Internet, google earth won't connect

Safari, IE, google earth won't connect to Internet, however I can use skype. This has occured after I removed antivirus system pro virus! Does anyone have an idea what I can do to remedy this, I would appreciate some help!

Please download the current version of HijackThis from HERE

• Double click and run the installer.
  
• It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  
• After installing, you should get the user agreement, press accept and Hijack This will run.
  
• Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.
  

Thanks I'll have to download it and transfer it on a flash drive. Will this still work? I hope so, as I am thinking about a sledge hammer might fix it. I will be able to do this when I get home from work at about 7, then hopefully I wll have sucess. Thanks for the speedy reply!

Hello.
Hijack This both scans and removes, but we need a log first because Hijack This also lists legit (non-malicious) items and removing those can have bad results.

thanks, just got home, gonna install on my pc then post results. thanks again.

ok here is the log file from hijack


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:25:37 PM, on 9/15/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\trlrm\RMHSvc.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\vVX3000.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Trlokom IE Toolbar - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files\SpyWall\TrlIETool.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Trlokom IE Toolbar - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files\SpyWall\TrlIETool.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\sslaunch.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Trlokom Central Management Helper 1.4.1 0 (trlokom_rmhsvc) - Trlokom, Inc. - C:\WINDOWS\trlrm\RMHSvc.exe
O23 - Service: Windows MSI - Unknown owner - \\?\globalrootC:\WINDOWS\system32\msihost.exe (file missing)

--
End of file - 11619 bytes

Any ideas?

Hello.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
  O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  O23 - Service: Windows MSI - Unknown owner - \\?\globalrootC:\WINDOWS\system32\msihost.exe (file missing)
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Thank you, I will try this when I get home from work. Thanks again

I'm stressed, now when I restarted computer it says I have little/ limited connectivity to Internet. Also norton pops up with a window stating that tcp/ip is not installed???????? What is going on! A appreciate all the help thus far. Malwarebytes is installed but when I double click it it won't open ?

Hello.
Try this. Go to Start > Run. In the Run box, type in the following:

netsh winsock reset

Hit enter, then reboot.

Hello.

• Download combofix from here
  Link 1
  Link 2
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

Thank you I will do this Thursday after work as I have to be up at 4 am

thanks for all the help thus far, here is the combofix log file.



ComboFix 09-09-17.04 - HP_Owner 09/17/2009 20:57.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.3191.2699 [GMT -4:00]
Running from: K:\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\HP_Owner\Application Data\Microsoft\profile.dat
c:\program files\meoqdr
c:\program files\meoqdr\cbtxsysguard.exe
c:\windows\Installer\5204cbe.msi
c:\windows\mark_32.dll
c:\windows\system32\drivers\ESQULdeyljapvucnrnpyrgquodtawysdhpwmp.sys
c:\windows\system32\ESQULvjejbodqjqviyoyjcvjdkamxeayxodtr.dll
c:\windows\system32\ESQULwoyopqfvtkxkphltirvbmadorxtgsvqm.dll
c:\windows\system32\ps2.bat
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ESQULserv.sys
-------\Legacy_ESQULserv.sys
-------\Legacy_IPRIP
-------\Legacy_WINDOWS_MSI
-------\Service_Iprip
-------\Service_Windows MSI
-------\Service_ESQULserv.sys


((((((((((((((((((((((((( Files Created from 2009-08-18 to 2009-09-18 )))))))))))))))))))))))))))))))
.

