials *On-access scanning disabled* (Updated) {77E10C7F-2CCA-4187-9394-BDBC267AD597}
FW: Lavasoft Personal Firewall *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: Webroot Internet Security Essentials *enabled* {63671000-11A2-46DD-BADD-A084CABCDEAE}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\patch.exe
C:\WINDOWS\system32\Thumbs.db
D:\Autorun.inf

.
(((((((((((((((((((((((((   Files Created from 2010-04-16 to 2010-05-16  )))))))))))))))))))))))))))))))
.

2010-05-11 03:17:20 . 2010-05-11 03:17:20   52224   ----a-w-   C:\Documents and Settings\moore family\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-05-11 03:17:17 . 2010-05-11 03:17:17   117760   ----a-w-   C:\Documents and Settings\moore family\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-05-11 03:17:06 . 2010-05-11 03:17:06   --------   d-----w-   C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2010-05-11 03:16:59 . 2010-05-11 03:17:00   --------   d-----w-   C:\Program Files\SUPERAntiSpyware
2010-05-11 03:16:59 . 2010-05-11 03:16:59   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\SUPERAntiSpyware.com
2010-05-08 06:24:07 . 2010-05-08 06:24:19   --------   d-----w-   C:\3399b69f05089dbfd00560f2
2010-05-08 06:06:18 . 2010-05-08 06:06:18   --------   d-----w-   C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-05-07 19:30:27 . 2010-05-07 19:30:27   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\Uniblue
2010-05-07 18:51:17 . 2008-04-13 18:45:38   26368   -c--a-w-   C:\WINDOWS\system32\dllcache\usbstor.sys
2010-05-07 07:03:16 . 2010-05-07 07:03:16   54016   ----a-w-   C:\WINDOWS\system32\drivers\rewac.sys
2010-05-06 19:42:29 . 2010-05-06 19:42:29   --------   d-----w-   C:\Program Files\3ivx
2010-05-06 18:21:04 . 2010-05-06 18:21:04   54016   ----a-w-   C:\WINDOWS\system32\drivers\cxxqtr.sys
2010-05-06 15:17:27 . 2010-05-06 15:17:27   54016   ----a-w-   C:\WINDOWS\system32\drivers\sdfsaevy.sys
2010-05-06 14:10:24 . 2010-05-06 14:10:24   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\Malwarebytes
2010-05-06 14:10:16 . 2010-04-29 20:39:38   38224   ----a-w-   C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-05-06 14:10:14 . 2010-05-06 14:10:14   --------   d-----w-   C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-05-06 14:10:14 . 2010-04-29 20:39:26   20952   ----a-w-   C:\WINDOWS\system32\drivers\mbam.sys
2010-05-04 13:17:41 . 2010-05-04 13:17:41   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\Registry Mechanic
2010-05-02 05:05:49 . 2010-05-02 05:05:49   --------   d-----w-   C:\Program Files\NOS
2010-04-27 05:40:16 . 2010-04-27 05:40:16   --------   d-----w-   C:\found.000
2010-04-24 13:39:56 . 2007-07-25 13:42:20   126976   ----a-w-   C:\WINDOWS\system32\iavlsp.dll
2010-04-24 13:38:58 . 2010-04-24 13:38:58   681984   ----a-w-   C:\WINDOWS\is-QMTOA.exe
2010-04-24 06:02:20 . 2008-03-02 08:28:00   206608   ----a-w-   C:\WINDOWS\system32\drivers\TMPassthru.sys
2010-04-22 18:48:51 . 2010-02-24 13:31:24   108880   ----a-w-   C:\WINDOWS\system32\drivers\pwipf6.sys
2010-04-22 16:59:46 . 2010-04-22 16:59:46   1456   ----a-w-   C:\Documents and Settings\moore family\Application Data\iolo\restore.bat
2010-04-22 16:28:11 . 2010-04-22 16:28:11   696832   ----a-w-   C:\WINDOWS\is-NJKBP.exe
2010-04-22 15:45:02 . 2010-04-22 15:45:02   --------   d-----w-   C:\Documents and Settings\LocalService\Application Data\iolo