2009-09-16 23:48 . 2009-09-16 23:48 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Sonic
2009-09-16 22:10 . 2009-08-03 17:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-16 22:10 . 2009-09-16 22:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-16 22:10 . 2009-08-03 17:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-16 21:26 . 2009-09-16 21:26 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-09-16 01:24 . 2004-08-04 07:00 18944 ----a-w- c:\windows\system32\simptcp.dll
2009-09-16 01:24 . 2004-08-04 07:00 18944 ----a-w- c:\windows\system32\dllcache\simptcp.dll
2009-09-16 01:24 . 2004-08-04 07:00 35328 ----a-w- c:\windows\system32\iprip.dll
2009-09-16 01:24 . 2004-08-04 07:00 35328 ----a-w- c:\windows\system32\dllcache\iprip.dll
2009-09-15 22:25 . 2009-09-15 22:25 -------- d-----w- c:\program files\Trend Micro
2009-09-14 23:42 . 2009-09-15 00:47 12032 ----a-w- c:\windows\system32\iehelper.dll.ren
2009-09-13 17:44 . 2009-09-14 16:22 -------- d-----w- C:\$AVG8.VAULT$
2009-09-13 17:35 . 2009-09-13 17:35 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-13 17:35 . 2009-09-13 17:35 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-09-13 17:35 . 2009-09-13 17:35 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-13 17:35 . 2009-09-13 17:35 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-09-13 17:35 . 2009-09-15 21:06 -------- d-----w- c:\windows\system32\drivers\Avg
2009-09-13 17:35 . 2009-09-13 17:35 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-09-13 17:35 . 2009-09-14 22:43 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-09-13 17:35 . 2009-09-13 17:35 -------- d-----w- c:\program files\AVG
2009-09-13 17:26 . 2009-09-13 17:26 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\AVG8
2009-09-13 17:20 . 2009-09-13 17:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-09-13 17:20 . 2009-09-13 17:20 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\SUPERAntiSpyware.com
2009-09-13 17:20 . 2009-09-13 17:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-11 23:19 . 2009-09-11 23:19 -------- d-----w- c:\program files\Common Files\LightScribe
2009-09-11 23:11 . 2009-09-11 23:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-11 21:30 . 2009-09-11 21:30 186880 ----a-w- c:\windows\system32\drivers\trlkprot.sys
2009-09-11 21:30 . 2009-09-11 21:30 -------- d-----w- c:\windows\trlrm
2009-09-11 21:30 . 2009-09-16 00:12 36 ---h--r- c:\windows\sued.dat
2009-09-11 21:30 . 2009-09-16 00:12 -------- d-----w- c:\program files\SpyWall
2009-09-09 23:09 . 2009-09-09 23:09 -------- d-----w- c:\program files\iPod
2009-09-09 23:08 . 2009-09-09 23:10 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-09 23:05 . 2009-09-09 23:06 -------- d-----w- c:\program files\QuickTime
2009-09-08 23:52 . 2009-09-08 23:52 -------- d-----w- c:\documents and settings\NetworkService\Application Data\AdobeUM
2009-09-08 23:52 . 2009-09-08 23:52 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2009-09-06 00:13 . 2009-09-06 00:16 3012 ----a-w- C:\drmHeader.bin
2009-09-04 18:36 . 2009-09-04 19:13 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\tctemp
2009-09-04 18:34 . 2001-08-18 02:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-09-04 18:34 . 2004-08-04 04:56 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-09-04 16:31 . 2009-09-04 16:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Azureus
2009-09-04 16:30 . 2009-09-11 14:26 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Azureus
2009-09-04 15:15 . 2009-09-04 15:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Macrovision
2009-09-04 15:02 . 2007-04-18 12:51 2113536 ----a-w- c:\windows\system32\python25.dll
2009-09-04 15:01 . 2009-09-04 16:09 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\ESRI
2009-09-04 14:50 . 2009-09-04 18:12 -------- d-----w- c:\program files\Common Files\ESRI
2009-09-04 14:49 . 2009-09-04 15:02 -------- d-----w- C:\Python25
2009-08-30 15:59 . 2009-08-30 15:59 -------- d-----w- c:\documents and settings\All Users\Application Data\espionServerData
2009-08-30 15:56 . 2009-08-30 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-08-30 15:55 . 2009-08-30 15:55 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-08-30 15:17 . 2009-09-04 18:18 -------- d-----w- C:\flexlm
2009-08-30 15:17 . 2009-08-30 15:17 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-08-30 15:14 . 2009-08-30 15:14 -------- d-----w- c:\program files\SafeNet Sentinel
2009-08-30 15:14 . 2009-08-30 15:14 -------- d-----w- c:\program files\Common Files\SafeNet Sentinel
2009-08-29 22:09 . 2009-08-30 12:01 -------- d-----w- c:\program files\uTorrent Ultra Accelerator
2009-08-29 21:21 . 2009-08-29 21:21 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\WinZip
2009-08-29 21:20 . 2009-08-29 21:22 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-08-29 20:48 . 2009-08-29 20:48 -------- d-----w- c:\windows\system32\LogFiles
2009-08-29 20:37 . 2009-08-29 20:37 -------- d-----w- c:\program files\PFPortChecker
2009-08-29 14:20 . 2009-08-29 15:22 -------- d-----w- c:\program files\PFConfig
2009-08-28 23:08 . 2009-08-28 23:08 -------- d--h--w- c:\windows\PIF
2009-08-28 22:03 . 2009-08-28 22:04 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\Temp
2009-08-28 22:03 . 2009-08-28 22:03 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-08-28 22:03 . 2009-08-29 20:54 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\Google
2009-08-28 22:03 . 2009-08-29 20:54 -------- d-----w- c:\program files\Google
2009-08-28 21:56 . 2009-08-28 21:56 -------- d-----w- c:\program files\Google Earth Pro 4.2
2009-08-28 21:56 . 2009-08-28 21:56 -------- d-----w- c:\windows\Google Earth Pro 4.2
2009-08-28 19:58 . 2009-08-28 19:58 -------- d-----w- c:\program files\Common Files\Corel
2009-08-28 19:58 . 2009-08-28 19:58 -------- d-----w- c:\program files\Corel
2009-08-28 19:40 . 2009-09-09 23:34 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\Corel
2009-08-28 19:40 . 2009-09-09 23:34 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-08-28 19:40 . 2009-08-28 19:59 88 --sh--r- c:\windows\system32\B930CA19A1.sys
2009-08-28 19:39 . 2009-08-28 19:59 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Corel
2009-08-28 19:39 . 2009-08-28 19:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
2009-08-25 01:17 . 2009-08-25 01:17 -------- d-----w- c:\program files\LightScribe
2009-08-25 00:55 . 2009-08-25 00:55 -------- d-----w- c:\program files\SymNetDrv
2009-08-23 21:37 . 2009-08-25 01:29 -------- d-----w- C:\Temp
2009-08-23 21:37 . 2008-05-20 09:59 1570816 ----a-w- c:\temp\TSDNWIN.exe
2009-08-23 21:37 . 2008-05-08 17:58 1048576 ----a-w- c:\temp\autorun.bin
2009-08-23 20:45 . 2009-08-23 20:45 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\WinBatch
2009-08-23 20:27 . 2009-08-23 20:27 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Motive
2009-08-23 20:16 . 2009-08-23 20:16 -------- d-----w- c:\program files\LightScribe Diagnostic Utility
2009-08-23 15:28 . 2006-03-17 18:49 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-08-23 15:28 . 2006-03-17 15:45 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-08-23 15:28 . 2006-03-17 15:45 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-08-23 15:28 . 2009-08-23 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-08-23 15:28 . 2006-03-17 15:45 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-08-23 15:28 . 2006-03-17 15:45 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-08-23 15:28 . 2009-08-23 15:28 -------- d-----w- c:\program files\Common Files\Nero
2009-08-23 15:21 . 2009-09-04 13:17 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\WinAVI
2009-08-23 15:21 . 2009-08-23 15:21 -------- d-----w- c:\program files\WinAVI Video Converter
2009-08-23 15:21 . 2006-10-26 23:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-08-23 15:18 . 2009-08-23 15:18 -------- d-----w- c:\program files\Microsoft.NET
2009-08-23 15:15 . 2009-08-23 15:15 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-08-23 15:14 . 2009-08-23 15:14 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\Microsoft Help
2009-08-23 15:14 . 2009-08-23 15:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-08-22 21:28 . 2009-08-30 16:02 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\Adobe
2009-08-22 21:28 . 2009-08-22 21:28 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\AdobeUM
2009-08-22 21:28 . 2009-08-30 15:55 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-22 19:30 . 2009-08-22 19:30 -------- d-----w- c:\program files\DvidPL
2009-08-22 07:05 . 2009-08-22 07:05 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-22 07:04 . 2009-08-22 07:04 -------- d-----w- c:\program files\MSBuild
2009-08-22 07:04 . 2009-08-22 07:04 -------- d-----w- c:\program files\Reference Assemblies
2009-08-22 07:04 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-22 07:04 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-22 07:04 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-22 07:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-22 07:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-22 07:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-22 07:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-22 07:04 . 2009-08-28 20:18 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-22 07:01 . 2009-08-22 07:01 -------- d-----w- c:\program files\MSXML 6.0
2009-08-21 10:53 . 2005-11-09 14:00 462848 ----a-w- c:\windows\system32\HHActiveX.dll
2009-08-21 10:53 . 2005-11-09 14:00 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-08-21 10:51 . 2009-08-21 10:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Droppix
2009-08-21 03:27 . 2009-08-23 19:45 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2009-08-21 03:04 . 2009-08-21 03:04 -------- d-----w- c:\documents and settings\HP_Owner\Local Settings\Application Data\MicroVision Applications
2009-08-21 01:51 . 2009-08-21 01:51 -------- d-----w- c:\program files\NCH Software
2009-08-21 01:30 . 2009-08-21 01:30 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-08-21 01:30 . 2009-08-21 01:30 -------- d-----w- c:\program files\NCH Swift Sound
2009-08-21 01:30 . 2009-08-21 01:30 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\NCH Swift Sound
2009-08-19 22:09 . 2009-09-13 17:02 1324 ----a-w- c:\windows\system32\d3d9caps.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-18 01:05 . 2009-08-15 16:12 12 ----a-w- c:\windows\bthservsdp.dat
2009-09-18 00:50 . 2009-08-18 01:50 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Skype
2009-09-18 00:39 . 2005-05-27 00:27 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-09-18 00:29 . 2009-08-18 01:52 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\skypePM
2009-09-16 23:01 . 2009-08-15 15:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-16 01:06 . 2009-08-15 17:58 -------- d-----w- c:\program files\Linksys
2009-09-16 00:57 . 2009-09-16 00:57 3 ----a-w- c:\program files\option.txt
2009-09-15 03:41 . 2009-08-15 05:08 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\uTorrent
2009-09-15 02:35 . 2009-08-15 04:57 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Apple Computer
2009-09-14 23:58 . 2005-05-27 00:15 -------- d-----w- c:\program files\Easy Internet signup
2009-09-11 19:35 . 2009-08-15 19:17 -------- d-----w- c:\program files\DivX
2009-09-11 19:34 . 2009-08-15 19:17 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-09-09 23:10 . 2009-08-15 01:21 -------- d-----w- c:\program files\iTunes
2009-09-09 23:09 . 2009-08-15 01:20 -------- d-----w- c:\program files\Common Files\Apple
2009-09-04 18:34 . 2009-08-15 01:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-09-04 15:53 . 2009-08-15 16:43 113888 ----a-w- c:\documents and settings\HP_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-04 15:34 . 2009-08-15 01:27 79016 ---ha-w- c:\windows\system32\mlfcache.dat