2010-04-22 15:44:17 . 2010-05-12 07:12:13   --------   d-----w-   C:\Program Files\iolo
2010-04-22 15:40:24 . 2010-04-22 15:40:24   74703   ----a-w-   C:\WINDOWS\system32\mfc45.dll
2010-04-22 15:37:42 . 2010-04-24 13:38:53   --------   d-----w-   C:\Documents and Settings\All Users\Application Data\iolo
2010-04-22 15:37:42 . 2010-04-22 16:59:46   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\iolo
2010-04-21 16:08:42 . 2010-04-21 17:36:37   40224   ----a-w-   C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-16 19:28:21 . 2009-08-29 04:23:27   720   ----a-w-   C:\Documents and Settings\All Users\Application Data\ArcSoft\kodak-printcreations-22-080812-oem\acforall.dll
2010-05-14 15:13:20 . 2005-08-06 16:13:00   --------   d-----w-   C:\Program Files\Google
2010-05-12 07:18:18 . 2006-08-09 22:44:10   --------   d-----w-   C:\Program Files\WildGames
2010-05-12 07:10:29 . 2010-05-12 07:10:29   507   ----a-w-   C:\Program Files\Shortcut to Absolutist.com.lnk
2010-05-12 06:30:53 . 2006-12-02 21:00:00   --------   d-----w-   C:\Documents and Settings\All Users\Application Data\WildTangent
2010-05-12 06:30:52 . 2005-11-25 01:41:17   --------   d-----w-   C:\Program Files\WildTangent
2010-05-11 02:47:42 . 2008-12-17 01:26:32   --------   d-----w-   C:\Program Files\Common Files\Wise Installation Wizard
2010-05-09 21:39:18 . 2009-03-16 01:45:09   1984   ----a-w-   C:\WINDOWS\system32\d3d9caps.dat
2010-05-09 06:30:21 . 2007-03-10 19:01:58   --------   d---a-w-   C:\Documents and Settings\All Users\Application Data\TEMP
2010-05-09 06:29:05 . 2009-05-16 16:25:11   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\Sammsoft
2010-05-06 15:34:59 . 2005-11-23 13:41:09   --------   d-----w-   C:\Program Files\Trend Micro
2010-05-03 03:01:54 . 2004-08-26 18:03:18   76487   ----a-w-   C:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
2010-05-02 05:07:29 . 2009-11-24 04:37:58   --------   d-----w-   C:\Documents and Settings\All Users\Application Data\NOS
2010-04-24 06:02:18 . 2005-08-06 16:12:21   --------   d--h--w-   C:\Program Files\InstallShield Installation Information
2010-04-23 15:09:12 . 2005-11-21 21:25:46   40224   ----a-w-   C:\Documents and Settings\moore family\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-22 19:17:24 . 2005-11-21 21:18:47   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\Webroot
2010-04-22 17:20:18 . 2010-02-24 13:32:11   164   ----a-w-   C:\WINDOWS\install.dat
2010-04-09 05:59:31 . 2010-04-08 04:45:35   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\Hoyle Casino
2010-04-08 04:46:54 . 2010-04-08 04:45:36   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\Hoyle FaceCreator
2010-03-22 16:36:28 . 2010-03-22 16:36:28   --------   d-----w-   C:\Documents and Settings\moore family\Application Data\EPSON
2010-03-10 06:15:52 . 2004-08-26 16:12:19   420352   ----a-w-   C:\WINDOWS\system32\vbscript.dll
2010-02-25 06:24:37 . 2004-08-26 16:12:21   916480   ----a-w-   C:\WINDOWS\system32\wininet.dll
2010-02-24 13:11:07 . 2004-08-26 16:12:01   455680   ----a-w-   C:\WINDOWS\system32\drivers\mrxsmb.sys
2010-02-19 23:47:50 . 2010-02-19 23:47:50   3604480   ----a-w-   C:\WINDOWS\system32\GPhotos.scr
2010-02-17 14:10:28 . 2004-08-26 16:12:06   2189952   ----a-w-   C:\WINDOWS\system32\ntoskrnl.exe
2010-02-16 13:25:04 . 2004-08-04 05:59:00   2066816   ----a-w-   C:\WINDOWS\system32\ntkrnlpa.exe
2008-12-03 17:54:02 . 2008-11-28 17:40:56   170   ----a-w-   C:\Program Files\1bomb.ini
.