2009-08-25 01:29 . 2009-08-15 01:26 -------- d-----w- c:\program files\Safari
2009-08-25 00:57 . 2005-05-27 00:29 -------- d-----w- c:\program files\Norton Internet Security
2009-08-25 00:55 . 2005-05-27 00:27 -------- d-----w- c:\program files\Symantec
2009-08-18 01:52 . 2009-08-18 01:52 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-08-18 01:49 . 2009-08-18 01:49 -------- d-----w- c:\program files\Common Files\Skype
2009-08-18 01:49 . 2009-08-18 01:49 -------- d-----r- c:\program files\Skype
2009-08-18 01:49 . 2009-08-18 01:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-08-16 21:34 . 2009-08-16 21:33 26750 ----a-w- c:\windows\~DFA10.tmp
2009-08-16 17:49 . 2005-05-27 00:02 -------- d-----w- c:\program files\Microsoft Works
2009-08-16 17:17 . 2009-08-16 17:16 -------- d-----w- c:\program files\EasyDVDClone
2009-08-16 07:00 . 2009-08-16 07:00 -------- d-----w- c:\program files\MSXML 4.0
2009-08-15 21:37 . 2009-08-15 21:37 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\DivX
2009-08-15 19:20 . 2009-08-15 19:20 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\InterVideo
2009-08-15 19:11 . 2009-08-15 04:57 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Symantec
2009-08-15 18:12 . 2009-08-15 18:12 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Leadertech
2009-08-15 17:33 . 2009-08-15 17:26 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2009-08-15 17:33 . 2009-08-15 17:33 -------- d-----w- c:\program files\EPSON
2009-08-15 16:57 . 2009-08-15 16:42 -------- d-----w- c:\program files\Wide Angle Software
2009-08-15 16:28 . 2009-08-15 16:28 -------- d-----w- c:\program files\Boilsoft Video Splitter
2009-08-15 16:25 . 2009-08-15 16:25 -------- d-----w- c:\program files\Boilsoft Video Joiner
2009-08-15 16:24 . 2009-08-15 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Movavi VideoSuite 5
2009-08-15 16:23 . 2009-08-15 16:23 -------- d-----w- c:\program files\Movavi VideoSuite 5
2009-08-15 16:11 . 2009-08-15 16:08 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
2009-08-15 16:08 . 2009-08-15 16:08 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-08-15 15:28 . 2009-08-15 15:28 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\dvdcss
2009-08-15 05:08 . 2009-08-15 05:08 -------- d-----w- c:\program files\uTorrent
2009-08-15 04:57 . 2009-08-15 04:57 1861 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_PS583AA-ABA a1020n_YC_0Pavi_QMXF522_E52NAheBLU2_47_IGoldfish3_SASUSTeK Computer INC._V1.xx_B3.20_T050331_WXH2_L409_M3192_J1000_7Intel_8Pentium 4_93.06_#090815_N10EC8139_Z11C1048C_G80862582.MRK
2009-08-15 01:27 . 2009-08-15 01:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-15 01:27 . 2005-05-26 23:37 -------- d-----w- c:\program files\Java
2009-08-15 01:21 . 2009-08-15 01:21 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-15 01:21 . 2009-08-15 01:21 -------- d-----w- c:\program files\Bonjour
2009-06-26 21:21 . 2009-06-26 21:21 96256 ----a-w- c:\windows\VX3000.dll
2009-06-26 21:21 . 2009-06-26 21:21 671744 ----a-w- c:\windows\system32\LCCoin30.dll
2009-06-26 21:21 . 2009-06-26 21:21 1956352 ----a-w- c:\windows\system32\drivers\VX3000.sys
2009-06-26 21:21 . 2009-06-26 21:21 757248 ----a-w- c:\windows\vVX3000.exe
2009-06-26 21:21 . 2009-06-26 21:21 222720 ----a-w- c:\windows\vVX3000.dll
2009-06-26 21:21 . 2009-06-26 21:21 170496 ----a-w- c:\windows\system32\cVX3000.dll
2009-06-26 16:18 . 2009-08-15 04:16 659456 ----a-w- c:\windows\system32\wininet.dll
2009-06-26 16:18 . 2009-08-15 04:12 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-06-25 08:44 . 2009-08-15 04:16 59392 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:44 . 2009-08-15 04:16 56320 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:44 . 2009-08-15 04:16 168448 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:44 . 2009-08-15 04:15 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:44 . 2009-08-15 04:12 298496 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:44 . 2004-08-04 11:00 724480 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-22 11:34 . 2004-08-04 18:00 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-07-16 25604904]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-11-02 126976]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-05-26 180269]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 58984]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"VX3000"="c:\windows\vVX3000.exe" [2009-06-26 757248]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2007-01-29 507904]
"FinePrint Dispatcher v5"="c:\windows\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2008-04-18 520192]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"Symantec NetDriver Monitor"="c:\progra~1\SYMNET~1\SNDMon.exe" [2009-08-25 100056]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-09 305440]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-13 2007832]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" - c:\windows\system32\Hdaudpropshortcut.exe [2004-03-18 61952]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-06-29 88363]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-10-13 77824]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\ALCWZRD.EXE [2004-10-13 2742272]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-04 110592]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-5 258048]
SpySubtract.lnk - c:\program files\InterMute\SpySubtract\sslaunch.exe [2005-5-26 73728]
Updates from HP.lnk - c:\program files\Updates from HP\309731\Program\Updates from HP.exe [2005-5-26 45056]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-13 17:35 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\docume~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.exe \??\c:\docume~1\ALLUSE~1\APPLIC~1\SPYWAR~1\sp_rsdel.dat