------- Sigcheck -------

[-] 2006-10-19 03:47:16 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\mspmsnsv.dll
[-] 2006-10-19 03:47:16 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\dllcache\mspmsnsv.dll
[7] 2005-01-28 18:44:28 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll
[7] 2005-01-28 18:44:28 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[7] 2004-08-04 19:00:00 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2009-11-06 21:14:10   238968   ----a-w-   C:\Program Files\Webroot\Spy Sweeper\Backup\CtxMenu_1_0_0_10.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 20:46:56 28160]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 04:13:08 385024]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 16:25:37 13529088]
"nwiz"="nwiz.exe" [2008-05-16 16:25:58 1630208]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 16:25:48 86016]
"ArcSoft Connection Service"="C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 16:19:26 207360]
"Zune Launcher"="c:\Program Files\Zune\ZuneLauncher.exe" [2010-01-07 20:38:08 158448]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-10-11 10:17:36 149280]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 07:04:34 39792]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2005-12-25 450560]
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe [2007-7-9 1134592]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 15:13:36 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21:42   548352   ----a-w-   C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk]
backup=C:\WINDOWS\pss\BigFix.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLCC
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gcasServ
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UWA6P_0001_N56M1011
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pure Networks Port Magic

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-02-01 04:13:08   385024   ----a-w-   C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
2002-09-14 06:42:26   212992   ----a-w-   C:\WINDOWS\SMINST\Recguard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-03 03:24:46   32768   ----a-w-   C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-04-15 18:01:46   77824   ----a-w-   C:\WINDOWS\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
2009-11-06 18:00:22   4048240   ----a-w-   C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
2004-11-15 22:04:32   135168   ----a-w-   C:\Program Files\Digital Media Reader\shwiconEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"AOL TopSpeedMonitor"=2 (0x2)
"AOL ACS"=3 (0x3)
"LavasoftFirewall"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\E_DUPA30.EXE"=
"C:\\WINDOWS\\system32\\mmc.exe"=

R0 ssfs0bbc;ssfs0bbc;C:\WINDOWS\system32\drivers\ssfs0bbc.sys [11/6/2009 1:00:34 PM 29808]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25:50 AM 12872]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [4/27/2010 5:30:10 PM 61440]
R2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [4/22/2010 10:44:45 AM 704432]
R2 ioloSystemService;iolo System Service;C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [4/22/2010 10:44:45 AM 704432]
R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [12/24/2006 9:36:54 PM 2368]
R2 WRConsumerService;Webroot Client Service;C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [2/24/2010 8:39:56 AM 1201640]
S3 DCamUSBSTK017;STK017 Camera;C:\WINDOWS\system32\DRIVERS\STK017W2.sys --> C:\WINDOWS\system32\DRIVERS\STK017W2.sys [?]
S3 PRISM_USB;D-Link Air DWL-121 Wireless USB Adapter Driver;C:\WINDOWS\system32\drivers\PRISMUSB.sys [4/10/2003 6:43:14 PM 636416]
S4 ADBLOCK.DLL;Lavasoft Firewall PlugIn (ADBLOCK.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\ADBLOCK.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\ADBLOCK.DLL [?]
S4 ARP.DLL;Lavasoft Firewall PlugIn (ARP.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\ARP.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\ARP.DLL [?]
S4 CONTENT.DLL;Lavasoft Firewall PlugIn (CONTENT.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\CONTENT.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\CONTENT.DLL [?]
S4 DNSCACHE.DLL;Lavasoft Firewall PlugIn (DNSCACHE.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\DNSCACHE.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\DNSCACHE.DLL [?]
S4 FTPFILT.DLL;Lavasoft Firewall PlugIn (FTPFILT.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\FTPFILT.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\FTPFILT.DLL [?]
S4 HTMLFILT.DLL;Lavasoft Firewall PlugIn (HTMLFILT.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\HTMLFILT.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\HTMLFILT.DLL [?]
S4 HTTPFILT.DLL;Lavasoft Firewall PlugIn (HTTPFILT.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\HTTPFILT.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\HTTPFILT.DLL [?]
S4 IMAPFILT.DLL;Lavasoft Firewall PlugIn (IMAPFILT.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\IMAPFILT.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\IMAPFILT.DLL [?]
S4 LavasoftFirewall;Lavasoft Personal Firewall Service;C:\Program Files\Lavasoft\Personal Firewall\lpfw.exe /service --> C:\Program Files\Lavasoft\Personal Firewall\lpfw.exe  [?]
S4 MAILFILT.DLL;Lavasoft Firewall PlugIn (MAILFILT.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\MAILFILT.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\MAILFILT.DLL [?]
S4 NNTPFILT.DLL;Lavasoft Firewall PlugIn (NNTPFILT.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\NNTPFILT.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\NNTPFILT.DLL [?]
S4 POP3FILT.DLL;Lavasoft Firewall PlugIn (POP3FILT.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\POP3FILT.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\POP3FILT.DLL [?]
S4 PROTECT.DLL;Lavasoft Firewall PlugIn (PROTECT.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\PROTECT.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\PROTECT.DLL [?]
S4 SECRET.DLL;Lavasoft Firewall PlugIn (SECRET.DLL);\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\SECRET.DLL --> C:\Program Files\Lavasoft\Personal Firewall\kernel\SECRET.DLL [?]
S4 VFILT;Lavasoft Firewall Kernel Driver;\??\C:\Program Files\Lavasoft\Personal Firewall\kernel\FILTNT.SYS --> C:\Program Files\Lavasoft\Personal Firewall\kernel\FILTNT.SYS [?]
.
Contents of the 'Scheduled Tasks' folder

2010-05-16 C:\WINDOWS\Tasks\User_Feed_Synchronization-{44D56DA0-8592-45E9-8550-9C3F50037BE7}.job
- C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 17:58:32 . 2009-03-08 09:31:54]

2010-05-07 C:\WINDOWS\Tasks\wrSpySweeper_L84A4C5C417F546BD84C9795BFE5C1E67.job
- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2006-08-15 04:16:41 . 2009-11-06 21:19:58]

2010-05-07 C:\WINDOWS\Tasks\wrSpySweeper_L84A4C5C417F546BD84C9795BFE5C1E67.job
- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2006-08-15 04:16:41 . 2009-11-06 21:19:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &AOL Toolbar search - C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - C:\Documents and Settings\moore family\Application Data\Mozilla\Firefox\Profiles\1ad26hkf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=4&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?rls=ig&hl=en&source=iglk
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=WBR&o=13993&locale=en_US&q=
FF - prefs.js: network.proxy.type - 2
FF - plugin: C:\Program Files\Google\Picasa3\npPicasa2.dll
FF - plugin: C:\Program Files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\Program Files\Sony\Media Go\npmediago.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
user_pref('capability.policy.policynames', 'localfilelinks');user_pref('capability.policy.localfilelinks.sites', 'hxxp://www.webmynd.com http://www.google.com');user_pref('capability.policy.localfilelinks.checkl oaduri.enabled', 'allAccess');C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
C:\Program Files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_ everywhere__temporarily_available_pref", true);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_a s_broken", false);
C:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-@OnlineArmor GUI - C:\Program Files\Tall Emu\Online Armor\oaui.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-svcWRSSSDK
MSConfigStartUp-lxccmon - (no file)
MSConfigStartUp-MSMSGS - C:\Program Files\Messenger\msmsgs.exe
AddRemove-Advanced Registry Optimizer_is1 - C:\Program Files\Advanced Registry Optimizer\unins000.exe
AddRemove-avast5 - C:\Program Files\Alwil Software\Avast5\aswRunDll.exe
AddRemove-Game Console - WildGames - C:\Program Files\WildGames\Game Console - WildGames\Uninstall.exe
AddRemove-OnlineArmor_is1 - C:\Program Files\Tall Emu\Online Armor\unins000.exe
AddRemove-ViewpointMediaPlayer - C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe
AddRemove-WildTangent CDA - C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
AddRemove-WT083664 - C:\Program Files\WildGames\Plants vs. Zombies\Uninstall.exe


Is this it?