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\PFPortChecker\\PFPortChecker.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\trlrm\\RMHSvc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Safari\\Safari.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9/13/2009 1:35 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9/13/2009 1:35 PM 108552]
R1 trlkprot;Trlokom Application scan driver;c:\windows\system32\drivers\trlkprot.sys [9/11/2009 5:30 PM 186880]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 12:03 PM 169312]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [9/13/2009 1:35 PM 297752]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/28/2009 6:03 PM 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-09-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 22:03]

2009-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 22:03]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -

ShellExecuteHooks-{FA010552-4A27-4cb1-A1BB-3E2D697F1639} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-17 21:06
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(712)
c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(4980)
c:\docume~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\msi.dll
c:\windows\system32\hnetcfg.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Symantec Shared\CCPROXY.EXE
c:\program files\Common Files\Symantec Shared\CCSETMGR.EXE
c:\program files\Norton Internet Security\ISSVC.exe
c:\program files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
c:\program files\Common Files\Symantec Shared\SNDSrvc.exe
c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\program files\Common Files\Symantec Shared\CCEVTMGR.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\PSIService.exe
c:\program files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\system32\snmp.exe
c:\windows\trlrm\RMHSvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\Symantec Shared\Security Center\symwsc.exe
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\InterMute\SpySubtract\SpySub.exe
.
**************************************************************************
.
Completion time: 2009-09-18 21:11 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-18 01:10

Pre-Run: 659,921,702,912 bytes free
Post-Run: 660,091,109,376 bytes free

379 --- E O F --- 2009-09-16 01:09

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?

Ok, did that as above. When done Internet still doesn't work. Email doesn't work. Restarted and norto still pops up and says" tcp/ip is not installed.disable email scanning in your symantec product options or install tcp/ip".
What gives????